Apache Web Server Setup on Ubuntu 22.04 (with SSL)

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello everybody this is techca in this video what we're going to be doing is setting up a very basic Apache web server and then securing it with a SSL certificate there are numerous reasons you may want to do this it might be a prerequisite for some other application or service you're trying to run or my personal favorite you might be trying to build and host your very own static website whether if you're building it yourself or using a generator such as Hugo so without wasting too much time let's go ahead and dive on into the tutorial and down below I'm going to have a link to this guide right here on techa.tv that goes over everything that we're going to be doing including all the commands that I will be using so with that the very first step that we can see up here is to get your VPN and domain name set up I am going to be using the note as they did sponsor this video you can use really any VPN provider you would like to but if you go ahead go over to leno.com forward slash Tech Hut you could go and get yourself a hundred dollar credit to get started today so I already have an account so I'm going to go ahead and log in here and to go ahead and get started all we're going to do is Click create create a newly node and here you could choose whatever distribution you like I personally prefer Ubuntu for my server so I just generally go with the latest LTS version region choose a server that is closest to you or your target audience so for me it'd be something like California and for the actual plan what we're going to do is go ahead and go with the nanode five dollar plan here you can't upgrade if you need to but due to this being just a static website this right here should be more than enough now down here you can go and give it a label so I'm just going to leave that for now you can add tags give yourself a strong root password if you do have SSH Keys you can set it up right here doing this is definitely good for Security's sake but we're going to ignore that for now you can set backups if you'd like to and from there you just go ahead and create your node now in order to save some time I've already created a node that's right here sub 2 Tech cut something that you should probably do and once you have your lenode created this is the dashboard that you're going to get we have some SSH access we have our IP address and a bunch of stuff like that now when it comes to setting up your domain name it's pretty easy right here we have our IP address just going to give that a copy and you could go over to your register such as namecheap so for example here's my account under the hopkey.net right now I'm actually using the node's domain manager which I'll show you in just a minute but all you would need to do is go over here to Advanced DNS and then add your a records here since I'm doing this on the Node I could go ahead and close this out go to the node's domain name manager head over to hopkey.net and then under a records here I just go ahead and add my primary IP address as the root and now that will be linked up to that the node and of course you could also do this as a subdomain as well if you would like to I didn't really dive too much into this but I will leave links down below to some documentation to help you go ahead and get that set up so with that let's head over to our sub 2 Tech Hut lanode and go ahead and get this set up so first things first under access here we have SSH access we can just go ahead and give this a copy and with that copied what we could do is go ahead and open up a local terminal so for this case I'm just going to open up the Microsoft Powershell here and here we go so let's just go ahead and paste that on in SSH root into the server hit enter this is our first time logging in so it's going to make sure that we are connecting to a host that we're aware of we just created it so I'm going to say yes type in our root password hit enter and then we are now in our Ubuntu Server here so now we're just going to do some initial setup stuff to get this server ready and the best thing to start off doing whenever you first log into a server is go ahead and update the thing so we're going to do apt update and apt upgrade and we'll just go y to say yes to that and depending on how old the images that they use this may take anywhere from a couple seconds to a couple of minutes all right we're at 98 so it should be finishing up didn't really take too long at all and it does look like there's a new kernel available restarting the system will load the new kernel so I'm just going to go ahead and enter for ok and for now I'm just going to go down hit OK for this we'll reboot the server in a minute before doing that let's go ahead and edit our host name so you can see we're at localhost here and what we're going to do is match that up to what website we're going to be hosting from our server so to do this we're just going to want to Nano into our Etsy and hostname a file here so hit enter you can see its localhost so I'm just going to go ahead and replace that with our domain which is going to be hopkey dot net for this instance Ctrl o to Output that and exit out now we're going to go into our hosts file so same location but hosts and now right here we're going to go ahead and add a new line hit enter and we're going to copy this kind of it's going to be 127.0.1.1 hit tab on your keyboard and then again type in the domain name you're going to use obviously replace hopkey.net with what your actual domain is Ctrl o enter control X and now with our host change we're going to go ahead and add a limited sudo user because doing everything from root generally isn't the best idea in the world so to do this just type in add user and I'm going to add the user Brandon you could call this whatever you want whether that be the website you're running a specific service but for me I'm going to go with Brandon here it's going to ask me to create a new password make sure it's strong and secure and this information here you don't necessarily have to fill out unless if you can have multiple users so I could just hit enter to go ahead and Skip through all these information looks correct hit enter and now I want to go ahead and add that user Brandon to the pseudo group so it can execute root commands hit enter and then from there if I want to I could go ahead and switch the user to Brandon and now what I'm going to do is actually disable root login via SSH you don't have to do this but it's a pretty decent security precaution so I'm going to do sudo have to type that now that I'm not the root user Nano and this is going to be an Etsy SSH and SSH D underscore config to enter type in our password and now if we go ahead and find the permit root login all we need to do is switch this to no we do not want that output that and exit and now we can go to actually restart this Daemon so if I go sudo system CTL I'm going to restart sshd hit enter of course make sure you don't have typos hit enter there we go and now at this point we can actually go ahead and reboot our server so I'm just going to type in sudo reboot we're doing this so it reloads the kernel any updates needed and it will go ahead and change our localhost or our host name for us so hit enter and now you can see the connection is closed so that might take a little bit to reboot one good thing about the node if we jump back in here and open up our Lish console this is a live console so we can actually see what the server is doing prior to boot so for example right here you can see our lenode isn't running and there it goes we can see some gnu grub and now we can see the actual boot process is starting and then when you see all login prompt here you know we're good to go so I'm going to close this out go back over to our Powershell and just to show you that root isn't working anymore if I go up one try to log in as root you can see permission denied so it's not even going to let me do that I'm going to control C to cancel out of that I'm going to change over to my new username type in my password log in and you can see we are good to go so now at this point we can actually install and begin the initial configuration process for Apache so here what we're going to do is a pseudo app to install and we're going to grab a couple packages we're going to grab Apache too of course we're going to grab Apache 2 Dash docs as well as the Apache Apache 2 Dash utils so from there let's hit enter type in our password whoops I think it's just doc so let's go over here Boop bam and there we go that's looking a little better let's continue and the installation process is complete so from there we can use a system CTL command status and Apache 2 just to see if it's running so hit enter and you can see the service is now active and running that's good so at this point let's go ahead and open up our web browser and make sure that it's working on our IP address so if I copy that open a new tab and I head on over to our IP address so we can see the Apache 2 default page and if you went ahead and set up a domain name you could actually check that now as well to make sure it's properly linked over to your lenode IP so we can see hopkey.net is also showing the exact same thing now that is just our default site it's not configured all properly so first things first I'm going to actually go ahead and just disable that default site and then in a minute we'll go in the create our own directories and configurations so to disable that we're just going to do sudo A2 for Apache 2 disk for disable and site and we're going to go with zero zero zero if I hit tab that's lean one so it's going to be the default configuration hit enter and you can see to activate a new configuration we can use this command so I'm going to go Ctrl C paste that right there enter I should have ran this as sudo so I'm going to type in my password there we go and at this point we're going to do some firewall stuff for some added security and then allow specific applications through it so first let's go ahead and type in sudo ufw which is going to be our firewall app list and this is going to list the available applications for our firewall so let's go ahead and do sudo ufw allow and then the very first one we're going to allow is Apache full so this is going to need to be in these Apache full hit enter we can see the rules have been updated and additionally we're going to go ahead and allow open SSH so hit enter rules have been updated and now that those are allowed through at this point we could actually sudo ufw enable to enable the firewall hit enter and this may disable SSH connection since I allowed this it probably shouldn't so we're going to go yes hit enter and the firewall is now active and enabled so to go and check up on everything we could do sudo ufw status enter and you can see the firewall status is now active and we went ahead and allowed Apache full as well as open SSH so now it's at this point that we could actually have a little bit of fun let's go ahead and create the directories for our website and by default this is going to be located in the VAR VAR www and HTML hit enter LS to see what we're looking at here we have our initial index HTML which is the document we saw earlier in the web browser so from here we're going to make our first directory and this is going to be hopkey.net so I'm going to do sudo MK ktir for make directory and this is going to be hopkey.net that's it enter if we LS we can see it so now we can see D into that new directory and now from here we're going to go ahead and create our public HTML so sudo mkdir public underscore HTML hit enter and then we're going to do this again for our log folder so log enter and then we're going to do this for our backups just like that so now at this point let's go ahead and make our new configuration so to do this we're going to want to CD back into our Etsy but this time let's go to Apache two hit enter if we LS we could see a couple different options here we're going to go to the sites available folder right here so CD into sites of available LS and we can see that initial default configuration there so what I'm going to do is make a configuration for our new website so to do that we're going to do sudo Nano and the name of file is going to be hopkey.net dot conf again obviously replace hopkey.net with whatever you're using hit enter and now we have a new file here so at this point this is a little longer so I'm not going to type this out but let's go over to our little guide we have here and scroll on down until we go to this right here this is the configuration let's go ahead and copy and paste this and I can see some little things I'm gonna have to fix in this so I'll make sure and fix that before the video goes up but we can minimize this if we just give a right click it will paste everything on in for us so now we just need to change some things to match with what our actual website is one of the things I notice is right here logs we're going to get rid of the S because the folder we created is just called log and then right here we're going to replace all the instances of example.com with our domain so let's go up over popkey.net and hopkey.net do the same thing over here I'm not going to be using a www Alias you can if you want to but I'm just going gonna do like that and same thing right here and then of course put in an actual email address for yourself to code.tv perfect and actually right after I saved I noticed there's actually a couple more things so it's missing the HTML directory so we just add that here there and there so that all should work fine so let's go ahead and control o output that control X and then from there we could do sudo A2 for Apache 2 but this time we're going to do in the site for enable the site and enable hopkey dot net hit enter you can see the site is now enabled so we're going to reload our configuration by copying this but running it as a sudo user paste that on and hit enter and then we can see that there are no issues so now at this point we can actually test this out by opening up a new tab going to hopkey.net and this time instead of the default Apache page we'll have index of because there's nothing in our public HTML folder as of yet and actually if we wanted to at this point you go ahead and actually drop your Hugo files your static site files whatever you want in there but just for demonstration I'm going to go ahead and CD into that directory so that's a VAR www.html and then hopkey.net LS let's go into our public HTML folder and now at this point I could run a sudo Nano and then let's do index.html and here let's create a very basic HTML website real fast so head title we're going to call this new sign close that out close out the head and then make a body let's do this as a heading one welcome to hopkey.net H1 and then let's add a a line break here the best site in the world there we go it's looking like a good website to me let's control oh output that control X and now if we reload our website Boop welcome to hopkey.net the best site in the world new site so there we go we technically have our website up and running that's all you really need to do except right here not secure your connection to this site is not secure that is not good and that will discourage a lot of people from visiting your website what we need to do is add an SSL certificate some more information on that right here what it does is authenticate the website's identity and enables a encrypted connection between the web server and web browser I'm just going to give this a copy here save myself some time this is going to install all the packages we need for certbot which is going to give us a SSL certificate you can see everything it's going to go ahead and grab let's go yes and there we go so now at this point we can give ourselves a certificate by typing in sudo certbot actually type it right and dash dash this is going to be Apache Dash D for the domain is going to be hopkey dot net when you hit enter from here it's going to run you through some information first we're gonna have to type in our email address here so let's go attack hot dot TV hit enter do we agree to the terms of service yes of course we do and now this is asking us if we want to go ahead and give them our email address they've already done this before so I'm going to say no for now and now it's going to go ahead and request the certificate and if everything is good and set up in your website or your domain name has completely propagated you should get something that looks like this successfully deployed your certificate for hopke.net gives you some information on where the specific configuration is and all that but if we go back over here go to our new site and hit refresh you can see now the connection is secure we have a valid certificate issued by a trustworthy Authority so with all that big thank to the node for sponsoring this video again 100.60 credit down below as well as links to everything else we mentioned in this video including that full guide and all the commands for everything we just have done with all that I do hope you have an absolutely beautiful day and good bye
Info
Channel: TechHut
Views: 6,553
Rating: undefined out of 5
Keywords: linux tutorial, cloud, apache, server, guide
Id: VXSgEvZKp-8
Channel Id: undefined
Length: 16min 28sec (988 seconds)
Published: Mon Dec 05 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.