Install the Apache package with the following command:
sudo yum install httpd
Next, create a rule for your firewall to allow HTTP / HTTPS traffic:
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd –-reload
Apache does not automatically start on CentOS once the installation completes. You will need to start the Apache process manually:
sudo systemctl start httpd
Verify that the service is running with the following command:
sudo systemctl status httpd
You will see an active status when the service is running.
Setting Up Virtual Hosts
When using the Apache web server, you can use virtual hosts (similar to server blocks in Nginx) to encapsulate configuration details and host more than one domain from a single server. In this step, you will set up a domain called example.com, but you should replace this with your own domain name.
Apache on CentOS 7 has one server block enabled by default that is configured to serve documents from the /var/www/html directory. While this works well for a single site, it can become unwieldy if you are hosting multiple sites. Instead of modifying /var/www/html, you will create a directory structure within /var/www for the example.com site, leaving /var/www/html in place as the default directory to be served if a client request doesn’t match any other sites.
Create the html directory for example.com as follows, using the -p flag to create any necessary parent directories:
sudo mkdir -p /var/www/example.com/html
Create an additional directory to store log files for the site:
sudo mkdir -p /var/www/example.com/log
Next, assign ownership of the html directory with the $USER environmental variable:
sudo chown -R $USER:$USER /var/www/example.com/html
Make sure that your web root has the default permissions set:
sudo chmod -R 755 /var/www
Next, create a sample index.html page using nano or your favorite editor:
sudo nano /var/www/example.com/html/index.html
Enter below into the index.html
<html>
<head>
<title>Welcome to Example.com!</title>
</head>
<body>
<h1>Success! The example.com virtual host is working!</h1>
</body>
</html>
With your site directory and sample index file in place, you are almost ready to create the virtual host files. Virtual host files specify the configuration of your separate sites and tell the Apache web server how to respond to various domain requests.
Before you create your virtual hosts, you will need to create a sites-available directory to store them in. You will also create the sites-enabled directory that tells Apache that a virtual host is ready to serve to visitors. The sites-enabled directory will hold symbolic links to virtual hosts that we want to publish. Create both directories with the following command:
sudo mkdir /etc/httpd/sites-available /etc/httpd/sites-enabled
Next, you will tell Apache to look for virtual hosts in the sites-enabled directory. To accomplish this, edit Apache’s main configuration file and add a line declaring an optional directory for additional configuration files:
sudo nano /etc/httpd/conf/httpd.conf
Add this line to the end of the file:
IncludeOptional sites-enabled/*.conf
Save and close the file when you are done adding that line. Now that you have your virtual host directories in place, you will create your virtual host file.
Start by creating a new file in the sites-available directory:
sudo nano /etc/httpd/sites-available/example.com.conf
Add in the following configuration block, and change the example.com domain to your domain name:
<VirtualHost *:80>
</VirtualHost>
This will tell Apache where to find the root directly that holds the publicly accessible web documents. It also tells Apache where to store error and request logs for this particular site.
Save and close the file when you are finished.
Now that you have created the virtual host files, you will enable them so that Apache knows to serve them to visitors. To do this, create a symbolic link for each virtual host in the sites-enabled directory:
sudo ln -s /etc/httpd/sites-available/example.com.conf /etc/httpd/sites-enabled/example.com.conf
sudo systemctl restart httpd
Your virtual host is now configured and ready to serve content.
Installing VSFTPD
Install VSFTPD software with the following command:
sudo yum install vsftpd
Next, create a rule for your firewall to allow FTP traffic on Port 21:
sudo firewall-cmd --zone=public --permanent --add-port=21/tcp
sudo firewall-cmd --zone=public --permanent --add-service=ftp
sudo firewall-cmd –-reload
Install VSFTPD software with the following command:
sudo systemctl start vsftpd
sudo systemctl enable vsftpd
Configuring VSFTPD
Before starting, create a copy of the default configuration file:
sudo cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.default
Next, edit the configuration file with the following command:
sudo nano /etc/vsftpd/vsftpd.conf
Set your FTP server to disable anonymous users and allow local users.
Find the following entries in the configuration file, and edit them to match the following:
anonymous_enable=NO
local_enable=YES
This is an important step. Anonymous access is a risky – you should avoid it unless you understand the risks.
Next, allow a logged-in user to upload files to your FTP server.
Find the following entry, and edit to match as follows:
write_enable=YES
Limit FTP users to their own home directory. This is often called jail or chroot jail. Find and adjust the entry to match the following:
chroot_local_user=YES
allow_writeable_chroot=YES
The vsftpd utility provides a way to create an approved user list. To manage users this way, find the userlist_enable entry, then edit the file to look as follows:
userlist_enable=YES
userlist_file=/etc/vsftpd/user_list
userlist_deny=NO
You can now edit the /etc/vsftpd/user_list file, and add your list of users. (List one per line.) The userlist_deny option lets you specify users to be included; setting it to yes would change the list to users that are blocked.
The next parameter will give ftpd access to write anywhere:
setsebool -P ftpd_full_acess=true
Do not use ftpd_anon_write unless you want anonymous uploads to be allowed.
Once you’re finished editing the configuration file, save your changes. Restart the vsftpd service to apply changes:
sudo systemctl restart vsftpd
Create a New FTP User
To create a new FTP user enter the following:
sudo adduser testuser
sudo passwd testuser
The system should prompt you to enter and confirm a password for the new user.
Add the new user to the userlist:
echo “testuser” | sudo tee –a /etc/vsftpd/user_list
Create a directory for the new user, and adjust permissions:
sudo mkdir –p /home/testuser/ftp/upload
sudo chmod 550 /home/testuser/ftp
sudo chmod 750 /home/testuser/ftp/upload
sudo chown –R testuser: /home/testuser/ftp
However if you just wanted the FTP user to access the /var/www/ directory you can use the below:
usermod --home /var/www/ testuser
Ensuring that you then set the below permissions on the directory
setfacl -m u:testuser:rwx /var/www