Host multiple websites on Apache in CentOS

This tutorial shows how to setup Apache Virtual Hosts in CentOS 7. This is useful if you want to host more than one website on a single CentOS web server. For instructions on how to setup Apache, PHP, and SQL database on CentOS 7, check this article

Setup folder structure for your websites

We are going to create 2 folders for each website. The first will hold HTML and other content, second - log files.

/var/www/sites/domain1/html
/var/log/httpd/domain1

/var/www/sites/domain2/html
/var/log/httpd/domain2

/var/www/sites/domain3/html
/var/log/httpd/domain3

Log files will be stored in var/log/httpd/... subfolders, which is the default place to store log files in Linux. People often store Apache log files in /var/www/ subfolders, but in CentOS with SELinux enabled this can cause access denied errors. This can be fixed with chcon command, but I prefer to store all my log files in /var/logs... 

You can also place index.html files with some sample text in each html directory which we'll use later for testing.

Connect external VOIP client to Trixbox Asterisk via NAT

Trixbox Asterisk

Background

  • Tixbox Asterisk VOIP server on company's LAN network.
  • Remote client with Linksys SPA 942 VOIP phone trying to connect to Asterisk VOIP server via WAN (no VPN).
  • Remote client has a static external IP address 82.67.44.44
  • SonicWall firewall on company's network is configured as follows:
    • The firewall has a range of 8 external IP addresses, and one IP address (195.54.99.99) is dedicated to the VOIP service.
    • All incoming traffic from 82.67.44.44 to 195.54.99.99 is allowed and routed to the VOIP server.
    • All outgoing traffic from the VOIP server is allowed and routed via 195.54.99.99.
  • Draytek Vigor firewall on client's side doesn't have any special setup. All outgoing traffic is allowed, and all incoming traffic is blocked by NAT.

Find if permission denied errors are caused by SELinux

SELinux, short for Security Enhanced Linux, is a Linux security module that is part of many Linux server distributions. While SELinux increases server security (despite being created by NSA), it often results in some unexpected access/permission denied errors.

If you get one of such errors on a server with SELinux enabled, and there are no obvious file permission issues, you should check if the issue is caused by SELinux. To check the status of SELinux, run:

sestatus

You should get something like this:

SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 28

"Current mode: enforcing" indicates that SELinux is running.

Install and configure CentOS web server (LAMP)

Install CentOS (minimal install).

CentOS installation

Configure network

Run: ip a to find your network adaptor's name. In my case the adaptor is called ens32.

Navigate to /etc/sysconfig/network-scripts/ and open network configuration file with your network adaptor name, i.e. ifcfg-ens32

vi ifcfg-ens32

Edit the file replacing all IP addresses according to your network requirements. 

HWADDR =00:0B:27:A1:DC:1A
TYPE=Ethernet
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.0.10
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
DNS1=8.8.8.8
DMS2=208.67.222.222

Start network:

service network start

Run: ip a again to make sure configuration was applied correctly. You should now have working network connection.



Newsletter

Subscribe to receive occasional updates on new posts.
Your email will not be used for any other purpose and you can unsubscribe at any time.
Please wait
Privacy Policy