Nginx | Apache – common commands

/ code-commands, SprUng, KEEPERS, CODE-NOW-NOW-NOW / 1 minute of reading

Autostart Nginx / Apache

Enable NGINX to Start on Boot

Run the following command on your proxy server (`192.168.1.44`):


  sudo systemctl enable nginx


This ensures that NGINX will automatically start on boot. You can verify it’s enabled by checking the status: 


  sudo systemctl is-enabled nginx


  • Apache is installed and running:

    sudo systemctl status httpd

    If it’s not running, start it:

    sudo systemctl start httpd
sudo systemctl enable httpd

  • Apache logs are writing to /var/log/httpd or /apache-logs as expected.

Ensure the MariaDB service is running:

sudo systemctl status mariadb

  • If it's not running, start it:

    sudo systemctl start mariadb
nginxApachemore ...

Nginx – Common Commands + File Locations

 

1. Basic Proxy Setup

This configuration forwards client requests to an upstream server.



server {
listen 80;
server_name example.com;

location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

2. Enabling SSL

To enable SSL, you need to add SSL directives in the server block. Assume you have an SSL certificate from Let’s Encrypt.



server {
listen 443 ssl;
server_name example.com;

ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;

location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

3. Redirecting HTTP to HTTPS

You can redirect all HTTP traffic to HTTPS to ensure secure connections.



server {
listen 80;
server_name example.com;

return 301 https://$host$request_uri;
}

4. Configuring Upstreams

For load balancing or defining upstream servers, use an upstream block.



upstream backend {
server 127.0.0.1:8080;
server 127.0.0.1:8081;
}

server {
listen 443 ssl;
server_name example.com;

ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

location / {
proxy_pass http://backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

5. Proxy Timeouts

Set timeouts for slow connections.



server {
listen 443 ssl;
server_name example.com;

ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

location / {
proxy_pass http://127.0.0.1:8080;
proxy_read_timeout 60s;
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
send_timeout 60s;
}
}

6. Caching with Proxy

Enable caching for proxied responses.



proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m inactive=60m;
proxy_cache_key "$scheme$request_method$host$request_uri";

server {
listen 443 ssl;
server_name example.com;

ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

location / {
proxy_cache my_cache;
proxy_cache_valid 200 1h;
proxy_cache_valid 404 1m;
proxy_pass http://127.0.0.1:8080;
}
}

7. Passing Additional Headers

Pass custom headers to the upstream server.



server {
listen 443 ssl;
server_name example.com;

ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header X-My-Custom-Header "MyValue";
}
}

8. Serving Static Content with Proxy

You can serve static files directly and proxy other requests.



server {
listen 443 ssl;
server_name example.com;

ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

location /static/ {
root /var/www/example.com;
}

location / {
proxy_pass http://127.0.0.1:8080;
}
}

9. Advanced Logging for Debugging

Enable detailed logging for troubleshooting.



server {
listen 443 ssl;
server_name example.com;

ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log debug;

location / {
proxy_pass http://127.0.0.1:8080;
}
}

These configurations cover common scenarios when using NGINX as a reverse proxy with SSL. For best practices, ensure certificates are renewed regularly and your NGINX server is updated for security compliance.

 

 

 

You said:

common file locations for nginx

 

ChatGPT said:

ChatGPT

The location of NGINX files can vary based on the operating system and the method of installation. Below is a list of common file locations for NGINX components on different systems.

1. NGINX Configuration Files

  • Main Configuration File:

    • /etc/nginx/nginx.conf (Most common)
    • /usr/local/nginx/conf/nginx.conf (Source installation)
    • /opt/nginx/conf/nginx.conf (Custom installations)

  • Site Configuration Files:

    • /etc/nginx/sites-available/ (Debian/Ubuntu)
    • /etc/nginx/sites-enabled/ (Debian/Ubuntu, symlinked from sites-available)
    • /etc/nginx/conf.d/ (RHEL/CentOS, also supported on Debian)

2. SSL Certificate Files

  • Default SSL Certificates:

    • /etc/nginx/ssl/ (Custom setups)
    • /etc/letsencrypt/live/<domain>/ (Let’s Encrypt)
    • /etc/pki/nginx/ (RHEL/CentOS)

3. Log Files

  • Access Logs:

    • /var/log/nginx/access.log (Default location)
    • /var/log/nginx/<domain>-access.log (Custom per-site logging)

  • Error Logs:

    • /var/log/nginx/error.log (Default location)
    • /var/log/nginx/<domain>-error.log (Custom per-site logging)

4. Binary and Executables

  • NGINX Binary:

    • /usr/sbin/nginx (Most common for package installations)
    • /usr/local/nginx/sbin/nginx (Source installations)
    • /opt/nginx/sbin/nginx (Custom installations)

5. Cache Directories

  • Proxy Cache:

    • /var/cache/nginx/ (Default for package installations)
    • Custom paths are defined in the proxy_cache_path directive in nginx.conf.

  • FastCGI Cache:

    • /var/cache/nginx/fastcgi/ (If enabled)

6. Temporary Directories

  • Temporary File Storage:

    • /var/lib/nginx/ (Default for package installations)

    • Includes:

      • client_body_temp/ (Temporary storage for client requests)
      • proxy_temp/ (Temporary files for proxy responses)
      • fastcgi_temp/ (Temporary files for FastCGI responses)

7. Modules

  • Dynamic Modules:

    • /usr/lib/nginx/modules/ (For modular installations)
    • /etc/nginx/modules/ (Alternate location)

  • Static Modules:

    • Compiled into the NGINX binary, no separate file location.

8. PID Files

  • NGINX Process ID:

    • /run/nginx.pid (Default for most systems)
    • /var/run/nginx.pid (Legacy or alternate setups)

9. Default Web Root

  • Static File Root:

    • /var/www/html/ (Debian/Ubuntu default)
    • /usr/share/nginx/html/ (RHEL/CentOS default)

10. Service Management

  • Systemd Unit File:

    • /lib/systemd/system/nginx.service (Most systems)
    • /etc/systemd/system/nginx.service (Custom configurations)

Command to Find Files

If you’re unsure about the file locations, you can search for them using:


find / -name "nginx.conf" 2>/dev/null
find / -name "*nginx*" 2>/dev/null

These commands will locate any NGINX-related files across your file system.

 

Here’s a breakdown of common Apache site configuration commands and examples for setting up a site with virtual hosts, SSL, and related features.

1. Basic Virtual Host Configuration

A basic Apache configuration for a website.

File Location:

  • /etc/apache2/sites-available/example.com.conf (Debian/Ubuntu)
  • /etc/httpd/conf.d/example.com.conf (CentOS/Red Hat)

<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com

DocumentRoot /var/www/example.com
<Directory /var/www/example.com>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>

ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined
</VirtualHost>

2. Enabling SSL

Set up a virtual host with SSL.

Steps:

  1. Obtain an SSL certificate (e.g., via Let’s Encrypt).
  2. Configure the SSL virtual host.

SSL Virtual Host Configuration:


<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com

DocumentRoot /var/www/example.com
<Directory /var/www/example.com>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>

SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem

ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined
</VirtualHost>

3. Redirect HTTP to HTTPS

Redirect all HTTP traffic to HTTPS.


<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
</VirtualHost>

4. Enabling Modules

Apache modules need to be enabled for certain features.

Enable Rewrite Module:


sudo a2enmod rewrite
sudo systemctl restart apache2

Enable SSL Module:


sudo a2enmod ssl
sudo systemctl restart apache2

5. Setting Up a Directory Alias

Create a directory alias to serve content from a different location.


Alias /static/ "/var/www/static-content/"

<Directory /var/www/static-content/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>

6. Restricting Access by IP

Limit access to specific IP addresses.


<Directory /var/www/example.com>
Require ip 192.168.1.0/24
Require ip 203.0.113.0/24
</Directory>

7. Custom Error Pages

Set custom error pages for your site.


<VirtualHost *:80>
ServerName example.com

DocumentRoot /var/www/example.com

ErrorDocument 404 /custom_404.html
ErrorDocument 500 /custom_500.html

<Directory /var/www/example.com>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>

8. Enabling Compression

Enable GZip compression for faster page loads.


<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
</IfModule>

Enable the module:


sudo a2enmod deflate
sudo systemctl restart apache2

9. Basic Authentication

Set up password protection for a directory.


<Directory /var/www/example.com/secure>
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</Directory>

Create a Password File:


sudo htpasswd -c /etc/apache2/.htpasswd username

10. Setting Up Logging

Configure custom logs for debugging and monitoring.


<VirtualHost *:80>
ServerName example.com

DocumentRoot /var/www/example.com

ErrorLog ${APACHE_LOG_DIR}/example.com-error.log
CustomLog ${APACHE_LOG_DIR}/example.com-access.log combined
</VirtualHost>

11. Enabling a Site

After creating the configuration file, enable it and reload Apache.


sudo a2ensite example.com.conf
sudo systemctl reload apache2

12. Disabling a Site

Disable a site without deleting its configuration.


sudo a2dissite example.com.conf
sudo systemctl reload apache2

13. Directory Listing

Enable or disable directory listing.


<Directory /var/www/example.com>
Options +Indexes
</Directory>

14. Checking Configuration

Verify that the Apache configuration is correct.


sudo apachectl configtest

15. Restarting Apache

Apply changes after modifying configurations.


sudo systemctl restart apache2

These commands and examples cover common scenarios for configuring a website with Apache, including virtual hosts, SSL, and more. Always remember to back up your configuration files before making changes!

 

 

 

You said:

and common file locations for apache sites –

 

ChatGPT said:

ChatGPT

Here’s a list of common file locations for Apache site configurations and related components. These locations may vary depending on your operating system or installation method.

1. Apache Configuration Directory

The main directory for Apache configuration files.

  • Debian/Ubuntu: /etc/apache2/
  • CentOS/Red Hat/Fedora: /etc/httpd/

2. Site Configuration Files

Apache uses virtual host configuration files to manage individual sites.

  • Debian/Ubuntu:

    • /etc/apache2/sites-available/ (Store individual site configurations)
    • /etc/apache2/sites-enabled/ (Symlinked from sites-available)

  • CentOS/Red Hat/Fedora:

    • /etc/httpd/conf.d/ (Site configuration files are placed here)
    • /etc/httpd/sites-available/ (Manual setups for individual sites)
    • /etc/httpd/sites-enabled/ (Symlinked from sites-available – not default, but can be created)

Default Site Configuration File:

  • Debian/Ubuntu: /etc/apache2/sites-available/000-default.conf
  • CentOS/Red Hat/Fedora: /etc/httpd/conf.d/welcome.conf (Default page)

3. Main Apache Configuration File

The primary configuration file for the Apache server.

  • Debian/Ubuntu: /etc/apache2/apache2.conf
  • CentOS/Red Hat/Fedora: /etc/httpd/conf/httpd.conf

4. SSL Configuration Files

Used for enabling SSL with Apache.

  • Debian/Ubuntu:

    • /etc/apache2/sites-available/ or /etc/apache2/sites-enabled/ (SSL configurations per site)
    • /etc/apache2/mods-available/ssl.conf
    • /etc/apache2/mods-enabled/ssl.conf (Symlinked from mods-available)

  • CentOS/Red Hat/Fedora:

    • /etc/httpd/conf.d/ssl.conf

5. SSL Certificates

Paths for SSL certificates and keys.

  • /etc/ssl/certs/ (Public certificates)
  • /etc/ssl/private/ (Private keys)
  • /etc/pki/tls/certs/ (Red Hat/Fedora default location for certs)
  • /etc/pki/tls/private/ (Red Hat/Fedora default location for private keys)
  • /etc/letsencrypt/live/<domain>/ (Let’s Encrypt certificates)

6. Modules

Apache modules provide extended functionality.

  • Debian/Ubuntu:

    • /etc/apache2/mods-available/ (Available modules)
    • /etc/apache2/mods-enabled/ (Symlinked from mods-available)

  • CentOS/Red Hat/Fedora:

    • /etc/httpd/conf.modules.d/ (Module configurations)

7. Log Files

Logs for monitoring and debugging Apache.

  • Debian/Ubuntu:

    • /var/log/apache2/access.log
    • /var/log/apache2/error.log

  • CentOS/Red Hat/Fedora:

    • /var/log/httpd/access_log
    • /var/log/httpd/error_log

8. Document Root (Web Root)

The default location for website files.

  • Debian/Ubuntu: /var/www/html/
  • CentOS/Red Hat/Fedora: /var/www/html/

For individual sites, custom DocumentRoot can be set in the virtual host configuration, e.g., /var/www/example.com.

9. Cache Directories

Directories for storing cached files if enabled.

  • /var/cache/apache2/ (Debian/Ubuntu)
  • /var/cache/httpd/ (CentOS/Red Hat/Fedora)

10. Environment and PID Files

  • Environment Variables:

    • /etc/apache2/envvars (Debian/Ubuntu)
    • /etc/sysconfig/httpd (CentOS/Red Hat/Fedora)

  • PID File (Stores Apache process ID):

    • /var/run/apache2/apache2.pid (Debian/Ubuntu)
    • /var/run/httpd/httpd.pid (CentOS/Red Hat/Fedora)

11. Temporary Files

Apache stores temporary files in these locations.

  • /var/tmp/
  • /var/lib/apache2/ (Debian/Ubuntu)
  • /var/lib/httpd/ (CentOS/Red Hat/Fedora)

12. Commands to Locate Files

If you’re unsure about a specific file, use the find or locate command:


find / -name "httpd.conf" 2>/dev/null
find / -name "apache2.conf" 2>/dev/null
locate apache2
locate httpd

These locations should cover most standard Apache setups. For custom configurations, you might need to check with the person or system managing the Apache installation.

more …
Scroll to Top