Personal wiki of Goran Jurić



We are going to use Apache mod_php for running PHP scripts so we need to install apache2-mpm-preform MPM. MPM worker does not play nicely with mod_php because PHP is not thread safe. mod_php is the fastest way of running PHP sites so you dont really need to think to much over this option. If you are low on memory resources you could install Lighttpd and run PHP as a FastCGI but then I guess you do not want to install Postfix or use the same machine as a mail server, so skip installing Postfix as well.

apt-get install apache2 apache2-mpm-prefork apache2-utils ssl-cert

mod_rewrite is not enabled by default so we will enable it and restart Apache

a2enmod rewrite
invoke-rc.d apache2 restart

Open up your web browser and try to visit http://YOUR-IP-ADDRESS you should see “It works!” displayed in your browser if Apache is working normally.

If you can not access the page, check your firewall rules. Port 80 should be open. If not, rebuild the firewall rules making sure that this time the port 80 is open, copy them to /etc/network/iptables.rules and reboot your server.

Configure Virtual Hosts

Since we only have one IP address we are going to use Apaches name-based virtual hosting for serving multiple domains from a single server.

Configuration files for sites are located in /etc/apache2/sites-available and symbolic links for active sites are created in /etc/apache2/sites-enabled.

Now, we are going to create a configuration file for out domain. Create an in /etc/apache2/sites-available using nano /etc/apache2/sites-available/ and save this in the file:

<VirtualHost *:80>


        DocumentRoot /home/www/

        ErrorLog /home/www/

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog /home/www/ combined

You can see that the DocumentRoot points to /home/www/…. This is because I choose to save all my sites in the /home/www folder in which every domain has its own folder.

Since those folders for our domain still don't exist, we need to create them

mkdir /home/www
mkdir /home/www/
mkdir /home/www/
mkdir /home/www/

As you can see, we can tell Apache to save log files for each virtual host separately.

Od Debian systems Apache runs as user www-data. So we need to give permissions to Apache to read and write to this folders. We can change the owner and the group of all files with

chown www-data:www-data -R /home/www/

We are ready to enable our new virtual host

update-rc.d apache2 restart

If you want to add other sites to your server, just create another file in the /etc/apache2/sites-available folder and repeat the procedure.

Apache configuration

Default configuration of Apache sends server information in the response headers that we do not want to expose to everybody. To disable this open /etc/apache2/conf.d/security with nano and replace

ServerTokens Full
ServerSignature On


ServerTokens Prod
ServerSignature Off

All application on my web server use UTF-8 as a default encoding so I also edit /etc/apache2/conf.d/charset and uncomment the AddDefaultCharset UTF-8 directive which adds the UTF-8 as the default charset to the header for all files Apache sends to clients.

All that is left to do is to restart Apache once again

update-rc.d apache2 restart

Rotate logs for virtual domains

Since log files for every domain are located in the /home/www/DOMAIN-NAME/logs we need to make appropriate changes to the logrotate utility which is used for rotating log files.

Create a file /etc/logrotate.d/apache2-virtual and for each virtual domain you have you have to create a section that looks like this:

/home/www/*.log {
        rotate 52 
        create 644 www-data www-data
                /usr/lib/cgi-bin/ -update
                if [ -f "`. /etc/apache2/envvars ; echo ${APACHE_PID_FILE:-/var/run/}`" $
                        /etc/init.d/apache2 reload > /dev/null

This will rotate log files for the domain, and it will run awstats update script before rotating log files so we do not loose any statistical information. Details about installing awstats are in the next section.

You have to change the location of the log file for every domain you host, and change to match the awstats identifier.

Note: If you do not want to use awstats, delete

                /usr/lib/cgi-bin/ -update

from the file.

Install and configure Awstats

apt-get install awstats gzip

Configure awstats

cd /usr/share/doc/awstats/examples/
gunzip awstats.model.conf.gz
cp awstats.model.conf /etc/awstats/
mkdir wwwroot
mkdir wwwroot/cgi-bin
cp awstats.model.conf wwwroot/cgi-bin/

Copying awstats.model.conf to /etc/awstats/ is needed because this file is referenced from the script, but somebody forgot to put it there when they were packaging awstats for Debian.

Run the awstats configuration script:

atlantis:/usr/share/doc/awstats/examples# perl

----- AWStats awstats_configure 1.0 (build 1.7) (c) Laurent Destailleur -----
This tool will help you to configure AWStats to analyze statistics for
one web server. You can try to use it to let it do all that is possible
in AWStats setup, however following the step by step manual setup
documentation (docs/index.html) is often a better idea. Above all if:
- You are not an administrator user,
- You want to analyze downloaded log files without web server,
- You want to analyze mail or ftp log files instead of web log files,
- You need to analyze load balanced servers log files,
- You want to 'understand' all possible ways to use AWStats...
Read the AWStats documentation (docs/index.html).

-----> Running OS detected: Linux, BSD or Unix
Warning: AWStats standard directory on Linux OS is '/usr/local/awstats'.
If you want to use standard directory, you should first move all content
of AWStats distribution from current directory:
to standard directory:
And then, run from this location.
Do you want to continue setup from this NON standard directory [yN] ? y

-----> Check for web server install

Enter full config file path of your Web server.
Example: /etc/httpd/httpd.conf
Example: /usr/local/apache2/conf/httpd.conf
Example: c:\Program files\apache group\apache\conf\httpd.conf
Config file path ('none' to skip web server setup):
> /etc/apache2/apache2.conf

-----> Check and complete web server config file '/etc/apache2/apache2.conf'

-----> Need to create a new config file ?
Do you want me to build a new AWStats config/profile
file (required if first install) [y/N] ? y

-----> Define config file name to create
What is the name of your web site or profile analysis ?
Example: demo
Your web site, virtual server or profile name:
> default

-----> Define config file path
In which directory do you plan to store your config file(s) ?
Default: /etc/awstats
Directory path to store config file(s) (Enter for default):

-----> Create config file '/etc/awstats/awstats.default.conf'
 Config file /etc/awstats/awstats.default.conf created.

-----> Add update process inside a scheduler
Sorry, does not support automatic add to cron yet.
You can do it manually by adding the following command to your cron:
/usr/share/doc/awstats/examples/wwwroot/cgi-bin/ -update -config=default
Or if you have several config files and prefer having only one command:
/usr/share/doc/awstats/examples/tools/ now
Press ENTER to continue...

A SIMPLE config file has been created: /etc/awstats/awstats.default.conf
You should have a look inside to check and change manually main parameters.
You can then manually update your statistics for 'default' with command:
> perl -update -config=default
You can also read your statistics for 'default' with URL:
> http://localhost/awstats/

Press ENTER to finish...
nano /etc/awstats/awstats.default.conf

change LogFile= to


Run awstats

/usr/lib/cgi-bin/ -update -config=default

This will run awstats for the default profile. Default profile takes care of the log files that are used when serving content from the /var/www. Since, you probably will just use virtual domains you have to create a separate awstats config file for each domain. Just make sure that every domain has a different answer for Your web site, virtual server or profile name: question.

You will also have to edit config file for each domain (located in /etc/awstats) and change the location to the config file.

Awstats package has created a cron job that should generate logs for awstats regularly, but it doesn't fit our needs, so we are going to edit it, open /etc/cron.d/awstats and replace

0,10,20,30,40,50 * * * * www-data [ -x /usr/lib/cgi-bin/ -a -f /etc/awstats/awstats.conf -a -r /var/log/apache/access.log ] && /usr/lib/cgi-bin/ -config=awstats -update >/dev/null

with an entry for every one of our domains

0,10,20,30,40,50 * * * * www-data /usr/lib/cgi-bin/ -config=default -update >/dev/null

The is also alo a script in /usr/share/doc/awstats/examples/ that you can use to update all domains at once.

To display data awstats created fetch the latest version of Jawstats and unpack it somewhere in you domains public_html folder. Copy config.dist.php to config.php and add all the domains you want Jawstats to fetch information from the database awstats creates.

Important: If you store all awstats information for you virtual domains in the same place. One user of the server will be able to edit config.php and view statistics for other domain. If this is an issue for you, you should change awstats domain configuration files and point DirData for each domain to a separate folder. You could for example create awstats inside every /home/www/domain. Youd would then have 3 folders inside every /home/www/domain directory

  • logs - raw access and error log files from Apache
  • public - place to put your web site in (this is the folder Apache looks in when serving pages)
  • awstats - awstats database (processed Apache log files)

Configure HTTPS

If you need HTTPS access to your virtual hosts you will have to:

  1. create a certificate for the virtual domain that you want to serve using HTTPS
  2. add a new <VirtualHost> section into your /etc/apache2/sites-available/domain file (you can use the content from default-ssl as a template for this section)
  3. open port 443 on your firewall
debian/apache.txt · Last modified: 2015/03/13 23:29 (external edit)