How to configure Apache in Magento 2?
Apache config in Magento consists of few parts and the first part is to configure the Apache as an unsecure proxy:
Configuring proxy
Step 1. Enable mod_proxy:
a2enmod proxy_http
Step 2. Open the /etc/apache2/sites-available/000-default.conf with the help of text editor.
Step 3. Put the following command to the top of the file:
Listen 8080
Step 4. Put the following command to the bottom of the file:
<VirtualHost *:8080>
ProxyPass "/" "http://localhost:9200/"
ProxyPassReverse "/" "http://localhost:9200/"
</VirtualHost>
Step 5. Restart Apache:
service apache2 restart
Step 6. Make sure the proxy is working by typing the following command:
curl -i http://localhost:<proxy port>/_cluster/health
Messages like the one below indicate success:
HTTP/1.1 200 OK
Date: Tue, 23 Feb 2019 20:38:03 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 389
Connection: keep-alive
{"cluster_name":"elasticsearch","status":"yellow","timed_out":false,"number_of_nodes":1,"number_of_data_nodes":1,"active_primary_shards":5,
"active_shards":5,"relocating_shards":0,"initializing_shards":0,"unassigned_shards":5,"delayed_unassigned_shards":0,"number_of_pending_tasks":0,
"number_of_in_flight_fetch":0,"task_max_waiting_in_queue_millis":0,"active_shards_percent_as_number":50.0}
Setting up HTTP Basic authentication
The next part of the Magento 2 Apache configuration is securing communication between Apache and Elasticsearch using HTTP Basic Authentication:
Step 1. Create a password by installing the htpasswd:
mkdir -p /usr/local/apache/password
htpasswd -c /usr/local/apache/password/.<password file name> <username>
Step 2. Configure a secure virtual host by specifying who can access the Apache server:
Open the /etc/apache2/sites-available/default-ssl.conf and edit it with the help of text editor:
<Proxy *> Order deny,allow Allow from all AuthType Basic AuthName "Elastic Server" AuthBasicProvider file AuthUserFile /usr/local/apache/password/.htpasswd_elasticsearch Require valid-user # This allows OPTIONS-requests without authorization <LimitExcept OPTIONS> Require valid-user </LimitExcept> </Proxy> |
If you added the above information to your secure virtual host, remove the Listen 8080 and <VirtualHost *: 8080> directives.
Save the changes, close the editor, and restart Apache.
Step 3. Make sure communication is secure
This can be done in two ways:
- Using the curl command to check
- Configuring Basic HTTP Authentication in Magento Admin
Magento Apache config is a complex process that requires technical knowledge. Our experts can bring full-cycle Magento 2 services including Apache configuration. You will get a free consultation, individual approach, dedicated Project Manager, and 2 months of free support for the jobs done.
Login and Registration Form