How to use Apache2 modules¶
Apache2 is a modular server. This implies that only the most basic functionality is included in the core server. Extended features are available through modules which can be loaded into Apache2.
By default, a base set of modules is included in the server at compile-time. If the server is compiled to use dynamically loaded modules, then modules can be compiled separately, and added at any time using the LoadModule directive. Otherwise, Apache2 must be recompiled to add or remove modules.
Ubuntu compiles Apache2 to allow the dynamic loading of modules. Configuration directives may be conditionally included on the presence of a particular module by enclosing them in an <IfModule>
block.
Installing and handling modules¶
You can install additional Apache2 modules and use them with your web server. For example, run the following command at a terminal prompt to install the Python 3 WSGI module:
sudo apt install libapache2-mod-wsgi-py3
The installation will enable the module automatically, but we can disable it with a2dismod
:
sudo a2dismod wsgi
sudo systemctl restart apache2.service
And then use the a2enmod
utility to re-enable it:
sudo a2enmod wsgi
sudo systemctl restart apache2.service
See the /etc/apache2/mods-available
directory for additional modules already available on your system.
Configure Apache2 for HTTPS¶
The mod_ssl
module adds an important feature to the Apache2 server - the ability to encrypt communications. Thus, when your browser is communicating using SSL, the https://
prefix is used at the beginning of the Uniform Resource Locator (URL) in the browser navigation bar.
The mod_ssl
module is available in the apache2-common
package. Run the following command at a terminal prompt to enable the mod_ssl
module:
sudo a2enmod ssl
There is a default HTTPS configuration file in /etc/apache2/sites-available/default-ssl.conf
. In order for Apache2 to provide HTTPS, a certificate and key file are also needed. The default HTTPS configuration will use a certificate and key generated by the ssl-cert
package. They are good for testing, but the auto-generated certificate and key should be replaced by a certificate specific to the site or server.
Note: For more information on generating a key and obtaining a certificate see Certificates.
To configure Apache2 for HTTPS, enter the following:
sudo a2ensite default-ssl
Note: The directories
/etc/ssl/certs
and/etc/ssl/private
are the default locations. If you install the certificate and key in another directory make sure to change SSLCertificateFile and SSLCertificateKeyFile appropriately.
With Apache2 now configured for HTTPS, restart the service to enable the new settings:
sudo systemctl restart apache2.service
Note that depending on how you obtained your certificate, you may need to enter a passphrase when Apache2 restarts.
You can access the secure server pages by typing https://your_hostname/url/
in your browser address bar.
Further reading¶
The Apache2 Documentation contains in depth information on Apache2 configuration directives. Also, see the apache2-doc package for the official Apache2 docs.
O’Reilly’s Apache Cookbook is a good resource for accomplishing specific Apache2 configurations.
For Ubuntu specific Apache2 questions, ask in the
#ubuntu-server
IRC channel on libera.chat.