Apache Configuration, Tuning, Indexing, SSL and Security Explained – Part 2

Introduction

Apache HTTP Server is one of the most widely used web servers.
Understanding its configuration, performance tuning, indexing, and security is important for Linux administrators and students learning web server management.

Apache Configuration Basics

The main configuration file is located at:

/etc/httpd/conf/httpd.conf  (Rocky/CentOS)

Other configuration files can be included from /etc/httpd/conf.d/.

Key Apache Tuning Parameters

• MaxRequestWorkers: Maximum number of simultaneous clients.
• KeepAlive: Enable or disable persistent connections.
• Timeout: Maximum time to wait for client requests.
• ServerLimit: Maximum configured value for MaxRequestWorkers.
• StartServers, MinSpareServers, MaxSpareServers: Control child processes in prefork MPM.

Apache Indexing

Apache can display directory listings if no index file is found. This is controlled by the Options Indexes directive in configuration or .htaccess file.

Understanding .htaccess File

The .htaccess file allows directory-level configuration such as:

• URL redirection
• Password protection
• Enabling/disabling directory listing
• Custom error pages

SSL Implementation

To secure Apache with HTTPS:

sudo dnf install mod_ssl -y
sudo systemctl restart httpd

SSL certificates are stored in /etc/pki/tls/certs/ and keys in /etc/pki/tls/private/.

Apache Security Tips

• Disable unnecessary modules.
• Limit access using Require ip or Allow/Deny.
• Keep Apache and system updated.
• Use strong SSL/TLS protocols and ciphers.
• Monitor Apache logs in /var/log/httpd/.

Conclusion

By understanding Apache configuration, tuning parameters, directory indexing, .htaccess, SSL, and security, students and Linux administrators can manage web servers efficiently and safely.
These concepts are essential for running production environments and preparing for interviews.