Setup for server running Apache2 as hosting services on Ubuntu 24.04 server freshly installed.
Change user password
passwd ${USER}
Configure APT sources
sudo add-apt-repository -y main && sudo add-apt-repository -y restricted && sudo add-apt-repository -y universe && sudo add-apt-repository -y multiverse
Keep system safe
sudo apt -y update && sudo apt -y upgrade && sudo apt -y dist-upgrade
sudo apt -y remove && sudo apt -y autoremove
sudo apt -y clean && sudo apt -y autoclean
Disable error reporting
sudo sed -i "s/enabled=1/enabled=0/" /etc/default/apport
Edit SSH settings
sudo sed -i "s/#Port 22/Port 49622/" /etc/ssh/sshd_config
sudo sed -i "s/#LoginGraceTime 2m/LoginGraceTime 2m/" /etc/ssh/sshd_config
sudo sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin no/" /etc/ssh/sshd_config
sudo sed -i "s/#StrictModes yes/StrictModes yes/" /etc/ssh/sshd_config
sudo systemctl restart ssh.service
Install prerequisite packages
sudo apt -y install libsodium-dev
Install necessary softwares
sudo apt -y install apache2 apt-transport-https autoconf curl build-essential gcc git gpg make nano software-properties-common unattended-upgrades wget
sudo systemctl status apache2.service
Install PHP 8.3
sudo apt -y install php8.3 php8.3-cli php8.3-{bz2,curl,mbstring,intl} libapache2-mod-php8.3
sudo a2enmod php8.3
sudo systemctl reload apache2.service
sudo truncate -s 0 /var/www/html/index.html
Setting the firewall
sudo ufw app list
sudo ufw allow OpenSSH
sudo ufw allow 49622/tcp
sudo ufw allow 80/tcp
sudo ufw enable
sudo ufw status
Reboot server
sudo reboot now
If you prefer and in order to save time, you can use our deployment script which reproduces all the commands above.
cd /tmp/ && wget -O - https://raw.githubusercontent.com/neoslab/apacheserver/main/install.sh | bash
We will now create a virtual host which will host the content of our site.
sudo mkdir -p /var/www/<website-domain>/public_html
sudo chown -R $USER:$USER /var/www/<website-domain>/public_html
sudo chmod -R 755 /var/www
echo "Hello Domain" | sudo tee /var/www/<website-domain>/public_html/index.html >/dev/null
sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/<website-domain>.conf
sudo nano /etc/apache2/sites-available/<website-domain>.conf
Copy and edit the below content according to your hidden service URL.
<VirtualHost *:80>
ServerAdmin webmaster@<website-domain>
ServerName <website-domain>
ServerAlias www.<website-domain>
DocumentRoot /var/www/<website-domain>/public_html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Add the website to Apache configuration
sudo a2ensite <website-domain>.conf
Check the configuration
sudo apache2ctl configtest
Restart Apache server
sudo systemctl restart apache2.service
We can now visit our website using Tor Browser and pointing to the onion address we just configured above.