How to Install Apache Server

Apache HTTP Server, commonly referred to as Apache, is one of the most widely used open-source web servers in the world. Since its initial release in 1995, Apache has powered a significant portion of websites across the internet, from small personal blogs to large enterprise applications. Its reliability, flexibility, and extensive module support make it the preferred choice for developers, system administrators, and hosting providers alike. Installing Apache correctly is a foundational skill for anyone working in web development, DevOps, or server management. Whether you’re setting up a local development environment or deploying a production website, understanding how to install and configure Apache ensures your web content is delivered efficiently and securely.

This guide provides a comprehensive, step-by-step walkthrough for installing Apache Server on the most common operating systems — Linux (Ubuntu and CentOS), macOS, and Windows. Beyond installation, we cover essential best practices, recommended tools, real-world deployment examples, and answers to frequently asked questions. By the end of this tutorial, you’ll not only have a fully functional Apache server but also the knowledge to maintain, secure, and optimize it for performance.

Step-by-Step Guide

Installing Apache on Ubuntu (Linux)

Ubuntu, one of the most popular Linux distributions, makes installing Apache straightforward thanks to its advanced package management system, APT. Follow these steps to install Apache on Ubuntu 22.04 LTS or later:

1. Update your system packages. Open a terminal and run:

sudo apt update && sudo apt upgrade -y

This ensures your system has the latest security patches and package information.

2. Install Apache using the APT package manager:

sudo apt install apache2 -y

The installation process automatically configures Apache with default settings, creates necessary directories, and starts the service.

3. Verify that Apache is running:

sudo systemctl status apache2

You should see output indicating that the service is “active (running).” If it’s not, start it manually with:

sudo systemctl start apache2

4. Enable Apache to start automatically on boot:

sudo systemctl enable apache2

5. Test the installation by opening a web browser and navigating to:

http://localhost or http://your-server-ip

If Apache is installed correctly, you’ll see the default Ubuntu Apache welcome page with the message “It works!”

6. Locate the default web root directory:

The primary directory where your website files should be placed is:

/var/www/html

You can place your HTML, CSS, and JavaScript files here. For example, create a simple test file:

sudo nano /var/www/html/index.html

Add this content:

<!DOCTYPE html>
<html>
<head>
<title>My Apache Server</title>
</head>
<body>
<h1>Welcome to My Apache Server on Ubuntu</h1>
<p>This page is served by Apache.</p>
</body>
</html>

Save and exit (Ctrl+O, Enter, Ctrl+X). Refresh your browser to see your custom page.

Installing Apache on CentOS / RHEL / Rocky Linux

CentOS, RHEL, and their derivatives like Rocky Linux use the DNF (or YUM on older versions) package manager. The process is similar but with different commands.

1. Update your system:

sudo dnf update -y

On older versions (CentOS 7 or RHEL 7), use:

sudo yum update -y

2. Install Apache (httpd package):

sudo dnf install httpd -y

3. Start the Apache service:

sudo systemctl start httpd

4. Enable Apache to start on boot:

sudo systemctl enable httpd

5. Check the service status:

sudo systemctl status httpd

6. Configure the firewall (if enabled):

If you’re using firewalld (default on CentOS/RHEL), allow HTTP traffic:

sudo firewall-cmd --permanent --add-service=http

sudo firewall-cmd --reload

7. Test the installation by visiting your server’s IP address in a browser:

http://your-server-ip

You should see the default Apache test page.

8. Locate the web root:

On CentOS/RHEL, the default document root is:

/var/www/html

Place your files here, just as on Ubuntu.

Installing Apache on macOS

macOS comes with Apache pre-installed, but it’s often disabled by default. You can enable and configure it without installing additional software.

1. Open Terminal (Applications → Utilities → Terminal).

2. Start Apache:

sudo apachectl start

You may be prompted to enter your administrator password.

3. Verify Apache is running by visiting:

http://localhost

You should see the message “It works!” — this confirms Apache is active.

4. Find the document root:

The default web directory on macOS is:

/Library/WebServer/Documents

Place your HTML files here. For example:

sudo nano /Library/WebServer/Documents/index.html

Add your content and save.

5. Enable user directories (optional):

If you want to serve content from your personal folder (e.g., ~/Sites), uncomment the following line in the Apache configuration:

sudo nano /etc/apache2/httpd.conf

Find and remove the

from:

Include /private/etc/apache2/extra/httpd-userdir.conf

Then, enable user directories:

sudo nano /etc/apache2/extra/httpd-userdir.conf

Uncomment:

Include /private/etc/apache2/users/*.conf

Create a Sites folder in your home directory:

mkdir ~/Sites

Create a user config file:

sudo nano /etc/apache2/users/yourusername.conf

Add:

<Directory "/Users/yourusername/Sites/">
Options Indexes MultiViews FollowSymLinks
AllowOverride All
Require all granted
</Directory>

Replace yourusername with your actual macOS username.

6. Restart Apache:

sudo apachectl restart

Now you can access your site at: http://localhost/~yourusername

Installing Apache on Windows

While Linux is the preferred environment for Apache in production, Windows is commonly used for local development. Here’s how to install Apache on Windows 10 or 11.

1. Download Apache for Windows:

Visit the official Apache Lounge: https://www.apachelounge.com/download/

Download the latest version of the Apache HTTP Server (e.g., httpd-2.4.x-win64-V17.zip).

2. Extract the ZIP file:

Extract the contents to a directory like C:\Apache24. Avoid spaces in the path.

3. Install Microsoft Visual C++ Redistributable:

Apache requires the Visual C++ Redistributable for Visual Studio 2019. Download and install it from Microsoft’s official site if not already present.

4. Configure Apache:

Open C:\Apache24\conf\httpd.conf in a text editor (e.g., Notepad++).

Find the line:

ServerRoot "c:/Apache24"

Ensure it matches your installation path.

Find:

DocumentRoot "c:/Apache24/htdocs"

<Directory "c:/Apache24/htdocs">

These define where your website files are stored. You can change this to another folder if desired.

5. Install Apache as a Windows service:

Open Command Prompt as Administrator.

Navigate to the Apache bin directory:

cd C:\Apache24\bin

Install the service:

httpd -k install

6. Start the Apache service:

httpd -k start

Alternatively, use the Services app (press Win+R, type services.msc, find “Apache2.4”, and click Start).

7. Test the installation:

Open a browser and go to: http://localhost

You should see the Apache test page.

8. Place your website files in:

C:\Apache24\htdocs

For example, create index.html with your content.

Best Practices

Use a Non-Root User for Apache

Apache runs under a dedicated system user — typically www-data on Ubuntu or apache on CentOS. Never run Apache as the root user. This is a critical security measure. If a vulnerability is exploited, limiting the process to a non-privileged user reduces the potential damage.

Verify the user and group in your Apache configuration:

On Ubuntu: grep -E "^(User|Group)" /etc/apache2/apache2.conf

On CentOS: grep -E "^(User|Group)" /etc/httpd/conf/httpd.conf

Ensure they are set to non-root accounts like www-data or apache.

Secure Your Apache Configuration

Apache’s default configuration is designed for ease of use, not security. Apply these hardening steps:

• Disable server signature: Add ServerSignature Off and ServerTokens Prod to your Apache config to hide version details from attackers.
• Restrict directory indexing: Set Options -Indexes to prevent listing directory contents.
• Use .htaccess wisely: Avoid enabling .htaccess files unless necessary. They introduce performance overhead. Instead, configure settings directly in the main Apache config.
• Limit file uploads: If your site allows uploads, restrict file types, size, and location outside the web root.

Enable HTTPS with Let’s Encrypt

Modern websites must use HTTPS. Apache supports SSL/TLS via mod_ssl. Install a free certificate from Let’s Encrypt using Certbot:

On Ubuntu:

sudo apt install certbot python3-certbot-apache -y

sudo certbot --apache -d yourdomain.com

Follow the prompts. Certbot automatically configures Apache to use SSL and sets up automatic renewal.

Optimize Performance with Caching and Compression

Enable mod_deflate to compress responses:

Add to your Apache config:

<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/html text/css application/json application/javascript text/xml application/xml
</IfModule>

Enable mod_expires for browser caching:

<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
</IfModule>

Regular Log Monitoring

Apache logs access and error information in:

• Access logs: /var/log/apache2/access.log or /var/log/httpd/access_log
• Error logs: /var/log/apache2/error.log or /var/log/httpd/error_log

Use tools like tail -f to monitor logs in real time:

sudo tail -f /var/log/apache2/error.log

Set up log rotation with logrotate to prevent disk space issues.

Keep Apache Updated

Apache releases security patches regularly. Always keep your server updated:

On Ubuntu: sudo apt update && sudo apt upgrade apache2

On CentOS: sudo dnf update httpd

Subscribe to Apache’s security mailing list to stay informed about critical vulnerabilities.

Tools and Resources

Essential Apache Modules

Apache’s power comes from its modular architecture. Install these essential modules:

• mod_rewrite – Enables URL rewriting for clean, SEO-friendly URLs.
• mod_ssl – Required for HTTPS.
• mod_headers – Allows manipulation of HTTP headers for security and caching.
• mod_security – A web application firewall (WAF) that protects against common attacks like SQL injection and XSS.
• mod_cache – Improves performance by caching dynamic content.

Enable modules using:

Ubuntu: sudo a2enmod module_name

CentOS: Edit httpd.conf and uncomment the LoadModule line.

Configuration Management Tools

For managing multiple servers, consider automation tools:

• Ansible – Automate Apache installation and configuration across servers.
• Docker – Run Apache in a container for consistent environments.
• Chef / Puppet – Enterprise-grade configuration management.

Example Ansible playbook snippet:

- name: Install Apache
apt:
name: apache2
state: present
when: ansible_os_family == "Debian"
- name: Start Apache
systemd:
name: apache2
state: started
enabled: yes

Monitoring and Diagnostics

Use these tools to monitor Apache health:

• Apache mod_status – Provides real-time server statistics. Enable by uncommenting Location /server-status in config.
• Netdata – Real-time performance monitoring with Apache dashboards.
• Logwatch – Daily email summaries of Apache logs.
• Webalizer / AWStats – Generate visual reports from access logs.

Online Resources

• Official Apache Documentation – The most authoritative source.
• Apache Module Documentation – Detailed descriptions of all modules.
• DigitalOcean Tutorials – Practical, community-tested guides.
• Server Fault – Q&A for system administrators.

Real Examples

Example 1: Hosting a Static Portfolio Website

A freelance designer wants to host a simple HTML/CSS/JS portfolio site on a $5/month VPS. They choose Ubuntu 22.04 and Apache.

Steps taken:

• Installed Apache using apt install apache2.
• Created a custom index.html with their portfolio, CSS, and JavaScript.
• Set up a domain name (portfolio.com) pointing to the server’s IP.
• Installed Let’s Encrypt with Certbot to enable HTTPS.
• Disabled directory listing and server signature for security.
• Enabled gzip compression and browser caching.

Result: The site loads in under 1.2 seconds, scores 98/100 on PageSpeed Insights, and is fully secure.

Example 2: Local Development with WordPress

A developer wants to test a WordPress theme locally before deploying it. They use macOS and Apache.

Steps taken:

• Enabled Apache via sudo apachectl start.
• Created a ~/Sites/wordpress directory.
• Installed MySQL and PHP using Homebrew.
• Configured Apache to use the Sites directory as a virtual host.
• Added an entry to /etc/hosts: 127.0.0.1 wordpress.local.
• Installed WordPress and configured wp-config.php.

Result: The developer can access the site at http://wordpress.local and test changes without affecting the live site.

Example 3: Enterprise API Backend

A company runs a REST API behind Apache on CentOS. They need high availability and security.

Steps taken:

• Installed Apache with mod_proxy and mod_ssl.
• Configured Apache as a reverse proxy to forward requests to a Node.js backend on port 3000.
• Installed mod_security with OWASP Core Rule Set to block malicious traffic.
• Set up load balancing across two backend servers using mod_proxy_balancer.
• Enabled HSTS and HTTP/2 for performance and security.
• Monitored traffic with Netdata and set up alerts for 5xx errors.

Result: The API handles 10,000+ requests per minute with 99.99% uptime and zero security breaches in 12 months.

FAQs

Is Apache still relevant in 2024?

Yes. Although newer servers like Nginx are gaining popularity for high-traffic sites, Apache remains the most widely deployed web server globally. Its strength lies in its flexibility, extensive module ecosystem, and compatibility with legacy systems. For many use cases — especially shared hosting, CMS platforms like WordPress, and dynamic content — Apache is still the optimal choice.

What’s the difference between Apache and Nginx?

Apache uses a process-based model (prefork or worker), which handles each request in a separate thread or process. Nginx uses an event-driven, asynchronous architecture, making it more efficient under heavy concurrent loads. Apache excels at handling dynamic content with modules like mod_php, while Nginx is often paired with FastCGI (e.g., PHP-FPM). Many sites use Nginx as a reverse proxy in front of Apache for optimal performance.

How do I change the default port of Apache?

Edit the Apache configuration file (httpd.conf or ports.conf) and change the line:

Listen 80 to Listen 8080 (or any other port).

Then update your firewall rules to allow traffic on the new port. Restart Apache afterward.

Why can’t I access my Apache server from another device?

Common causes:

• Firewall blocking port 80 (or 443).
• Server only listening on localhost (127.0.0.1) — check Listen directive in config.
• Incorrect IP address or DNS configuration.
• Apache is running but not bound to the public interface.

Use netstat -tlnp | grep :80 (Linux) or lsof -i :80 to verify Apache is listening on the correct interface.

How do I restart Apache after making configuration changes?

Always test your configuration before restarting:

Ubuntu/CentOS: sudo apache2ctl configtest or sudo httpd -t

If the test returns “Syntax OK,” restart with:

sudo systemctl restart apache2 (Ubuntu)

sudo systemctl restart httpd (CentOS)

On macOS: sudo apachectl restart

Can I run multiple websites on one Apache server?

Yes, using Virtual Hosts. Each site has its own configuration block in Apache:

<VirtualHost *:80>
ServerName site1.com
DocumentRoot /var/www/site1
</VirtualHost>
<VirtualHost *:80>
ServerName site2.com
DocumentRoot /var/www/site2
</VirtualHost>

Enable the sites with a2ensite on Ubuntu or include them in the main config on CentOS.

How do I troubleshoot a 403 Forbidden error?

Common causes:

• Incorrect file permissions — ensure files are readable by the Apache user: chmod 644 index.html
• Directory permissions — ensure the directory has execute permission: chmod 755 /var/www/html
• Missing index file — ensure index.html or index.php exists.
• Apache config denies access — check Require all granted in the <Directory> block.

Does Apache support PHP?

Yes, but not by default. Install PHP and the Apache module:

Ubuntu: sudo apt install php libapache2-mod-php

CentOS: sudo dnf install php php-common

Then restart Apache. Create a info.php file with <?php phpinfo(); ?> to verify.

How often should I update Apache?

Update Apache immediately when a security patch is released. At a minimum, perform updates monthly. Use automated tools like unattended-upgrades (Ubuntu) or yum-cron (CentOS) to apply critical updates automatically.

Conclusion

Installing Apache Server is a fundamental skill that opens the door to web development, server administration, and DevOps. Whether you’re setting up a local development environment on macOS, deploying a production website on Ubuntu, or configuring a high-performance backend on CentOS, the principles remain consistent: install, configure, secure, and optimize. This guide has provided you with detailed, platform-specific instructions, best practices for security and performance, essential tools, real-world examples, and answers to common challenges.

Remember that installation is only the beginning. The real value lies in maintaining your server — monitoring logs, applying updates, securing configurations, and optimizing performance. Apache’s longevity is a testament to its robustness and adaptability. By mastering its installation and configuration, you’re not just setting up a server — you’re building a foundation for reliable, scalable, and secure web applications.

Now that you’ve successfully installed Apache, take the next step: deploy your first website, configure SSL, and explore advanced features like reverse proxying and load balancing. The web is waiting — and your server is ready.