Install httpd Ubuntu
Introduction to httpd
It is a software program that executes as a process in the background and places an important role of a server within the client-server model with the HTTPS or/and HTTP network protocol. The full form of httpd is the Hypertext Transfer Protocol daemon. The process waits for the client's requests, and for every request, it replies by answering every requested information, such as transferring the requested web resource or along with an HTTP error message. Usually, it is the primary software segment of an HTTP server, better called a web server.
A few generally used implementations are as follows:
Apache HTTP Server (httpd)
This server offers an open-source HTTP server with modern HTTP standards. The httpd package offers the Apache HTTP Server in Red Hat Enterprise Linux. Execute the command, i.e., rpm -q httpd, to find if the httpd package is successfully installed. If it's not installed and we wish to utilize the Apache HTTP Server, we need to execute the below command has a root user for installing it:
SELinux and httpd
The httpd (Apache HTTP Server) executes confined when SELinux is activated. Confined processes execute in their domains and are isolated from other confined processes. If any confined process is accommodated by an attacker, relying on the SELinux policy configuration, the excess of an attacker to resources and the damage they can implement is limited.
SELinux policy describes how processes executing in confined domains (like httpd_t) negotiate with the system, files, and other processes in general. The files should be correctly labeled to permit access to them. For instance, httpd can read all files that are labeled with the type, i.e., httpd_sys_content_t, but can't write to them, even when Linux permissions permit write access.
Booleans should be enabled to permit certain behaviors, like permitting script network access, permitting httpd access to CIFS and NFS volumes, and httpd being permitted to run CGI (Common Gateway Interface) scripts.
The command, i.e., semanage, port should be used to include the fresh port number to the SELinux policy configuration when the /etc/httpd/conf/httpd.conf directory is set up so httpd can listen on a port rather than TCP ports 8443, 8009, 8008, 488, 443, or 80.
Types of httpd
In SELinux, the primary permission control approach targeted policy to offer advanced process separation is Type Enforcement. All processes and files are labeled with a type. The types describe a domain for all processes and a type for every file.
SELinux policy rules describe how types use each other, whether it may be a domain using a type or a domain using another domain. The access is permitted only if a particular SELinux policy rule is available that permits it.
A few of the types applied with httpd are listed below. Different types permit us to set up flexible access:
Note: Files copied into or created in the directory, i.e., /var/www/html/ labelled with the type, i.e., httpd_sys_content_t by default.
SELinux works based on the least access level needed for a service to execute. Services can be executed in several ways; therefore, we need to define how we execute our services. It can be gained by Booleans that permit SELinux policy parts to be modified at runtime without the understanding of SELinux policy writing. It permits changes, like permitting services authorization to NFS volumes without recompiling or reloading the SELinux policy.
How to install Apache Web Server (httpd) in Ubuntu?
Httpd is the most widely used open-source web server which is supported on the majority of the operating systems, including Solaris, macOS, Windows, Linux, etc. It's highly customizable and could be developed with other modules. It's easier to install and configure Apache for a common setup. In this article, we will discuss the installation and configuration process of the httpd in the Ubuntu operating system.
Step 1: Updating the System
We will first need to update our system repository index for installing the latest Apache2 version. To do so, we need to launch our terminal by the Ctrl+Alt+T shortcut keys and run the below command:
Note: An authorized user can only update, install, or delete the packages from the Linux system
Step 2: Installing Apache2
In this step, we are going to install the Apache2 web server. We need to run the following command in the terminal window:
The system may ask for confirmation by giving us a Y/n option. We need to enter "Y" and then the Enter button to proceed. The Apache web server and its every dependency will be installed on our system.
When we install the Apache server, we can verify its version using the below command:
We will now need to open some ports on our system to access Apache externally. First, let's mention the application profiles that we will provide Apache access to. Execute the below command to do it:
We can see distinct Apache profiles in the following screenshot:
We will apply the highly restrictive 'Apache' profile to activate network connectivity on 80 port.
We can also see the status which will display Apache permitted in firewall using the following command:
Setting up Apache Web Server; Verify Apache Service
First, we will verify the Apache service is running before moving to the configuration process. We will run the following command in the terminal window to do so:
We can find the Apache service is running and active from the above result. Another method to verify the Apache service is activated is by claiming a web page through the Apache web server. We need to find our IP address with the below command to do so:
How to Manage the Apache Server?
Here are a few of the helpful commands that we can execute in the terminal window for managing the Apache server.