JPKCom DB

Apache HTTP Server — Configure and Operate the Web Server

Practical guide to the Apache HTTP Server — service control, configtest, virtual hosts, modules, TLS and directives on Debian/Ubuntu and RHEL.

The Apache HTTP Server – often simply called httpd – has been one of the most widely deployed web servers on the internet for decades. Its modular design lets you switch on features like mod_rewrite, SSL or reverse proxying exactly where you need them, and VirtualHosts let you serve any number of domains from a single instance. This cheat sheet collects the commands you reach for daily: service control, configuration tests, modules, VirtualHosts, TLS and performance tuning. Always validate your syntax with apachectl configtest before a reload – and prefer graceful over a hard restart to avoid dropping live connections.

Service Management (systemctl)

systemctl start apache2 — Start the Apache web server (Debian/Ubuntu). Use httpd on RHEL/CentOS.

systemctl start apache2

systemctl stop apache2 — Stop the Apache web server gracefully.

systemctl stop apache2

systemctl restart apache2 — Restart Apache (stops and starts). Drops all active connections briefly.

systemctl restart apache2

systemctl reload apache2 — Reload Apache configuration without dropping active connections (graceful).

systemctl reload apache2

systemctl status apache2 — Show Apache service status, PID, and recent log output.

systemctl status apache2

systemctl enable apache2 — Enable Apache to start automatically on system boot.

systemctl enable apache2

systemctl disable apache2 — Disable Apache from starting automatically on boot.

systemctl disable apache2

apachectl Commands

apachectl configtest — Test the Apache configuration for syntax errors. Returns 'Syntax OK' or an error.

apachectl configtest

apachectl -t — Short alias for configtest. Test configuration syntax.

apachectl -t

apachectl -t -D DUMP_VHOSTS — Show a summary of all configured virtual hosts with their ServerName and document roots.

apachectl -t -D DUMP_VHOSTS

apachectl -t -D DUMP_MODULES — List all loaded Apache modules.

apachectl -t -D DUMP_MODULES

apachectl -t -D DUMP_RUN_CFG — Show the resolved runtime configuration (MPM settings, ServerName, etc.).

apachectl -t -D DUMP_RUN_CFG

apachectl -v — Show the Apache version and build date.

apachectl -v

apachectl -V — Show the Apache version, build flags, and compiled-in defaults.

apachectl -V

apachectl graceful — Reload Apache configuration gracefully (without dropping connections).

apachectl graceful

apachectl graceful-stop — Stop Apache gracefully after current requests complete.

apachectl graceful-stop

Modules (Debian/Ubuntu)

a2enmod <module> — Enable an Apache module. Creates symlinks in mods-enabled/. Requires reload/restart.

a2enmod rewrite

a2dismod <module> — Disable an Apache module. Removes symlinks from mods-enabled/. Requires reload.

a2dismod status

a2enmod rewrite && systemctl reload apache2 — Enable mod_rewrite and reload Apache in one step.

a2enmod rewrite && systemctl reload apache2

a2enmod ssl headers deflate expires — Enable multiple modules at once.

a2enmod ssl headers deflate expires

apache2ctl -M — List all currently loaded (static and shared) Apache modules.

apache2ctl -M

apache2ctl -M | grep <module> — Check whether a specific module is currently loaded.

apache2ctl -M | grep rewrite

Virtual Hosts (Debian/Ubuntu)

a2ensite <config> — Enable a virtual host config file from sites-available/. Creates symlink in sites-enabled/.

a2ensite example.com.conf

a2dissite <config> — Disable a virtual host config file. Removes symlink from sites-enabled/.

a2dissite 000-default.conf

a2ensite example.com.conf && systemctl reload apache2 — Enable a virtual host and reload Apache in one step.

a2ensite example.com.conf && systemctl reload apache2

ls /etc/apache2/sites-enabled/ — List all currently enabled virtual host configurations.

ls /etc/apache2/sites-enabled/

ls /etc/apache2/sites-available/ — List all available virtual host configuration files.

ls /etc/apache2/sites-available/

apachectl -t -D DUMP_VHOSTS 2>&1 | grep -A3 'example.com' — Find which vhost config handles a specific domain.

apachectl -t -D DUMP_VHOSTS 2>&1 | grep -A3 'example.com'

Logs

tail -f /var/log/apache2/access.log — Follow the Apache access log in real-time (Debian/Ubuntu).

tail -f /var/log/apache2/access.log

tail -f /var/log/apache2/error.log — Follow the Apache error log in real-time.

tail -f /var/log/apache2/error.log

tail -f /var/log/httpd/access_log — Follow the Apache access log on RHEL/CentOS.

tail -f /var/log/httpd/access_log

grep 'error\|crit\|alert\|emerg' /var/log/apache2/error.log — Search the error log for critical and error-level messages.

grep 'error\|crit\|alert\|emerg' /var/log/apache2/error.log

apache2ctl status — Show a live server status page in the terminal (requires mod_status).

apache2ctl status

apachectl -e debug -k start — Start Apache with debug-level error logging for troubleshooting.

apachectl -e debug -k start

SSL / TLS

a2enmod ssl && a2ensite default-ssl.conf && systemctl reload apache2 — Enable SSL module and the default SSL virtual host (Debian/Ubuntu).

a2enmod ssl && a2ensite default-ssl.conf && systemctl reload apache2

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt — Generate a self-signed SSL certificate valid for 365 days.

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt

openssl s_client -connect <host>:443 -servername <host> — Test an SSL connection and inspect the certificate chain.

openssl s_client -connect example.com:443 -servername example.com

openssl x509 -in server.crt -text -noout — Display the details of an SSL certificate file (expiry, issuer, SANs).

openssl x509 -in server.crt -text -noout

certbot --apache -d <domain> — Obtain and install a Let's Encrypt SSL certificate for Apache automatically.

certbot --apache -d example.com -d www.example.com

certbot renew --dry-run — Test the automatic Let's Encrypt certificate renewal process.

certbot renew --dry-run

Configuration Directories

/etc/apache2/apache2.conf — Main Apache configuration file on Debian/Ubuntu.

nano /etc/apache2/apache2.conf

/etc/httpd/conf/httpd.conf — Main Apache configuration file on RHEL/CentOS/Fedora.

nano /etc/httpd/conf/httpd.conf

/etc/apache2/sites-available/ — Directory containing all virtual host definition files (Debian/Ubuntu).

ls /etc/apache2/sites-available/

/etc/apache2/conf-available/ — Directory for additional configuration snippets (Debian/Ubuntu).

ls /etc/apache2/conf-available/

/etc/apache2/mods-available/ — Directory containing all available module configuration files.

ls /etc/apache2/mods-available/

a2enconf <config> && systemctl reload apache2 — Enable a configuration snippet from conf-available/.

a2enconf php8.2-fpm && systemctl reload apache2

a2disconf <config> — Disable a configuration snippet from conf-enabled/.

a2disconf security

Virtual Host Configuration

Basic HTTP virtual host block with server name, document root, and separate log files.

<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/html/example
    ErrorLog ${APACHE_LOG_DIR}/example-error.log
    CustomLog ${APACHE_LOG_DIR}/example-access.log combined
</VirtualHost>

HTTPS virtual host block with SSL certificate configuration.

<VirtualHost *:443>
    ServerName example.com
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/example.crt
    SSLCertificateKeyFile /etc/ssl/private/example.key
    DocumentRoot /var/www/html/example
</VirtualHost>

Directory block granting access and enabling .htaccess overrides (AllowOverride All).

<Directory /var/www/html/example>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

Hide Apache version and OS from HTTP headers and error pages (add to apache2.conf).

ServerTokens Prod
ServerSignature Off

Reverse proxy: forward /api/ requests to a backend app on port 3000 (requires mod_proxy).

ProxyPass /api/ http://localhost:3000/
ProxyPassReverse /api/ http://localhost:3000/

Performance & Tuning

apache2ctl -V | grep 'MPM' — Check which MPM (Multi-Processing Module) is active: prefork, worker, or event.

apache2ctl -V | grep 'MPM'

a2dismod mpm_prefork && a2enmod mpm_event && systemctl restart apache2 — Switch from prefork to the high-performance event MPM (required for HTTP/2).

a2dismod mpm_prefork && a2enmod mpm_event && systemctl restart apache2

a2enmod http2 && systemctl reload apache2 — Enable HTTP/2 support (requires mpm_event and SSL).

a2enmod http2 && systemctl reload apache2

ab -n 1000 -c 10 https://example.com/ — Apache Bench: send 1000 requests with 10 concurrent connections to benchmark a URL.

ab -n 1000 -c 10 https://example.com/

ab -n 500 -c 20 -H "Accept-Encoding: gzip" http://example.com/ — Benchmark with gzip encoding header to test compression performance.

ab -n 500 -c 20 -H "Accept-Encoding: gzip" http://example.com/

curl -I -H 'Accept-Encoding: gzip' http://example.com/ — Check whether gzip compression (mod_deflate) is active for a URL.

curl -I -H 'Accept-Encoding: gzip' http://example.com/

Conclusion

Apache remains the robust, broadly supported choice for classic web hosting – especially where .htaccess overrides, mature modules and decades of documentation matter. Always check configuration changes with apachectl configtest first and roll them out with a graceful reload, so your server stays stable even under live traffic. When you need maximum performance, pair the event MPM with HTTP/2 and mod_deflate.

Further Reading

  • caddy – modern web server with automatic HTTPS
  • certbot – obtain and renew Let's Encrypt certificates
  • ferron – lightweight web server written in Rust