Apache is a popular web server application you can install on the Raspberry Pi to allow it to serve web pages. Oct 18, 2020 Step 1: Install Raspberry Pi and Apache Web Server. As we mentioned before, we need some pieces of software as well as to do some configurations in order to have a working web server.
In my previous blog I installed Apache 2 on a raspberry Pi. To display more than simple HTML pages, you need to install and configure additional software such as a database server and scripting language PHP. For more convenience and security you can still arrange things like SSL. You do that as follows.You can install Apache web server yourself as described here.
Install a database server
Most sites do not consist of passive HTML pages, but retrieve their ever-changing content from a database. To store the content and other data in a database, you must install MySQL (or MariaDB) as database server.
During installation, a password is requested for the database user. After you have typed that in for confirmation again, the database server is ready for use. Wit the following command you can check if that is indeed the case.
Remember the database password well, because you will need it later, for example to create backups or new tables.
Install PHP
To install the language PHP you have to add some extra modules. This is why this command is a bit longer than the commands that you have typed so far.
and
To test if PHP is properly installed, you must first have a PHP page that you can run. To create such a page, you need an editor for editing text files. For beginners, nano is the easiest.
Then you can make a test page. At Apache, the files on the web server are in the directory by default.
In that directory you create a test page with the extension php.
Then type the following line.
Save the file (Ctrl + O) and close the editor (Ctrl + X). Then go to http://Servername/test.php with the browser. If all goes well, you will now see the system information of PHP. Because you probably do not want everyone to be able to view all the information about your web server, you remove that page after testing with the command.
Multiple websites
Usually you want to host multiple websites on a single web server. They all come in their own directory and work with their own database, so that they do not get in each other’s way. In this case you make with the command.
a directory for the test.com website, followed by the command.
goes to that directory and there with
the file index. html creates a default opening when someone visits a website.
In that index file you put the following content with nano:
Add A Website
You have created a separate directory for the new website, but Apache does not yet know what to do with it. In the directory
are the configuration files for the websites hosted by your Apache server. The configuration file for the new test.com domain must be created in that directory.
In the configuration file you set the following rules. At
enter your email address.
Then that configuration has to be added and loaded. With
(Apache 2 enable site) you add the site to the web server and with it
command recharges Apache the configuration. After this the site should be available.
If you go to http: //Servername/test.com with the browser, you should see the index page. If you have registered the domain name test.com and refer to the IP address of your web server, you should get the same result if you go to http://test.com.
Install SSL
The internet traffic between your web server and the browser of your visitors are not yet encrypted. Everyone who has access to that network traffic can therefore read everything and see what is being sent. Of course, you do not want that on pages with login details or payment information. That is why we need to encrypt this traffic. Nowadays this can be done in several ways: a difficult one, a reasonably easy one and a very easy one. Of course we take the easiest – and free – method and do it with Let’s Encrypt. You can let Let’s Encrypt arrange the certificates needed for encryption and also have all the settings necessary to secure internet traffic.
Thereby the file
in the directory
created in which port 443 is configured for secure SSL traffic. The normal data traffic via HTTP uses port 80, but the HTTPS protocol works with port 443. Fortunately, both HTTP and HTTPS are already enabled by the firewall, so that the secure data traffic is not stopped.
For optimal security, of course, you want all traffic that enters your web server via HTTP to be redirected to HTTPS. That is also what Let’s Encrypt sets for you in the configuration file
from your website. If you then go to https: // www. ssllabs.com/ssltest/analyze. html? d = test.com & latest, you can test if your site is indeed secure. If you go to http://test.com with your browser, you will see that you are automatically redirected to https://test.com. And more importantly: next to the url you will see a green lock to confirm the secure status of the web traffic.
Extend automatically
A Let’s Encrypt certificate has a maximum validity of 90 days, after which you normally have to renew the certificate manually. That is still possible for one website, but if you manage multiple sites, you do not want to run the risk of accidentally forgetting to extend one, which means your site will suddenly no longer be reachable safely. Fortunately, there is a possibility to automatically renew the certificate.
For this we create a system task, called Linux cronjob or crontab. With Cron (from the English word chronograph, a sort of stopwatch) you can perform tasks at a preset time. At the bottom of the list of existing tasks you add a new task to renew the certificates. In this case, that happens every morning at 7 a.m. If a certificate does not have to be renewed yet, nothing else happens.
Install the database manager
Now that the traffic from and to your web server is encrypted, you can continue with the database server. You have already installed it, but there is no management interface yet. Usually phpMyAdmin is used for this. Install this software with the following commands:
At the first screen, select apache2 by pressing the space bar and in the question to dbconfig- common you say yes. Then you have to enter a password to login to phpMyAdmin. The modules mcrypt and mbstring need to be explicitly allowed because phpMyAdmin needs them and they are not automatically installed. Then you have to restart Apache:
Then you can go to https: // test in the browser. com / phpmyadmin and you will be asked to log in. Use the password you just entered. You use root as the username.
By logging in at phpMyAdmin as root, you will manage the database as a kind of super-user. Just like with the management of the web server, this is absolutely undesirable in practice, especially not because that interface is often the target of attackers. If malicious people manage to hack the interface, they have total access to all your databases. This is prevented by better shielding phpMyAdmin. Open the php-MyAdmin configuration file with
And add the line with
to overrule the default settings later:
Restart the Apache server for the new settings:
Then you will ensure that only explicitly specified users can login to php-MyAdmin. There you create a .htaccess file in the phpMyAdmin directory for
containing the following content:
Save the file and create the file named .htpasswd with the permissible users:
for the first user and for every subsequent user the second command again, but without
Best Raspberry Pi Web Server
. If you then go to https://test.com/ phpmyadmin, you will first have to log in as one of those users to access the interface.
Web server ready
Then the basic configuration of your web server is ready and your website is ready for use. If you want to work with a content management system (CMS), you can use phpMyAdmin to create a database for the relevant CMS package (for example WordPress, Jooma or Drupal) and specify its data when installing that package. Basically you now have a secure web server with all the basic functions – but also the possibility to extend that functionality where, how and when you want it.