How to Create Apache Virtual Host on Ubuntu 24.04
The Apache web server delivers web applications using virtual host configurations on your server. The default virtual host listens for incoming connections using all server IP addresses on the default HTTP port 80. Follow the steps below to disable the default virtual host and create a new virtual host to listen for connection requests using your domain on the default HTTP port 80.
1. Create a new Apache virtual host configuration file in the /etc/apache2/sites-available/ directory using a text editor such as nano. For example, website.conf.
sudo nano /etc/apache2/sites-available/website.conf2. Add the following contents to the file. Replace app.example.com with your domain and webmaster@example.com with your web administrator email.
<VirtualHost *:80>
ServerAdmin webmaster@example.com
ServerName app.example.com
DocumentRoot /var/www/html/website
DirectoryIndex index.html index.php
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/html/website>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>Save and close the file.
The above Apache configuration creates a new virtual host that delivers web application files from the /var/www/html/website directory using your domain app.example.com. Within the configuration:
<VirtualHost *:80>: Sets the virtual host listening address. The value80enables the HTTP port80.ServerAdmin webmaster@example.com: Specifies the web server administrator email address to send critical errors and alerts.ServerName example.com: Sets the virtual host domain to use for delivering web applications on your server.DocumentRoot /var/www/html/website: Sets the virtual host web root directory that contains the web application files to serve on your domain.DirectoryIndex index.html: Specifies the default index web application file to serve when the virtual host domainapp.example.comis accessed.ErrorLog ${APACHE_LOG_DIR}/error.log: Sets a custom log file to store your virtual host error logs.CustomLog ${APACHE_LOG_DIR}/access.log combined: Sets the virtual host access log file location using the combined log format.<Directory /var/www/html/example>: Defines the configurations to apply on the web root directory requests.Options Indexes FollowSymLinks: Allows directory listingIndexesand symbolic linksFollowSymLinks.AllowOverride All: Allows.htaccessfiles to override the Apache virtual host configurations.Require all granted: Allows all domain users to access the web root directory files.
3. Disable the default Apache virtual host configuration.
sudo nano /etc/apache2/sites-available/website.conf4. Enable the new Apache virtual host configuration.
sudo a2ensite website5. Test the Apache configuration for errors.
sudo apachectl configtestOutput:
Syntax OK
6. Create the web root directory /var/www/html/website referenced in your virtual host configuration.
sudo mkdir -p /var/www/html/website7. Create a new sample HTML application index.html file in the web root directory.
sudo nano /var/www/html/website/index.html8. Add the following contents to the file.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Apache Web Server</title>
</head>
<body>
<h1>Greetings from Vultr</h1>
</body>
</html>Save and close the file.
The above HTML code displays Greetings from Vultr message when the application is accessed using your virtual host domain app.example.com
9. Grant the web server user and group www-data ownership privileges to the /var/www/html/website web root directory.
sudo chown -R www-data:www-data /var/www/html/website10. Restart the Apache web server to apply your configuration changes.
sudo mkdir -p /var/www/html/websiteSecure the Apache Web Server
The Apache web server listens for connection requests on the HTTP port 80 by default. HTTP enables unencrypted requests between your web server and a user’s browser. HTTPS enables encrypted connections using valid SSL certificates to authenticate the web server with the user’s browser. Follow the steps below to secure the Apache web server with trusted Let’s Encrypt SSL certificates to enable encrypt network connections and forward all HTTP requests to HTTPS.
1. Install the Certbot Let’s Encrypt client package using the Snap package manager.
sudo snap install certbot --classic2. Request a new Let’s Encrypt SSL certificate on your server using your virtual host domain. Replace app.example.com with your actual domain and hello@example.com with your email address.
sudo certbot --apache --agree-tos --redirect -d app.example.com -m hello@example.comYour output should be similar to the one below when successful.
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/app.example.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/app.example.com/privkey.pem
This certificate expires on 2024-10-15.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for app.example.com to /etc/apache2/sites-available/website-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https://app.example.com3. Test the Certbot SSL certificate renewal process.
sudo certbot renew --dry-runOutput:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing /etc/letsencrypt/renewal/publishqueue.ddns.net.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Account registered. Simulating renewal of an existing certificate for publishqueue.ddns.net - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations, all simulated renewals succeeded: /etc/letsencrypt/live/publishqueue.ddns.net/fullchain.pem (success) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4. Restart the Apache web server to apply your SSL configuration changes.
sudo mkdir -p /var/www/html/websiteSet Up Firewall Rules
Uncomplicated Firewall (UFW) is active and enabled on Vultr Ubuntu 24.04 servers by default. Follow the steps below to configure the UFW utility and allow network connections using the Apache web server firewall profile.
- List all available UFW application profiles.
sudo nano /var/www/html/website/index.htmlVerify that the default Apache profile apache is available similar to the following output:
Apache
Apache Full
Apache Secure
OpenSSH2. Allow the Apache Full profile to enable both HTTP port 80 and HTTPS port 443 connections through the firewall.
sudo apt install apache2 -y3. Reload UFW to apply the firewall changes.
sudo ufw reload4. View the firewall status and verify that the new rules are available.
sudo ufw status
Output:
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
Apache Full ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
Apache Full (v6) ALLOW Anywhere (v6)
5. Access your virtual host domain app.example.com in a new web browser window and verify that Apache serves your HTML application with a Greetings from Vultr message.
https://app.example.com
You have installed the Apache web server on an Ubuntu 24.04 server. Apache enables you to host static websites and integrate with dynamic content processors such as PHP to serve modern web applications such as WordPress on your server. In addition, you can use the Apache web server as a reverse proxy to securely deliver your backend services using the mod_proxy extension on your server.
Ref: How to Install Apache Web Server on Ubuntu 24.04 | Vultr Docs
