Introduction to Apache


Last modified: September 28, 2020

Overview

EasyApache 4 installs and manages the Apache web server and all of its components. When you install cPanel & WHM, the installation process automatically runs EasyApache 4, which installs Apache with the basic requirements for a functional web server.

To modify your Apache configuration, use WHM’s EasyApache 4 interface (WHM >> Home >> Software >> EasyApache 4).

Important:

The Apache Software Foundation develops the Apache HTTP Server Project, which provides the Apache web server software.

  • For information about the development of the Apache web server, read Apache’s HTTP Server Project documentation.
  • For an introduction to the Apache web server, read Apache’s Getting Started documentation.

Apache versions

When the Apache development team releases a new version of Apache, we test the software and update EasyApache 4’s RPMs.

Minor version number changes do not impact functionality, but major updates may require changes to your configuration. In many cases, EasyApache 4 makes the necessary adjustments automatically. If you have a custom configuration, you may need to make further manual adjustments.

EasyApache 4 only supports Apache 2.4.

Note:
When you migrate from EasyApache 3 to EasyApache 4, you must upgrade any profile that contains an older version of Apache. For more information on the migration process, read our The EasyApache 3 to EasyApache 4 Migration Process documentation.

Components of Apache

Your Apache configuration includes the following components by default:

  • The core Apache modules — Your Apache configuration includes the necessary modules to perform the basic duties of a web server.
  • The most common Apache modules — Your Apache configuration includes the modules that most webservers use.
  • A Multi-Processing Module (MPM) — Your Apache configuration uses MPM Prefork. The MPM that you select determines how Apache handles requests.
  • PHP — Your Apache configuration includes PHP versions 7.1, 7.2, and 7.3 by default.
    • PHP versions 7.0 and earlier are deprecated. After deprecation, they may not appear as options in some cPanel & WHM interfaces.
    • For more information, read our Introduction to PHP documentation.

Apache modules

Default Apache modules

The cPanel Default profile includes the following Apache modules by default:

Note:
The cPanel Default profile provides the basic components of a webserver. cPanel & WHM installs this profile by default on new installations.

  • mod_cgi — Handles CGI requests.
  • mod_deflate — Compresses content before delivery to the client.
  • mod_expires — Generates Expires and Cache-Control HTTP headers with to user-specified criteria.
  • mod_headers — Customization of HTTP request and response headers.
  • mod_mpm_prefork — Implements a non-threaded, pre-forking web server.
  • mod_proxy— HTTP/1.1 proxy/gateway server.
  • mod_proxy_fcgi — FastCGI proxy module for the Apache HTTP server.
  • mod_ruid2 — Allows a domain’s HTTP requests to run as the owner of that domain
  • mod_security2 — A web application firewall. For more information, read our Apache Module: ModSecurity documentation.
  • mod_ssl — Handles security through the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.
  • mod_unique_id — Provides an environment variable with a unique identifier for each request.

Other available Apache modules

You can select other Apache modules in the Apache Modules section of WHM’s EasyApache 4 interface (WHM >> Home >> Software >> EasyApache 4) when you customize a profile.

  • mod_allowmethods — Restrict which HTTP methods the server can use.
  • mod_asis — As-is provider module for the Apache HTTP server.
  • mod_auth_digest — HTTP Digest Authentication module for the Apache HTTP server.
  • mod_authn_anon — Anonymous-user authentication module for the Apache HTTP server.
  • mod_authn_dbd — DBD-based authentication module for the Apache HTTP server.
  • mod_authn_dbm — DBM-based authentication module for the Apache HTTP server.
  • mod_authn_socache — Shared-memory authentication caching module for the Apache HTTP server.
  • mod_authnz_ldap — LDAP authentication/authorization module for the Apache HTTP server.
  • mod_authz_dbd — DBD-based group authorization module for the Apache HTTP server.
  • mod_authz_dbm — DBM-based group authorization module for the Apache HTTP server.
  • mod_authz_owner — Ownership-based authorization module for the Apache HTTP server.
  • mod_buffer — Request buffering module for the Apache HTTP server.
  • mod_brotli — Compression module for the Apache HTTP server. For more information, read our Apache Module: Brotli documentation.
Note:
If you install this module, it applies to all virtual hosts.
  • mod_bw — Bandwidth limitation options for the Apache HTTP server.
Note:
This module uses the /usr/local/cpanel/scripts/setbwlimit script to modify bandwidth limits. For more information, run the /usr/local/cpanel/scripts/setbwlimit —help command.
  • mod_cache — Content caching module for the Apache HTTP server.
  • mod_cache_disk — Disk-based caching module for the Apache HTTP server.
  • mod_cache_socache — Shared-memory caching module for the Apache HTTP server.
  • mod_cgid — CGI module for the Apache HTTP server.
  • mod_charset_lite — Character set conversion module for the Apache HTTP server.
  • mod_cpanel — Improves how Apache processes requests.
  • mod_data — RFC2379 data URL generation module for the Apache HTTP server.
  • mod_dav — DAV module for the Apache HTTP server.
  • mod_dav_fs — DAV filesystem provider module for the Apache HTTP server.
  • mod_dav_lock — Generic DAV locking module for the Apache HTTP server.
  • mod_dbd — Database connection module for the Apache HTTP server.
  • mod_dialup — Bandwidth rate limiting module for the Apache HTTP server.
  • mod_dumpio — Debug logging module for the Apache HTTP server.
  • mod_env — Environment variable module for the Apache HTTP server.
  • mod_evasive — DoS, DDoS, and brute force attack protection for the Apache HTTP server. For more information, read our Apache Module: Evasive documentation.
  • mod_ext_filter — Generic filter module for the Apache HTTP server.
  • mod_file_cache — Static file caching module for the Apache HTTP server.
  • mod_heartbeat — Status reporting module for the Apache HTTP server.
  • mod_heartmonitor — Heartbeat monitoring module for the Apache HTTP server.
  • mod_http2 — The http2 module for the Apache HTTP server. For more information, read our Apache Module: HTTP2 documentation.
  • mod_imagemap — Server-side imagemap module for the Apache HTTP server.
  • mod_info — Provides a comprehensive overview of server configuration. We do not recommend this module for shared servers.
  • mod_lbmethod_bybusyness — Busyness load-balancing module for the Apache HTTP server.
  • mod_lbmethod_byrequests — Request load-balancing module for the Apache HTTP server.
  • mod_lbmethod_bytraffic — Traffic load-balancing module for the Apache HTTP server.
  • mod_lbmethod_heartbeat — Heartbeat load-balancing module for the Apache HTTP server.
  • mod_ldap — LDAP connection-handling module for the Apache HTTP server.
  • mod_log_debug — Debug logging module for the Apache HTTP server.
  • mod_log_forensic — Forensic logging module for the Apache HTTP server.
  • mod_lua — The Lua language extension module for the Apache HTTP server. For more information, read our Apache Module: Lua documentation.
Warning:
We do not recommend this module for shared servers.
  • mod_macro — Configuration macro module for the Apache HTTP server.
  • mod_mime_magic — MIME-type autosensing module for the Apache HTTP server.
  • mod_proxy_ajp — Apache JServ Protocol 1.3 proxy module for the Apache HTTP server.
  • mod_proxy_balancer — Load-balancing module for the Apache HTTP server.
  • mod_proxy_connect — CONNECT HTTP method proxy module for the Apache HTTP server.
  • mod_proxy_express — Dynamic reverse-proxy module for the Apache HTTP server.
  • mod_proxy_fdpass — File descriptor-passing proxy module for the Apache HTTP server.
  • mod_proxy_ftp — FTP proxy module for the Apache HTTP server.
  • mod_proxy_hcheck — Dynamic health check of Balancer members (workers) for mod_proxy.
  • mod_proxy_html — HTML and XML content filters for the Apache HTTP server.
  • mod_proxy_http — HTTP/HTTPS proxy module for the Apache HTTP server.
  • mod_proxy_scgi — SCGI module for the Apache HTTP server.
  • mod_proxy_wstunnel — Websockets proxy module for the Apache HTTP server.
  • mod_ratelimit — Client bandwidth limiting module for the Apache HTTP server.
  • mod_reflector — Filter-as-service module for the Apache HTTP server.
  • mod_remoteip — IP address replacement module for the Apache HTTP server.
  • mod_reqtimeout — Request timeout module for the Apache HTTP server.
  • mod_request — Request body retention module for the Apache HTTP server.
  • mod_sed — Regex replacement content filter module for the Apache HTTP server.
  • mod_session — Session interface for the Apache HTTP server.
  • mod_slotmem_plain — Slot-based memory module for the Apache HTTP server.
  • mod_socache_memcache — Memcache-based object cache module for the Apache HTTP server.
  • mod_speling — URL fallback module for the Apache HTTP server.
  • mod_substitute — Response body substitution module for the Apache HTTP server.
  • mod_suexec — Per-user/group execution module for the Apache HTTP server.
  • mod_suphp — This module executes PHP scripts with the permissions of their owners.
  • mod_usertrack — Cookie tracking module for the Apache HTTP server.
  • mod_version — Version comparing module for the Apache HTTP server.
  • mod_vhost_alias— Dynamic mass virtual hosting module for the Apache HTTP server.
  • mod_watchdog — Periodic task module for the Apache HTTP server.

Apache security

We strongly recommend that you read Apache’s Security Tips documentation.

EasyApache 4 provides a web application firewall, the ModSecurity™ Apache module.

Warning:

You must install and configure a ruleset with WHM’s ModSecurity Configuration interface (WHM >> Home >> Security Center >> ModSecurity™ Configuration) to use ModSecurity. For more information on the ModSecurity Apache module, read our Apache Module: ModSecurity documentation.

Apache file locations

  • /usr/sbin/httpd — The Apache binary file.
  • /var/log/apache2/ — This directory contains all the logs for the apache2 file and all the access logs.
  • /etc/apache2/ — This directory contains the configuration directory for Apache and contains all directories for Apache includes, modules, and configuration files. This directory does not contain log files.
    Note:
    This directory uses the symlink to the /usr/lib64/apache24/ directory.
  • /etc/apache2/conf/httpd.conf — The primary Apache configuration file.
  • /etc/apache2/conf.d/ — The primary Apache configuration file directory.
  • /etc/apache2/conf.d/includes/ — The directory that contains the include files that add content to the httpd.conf file. You can modify these configuration files via the command line interface (CLI) or WHM’s Include Editor interface (WHM >> Home >> Service Configuration >> Apache Configuration >> Include Editor).
  • /usr/lib64/apache2/modules/ — This directory contains all of the dynamic modules for Apache.
    Note:
    Some servers use the /usr/lib/apache2/modules/ directory instead.
  • /etc/apache2/logs/access_log/ — This file contains HTTP requests that the server received and that did not go to a domain.
  • /etc/apache2/logs/domlogs/ — This directory contains a log of HTTP requests that the system routed to a domain.
  • /etc/apache2/logs/error_log/ — This file contains error information.
  • /var/www/html/ — This directory contains the document root for the server. It contains default pages that users can see.
  • /etc/apache2/logs/ — This directory contains an alias to the /var/log/apache2/ directory.
  • /etc/apache2/modules/ — This directory contains an alias to the /usr/lib64/apache2/modules/ directory.

For more information, read our Advanced Apache Configuration documentation.

To see the symlinks that we assign for Apache paths, read our Advanced Apache Configuration — The paths.conf documentation.

Troubleshoot Apache

If Apache does not function correctly, we recommend that you perform the following steps to isolate the cause of the issue:

  • Build EasyApache 4 with the cPanel Default profile. If the issue no longer exists after the EasyApache build completes, then an option that you selected caused the issue.
  • If you modified your httpd.conf file, create a backup copy of your configuration file and run the /scripts/rebuildhttpdconf script to set your Apache configuration to the default. If the issue no longer exists after the script completes, then the issue relates to a directive or custom entry inside the httpd.conf file.
  • If you modified any of the files in the /etc/apache2/conf.d/includes/ directory, create a backup copy of the files and then remove all entries from the files in the directory. Restart the Apache service with the service httpd restart command. If the issue no longer exists after the Apache service restarts, then an entry in one of the include files caused the issue.

Additional Documentation