Both Apache and Nginx have the ability to serve multiple websites.
sudo apt update && sudo apt install nginx
Stat the nginx service and set it to be automatically launched at boot:
sudo systemctl enable --now nginx
NOTE: The server listens on port 80 by default, so to verify that it is reachable we can simply navigate to http://localhost with a web browser.
<VirtualHost *:80> ServerName site1 DocumentRoot /var/www/site1.com </VirtualHost>
NOTE: This configuration is usually in /apache2/sites-available and have a .conf extention.
sudo a2ensite site1.com.conf
server { listen *:80; server_name site1.com; root /var/www/site1.com; }
NOTE: This configuration is usually in /etc/nginx/sites-available and have a .conf extention.
sudo ln -s /etc/nginx/sites-available/site1.com.conf /etc/nginx/sites-enabled/
With Apache, the <Directory> directive is used:
<VirtualHost *:80> ServerName site1.com DocumentRoot /var/www/site1.com <Directory /var/www/site1.com/> # Directives here </Directory> </VirtualHost>
The corresponding directive for an Nginx server block is location:
server { listen *:80; server_name site1.com; root /var/www/site1.com; location / { # Directives here } }
NOTE: For both Apache and NginX, the directives can be repeated in order to fine-tune the configuration.
In Apache use DirectoryIndex:
<VirtualHost *:80> ServerName site1.com DocumentRoot /var/www/site1.com <Directory /var/www/site1.com/> DirectoryIndex index.html index.php </Directory> </VirtualHost>
In NginX use index:
server { listen *:80; server_name site1.com; root /var/www/site1.com; location / { index index.html index.php } }
NOTE: The index.html and index.php files are configured as the index.
If a site directory is navigated to, but none of the set index files exists in it, the default behavior is to deny access to that directory.
In Apache, the Indexes option is enabled by using the + sign.
<VirtualHost *:80> ServerName site1.com DocumentRoot /var/www/site1.com <Directory /var/www/site1.com/> Options +Indexes </Directory> </VirtualHost>
In NginX, the the autoindex directive is set to on.
server { listen 80; server_name site1.com; root /var/www/site1.com; location / { autoindex on; } }
In Apache:
<VirtualHost *:80> ServerName site1.com DocumentRoot /var/www/site1.com <Directory /var/www/site1.com/> Require 192.168.0.0/24 </Directory> </VirtualHost>
NOTE: The Require directive inside a Directory stanza, allows access only from a specific subnet, for example 192.168.0.0/24.
In NginX:
<VirtualHost *:80> ServerName site1.com DocumentRoot /var/www/site1.com <Directory /var/www/site1.com/> <RequireAll> Require all granted Require not 192.168.0.0/24 </RequireAll> </Directory> </VirtualHost>
NOTE: Those Require directives are used to group multiple access rules and they work this way:
Directive | To be successful |
---|---|
RequireAll | No directive must fail and at least one must succeed (directive can also be neutral). |
RequireAny | At least one directive must succeed. |
RequireNone | No directive must succeed. |
Why did we use the <RequireAll> directive?
AH01624: directive contains only negative authorization directives
The equivalent configuration for an Nginx Server Block can be obtained via the allow and deny directives.
To allow access only from the subnet we used in the example above, we would write:
server { listen *:80; server_name site1.com; root /var/www/site1.com; location / { deny all; allow 192.168.0.0/24; } }
To deny access to requests coming from the 192.168.0.0/24 subnet, instead:
server { listen *:80; server_name site1.com; root /var/www/site1.com; location / { deny 192.168.0.0/24; } }
In Apache, configure error logs for the specific resource are written into a dedicated file.
<VirtualHost *:80> ServerName site1.com DocumentRoot /var/www/site1.com ErrorLog "/var/log/httpd/site1.com-error.log" </VirtualHost>
Where the requests received by the server are logged, instead, is managed by the CustomLog directive.
<VirtualHost *:80> ServerName site1.com DocumentRoot /var/www/site1.com ErrorLog "/var/log/httpd/site1.com-error.log" CustomLog "/var/log/httpd/site1.com-access.log" "%t %h %>s" </VirtualHost>
NOTE: The format string defines:
Notation | Meaning |
---|---|
%t | The time the request was received. |
%h | The IP address of the request. |
%>s | The final status of the request. |
SEE https://httpd.apache.org/docs/2.4/mod/mod_log_config.html#formats for additional formats.
A line in the access log file, in this case, would look like this:
[01/Oct/2021:23:49:56 +0200] 127.0.0.1 200
In NginX, errors are logged using:
server { listen *:80; server_name site1.com; root /var/www/site1.com; error_log "/var/log/nginx/site1.com-error.log"; }
Access is logged, using the access_log directive.
server { listen *:80; server_name site1.com; root /var/www/site1.com; error_log "/var/log/nginx/site1.com-error.log"; access_log "/var/log/nginx/site1.com-access.log"; }
NOTE: Using the default log format, an access log line will look like this:
127.0.0.1 - - [01/Oct/2021:23:58:32 +0200] "GET / HTTP/1.1" 200 12 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:92.0) Gecko/20100101 Firefox/92.0"