h5bp / server-configs-apache

Apache HTTP server boilerplate configs
MIT License
3.21k stars 636 forks source link
apache best-practices config h5bp htaccess httpd httpd-configuration robust standard

Apache Server Configs

Server CI

Apache Server Configs is a collection of configuration snippets that can help your server improve the website's performance and security, while also ensuring that resources are served with the correct content-type and are accessible, if needed, even cross-domain.

Getting Started

There are two options for getting the Apache server configs:

Using the Apache server configs repo directly has a few required steps to be able to work.

See also the Apache Getting Started.

Check httpd.conf settings

The first thing to check is that the httpd.conf file contains appropriate values for your specific install.

Most specific variables are:

Apache test and restart

Enable Apache httpd modules

Some configurations won't have any effect if the appropriate modules aren't enabled. So, in order for everything to work as intended, you need to ensure you have the following Apache modules enabled:

For more detailed information on configuration files and how to use them, please check the appropriate Apache documentation:

Standalone

These instructions should work on any distribution where apt-get has been used to install Apache.

  1. Open up a terminal and type the following command. Enter your password when prompted.

    sudo a2enmod setenvif headers deflate filter expires rewrite include
  2. Restart apache by using the following command, so the new configuration takes effect.

    sudo /etc/init.d/apache2 restart

With MAMP/WAMP/XAMPP

Basic structure

This repository has the following structure:

./
├── vhosts/
│   ├── 000-default.conf
│   └── templates/
├── h5bp/
│   ├── basic.conf
│   └── .../
└── httpd.conf

Usage

The default location of the configuration files is /usr/local/apache2/, but these files may be located any of a variety of places, depending on how exactly you installed the server.
Common locations for these files may be found in the httpd wiki.

As a reference

To use as reference requires no special installation steps, download/checkout the repository to a convenient location and adapt your existing httpd configuration incorporating the desired functionality from this repository.

Download the latest release archive.

Directly

To use directly, add httpd config files from this repository.
For example:

apache2ctl stop
git clone https://github.com/h5bp/server-configs-apache.git /tmp/h5bp-apache
cd /usr/local
cp -r apache2 apache2-previous
cp -r /tmp/h5bp-apache/* apache2
# install-specific edits
apache2ctl start

Manage sites

cd /usr/local/apache2/vhosts
apache2ctl reload

.htaccess file

Usage

Just copy the .htaccess file in the root of the website.

Getting options:

Custom .htaccess builds

Security, mime-type, and caching best practices evolve, and so should do your .htaccess file. In the past, with each new Apache Server Configs release it was quite tedious to find out which .htaccess trick was just new or only had changes in certain nuances.

The build script with its re-usable and customizable build configuration lets you easily update your .htaccess file. Each new .htaccess build will contain the updated Apache Server Configs source files, enabled or commented-out according to your settings in the htaccess.conf of your project root.

Configuration file: htaccess.conf

It allows you to define which module to enable or disable for your project. Just copy the default htaccess.conf from this repo into your project directory. Adjust to your needs, and/or add custom code snippets you need for your project. Its syntax is straight and pretty much self-explanatory:

# Example Module

title   "example module"
enable  "src/example-module/images.conf"
enable  "src/example-module/web_fonts.conf"
disable "src/example-module/not-needed.conf"
omit    "src/example-module/not-needed-at-all.conf"

#... more modules ...
Disabling modules

For example, the “Cross-origin web fonts” snippet is always included in our pre-built .htaccess file and enabled. If your project does not deal with web fonts, you can disable or omit this section:

This will comment out the section:

disable  "h5bp/cross-origin/web_fonts.conf"

…and this will exclude the section, saving lines in output:

omit  "h5bp/cross-origin/web_fonts.conf"
Enabling modules

For example, the “Forcing https:// snippet is disabled by default, although being included in our pre-built .htaccess. To enable this snippet, change the disable keyword to enable:

enable "h5bp/rewrites/rewrite_http_to_https.conf"
Controlling the size of the output .htaccess file

The default partials contain significant numbers of comment lines, which contain valuable guidance about how and why to use the setting as well as web references. However, some may feel that the size of the resulting .htaccess file is too large.

The special keyword no-partials-comments can be used to prevent comment lines from being copied out of the partials into .htaccess.

[!Note] This keyword does not control comments created by the build script (such as title or disabled directives), only those that are in the source partials files.

no-partials-comments
Adding custom modules

Imagine you're passing all requests to non-existing files to your favorite web framework. The according _moddir snippet would go like this:

FallbackResource index.php

Store this snippet in a file, e.g. config/framework_rewrites.conf, and add a reference in your htaccess.conf:

# PROJECT MODULES
enable "config/framework_rewrites.conf"

Build script: build.sh

Dive into your project root and call the build script from wherever you cloned the repo. Here are three examples:

  1. Create a default .htaccess

Create a default .htaccess in the current work directory. An existing htaccess.conf in this directory will be used; if none is present, the default configuration will apply.

$ path/to/server-configs-apache/bin/build.sh

# Output looks like:
[✔] Build .htaccess
[✔] Moved in place: './.htaccess'
  1. Custom output location

Just add an output path and filename as a parameter. By the way, if there's an existing .htaccess file, the build script will create a backup.

$ path/to/server-configs-apache/bin/build.sh htdocs/.htaccess
[✔] Build .htaccess
[✔] Create backup: 'htdocs/.htaccess~'
[✔] Moved in place: 'htdocs/.htaccess'
  1. Custom .htaccess configuration

Why not maintain your personal ~/htaccess.conf? This example creates a .htaccess in the current work directory, according to your favorite settings you may have stored in your $HOME directory:

path/to/server-configs-apache/bin/build.sh ./.htaccess ~/htaccess.conf

Support

Contributing

Anyone is welcome to contribute, however, if you decide to get involved, please take a moment to review the guidelines:

Acknowledgements

Apache Server Configs is only possible thanks to all the awesome contributors!

License

The code is available under the MIT license.