How to configure Apache in Magento 2?

Apache config in Magento consists of few parts and the first part is to configure the Apache as an unsecure proxy:

Configuring proxy

Step 1. Enable mod_proxy:

a2enmod proxy_http

Step 2. Open the /etc/apache2/sites-available/000-default.conf with the help of text editor.

Step 3. Put the following command to the top of the file:

Listen 8080


Step 4. Put the following command to the bottom of the file:

<VirtualHost *:8080>
    ProxyPass "/" "http://localhost:9200/"
    ProxyPassReverse "/" "http://localhost:9200/"
</VirtualHost>

Step 5. Restart Apache:

service apache2 restart


Step 6. Make sure the proxy is working by typing the following command:

curl -i http://localhost:<proxy port>/_cluster/health


Messages like the one below indicate success:

HTTP/1.1 200 OK
Date: Tue, 23 Feb 2019 20:38:03 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 389
Connection: keep-alive
{"cluster_name":"elasticsearch","status":"yellow","timed_out":false,"number_of_nodes":1,"number_of_data_nodes":1,"active_primary_shards":5,
"active_shards":5,"relocating_shards":0,"initializing_shards":0,"unassigned_shards":5,"delayed_unassigned_shards":0,"number_of_pending_tasks":0,
"number_of_in_flight_fetch":0,"task_max_waiting_in_queue_millis":0,"active_shards_percent_as_number":50.0}

Setting up HTTP Basic authentication

The next part of the Magento 2 Apache configuration is securing communication between Apache and Elasticsearch using HTTP Basic Authentication:

Step 1. Create a password by installing the htpasswd:

mkdir -p /usr/local/apache/password
htpasswd -c /usr/local/apache/password/.<password file name> <username>


Step 2. Configure a secure virtual host by specifying who can access the Apache server:

Open the /etc/apache2/sites-available/default-ssl.conf  and edit it with the help of text editor:

<Proxy *>
    Order deny,allow
    Allow from all
    AuthType Basic
    AuthName "Elastic Server"
    AuthBasicProvider file
    AuthUserFile /usr/local/apache/password/.htpasswd_elasticsearch
    Require valid-user
  # This allows OPTIONS-requests without authorization
  <LimitExcept OPTIONS>
        Require valid-user
  </LimitExcept>
</Proxy>


If you added the above information to your secure virtual host, remove the 
Listen 8080 and <VirtualHost *: 8080> directives. 

Save the changes, close the editor, and restart Apache.

Step 3. Make sure communication is secure

This can be done in two ways:

  • Using the curl command to check
  • Configuring Basic HTTP Authentication in Magento Admin

Magento Apache config is a complex process that requires technical knowledge. Our experts can bring full-cycle Magento 2 services including Apache configuration. You will get a free consultation, individual approach, dedicated Project Manager, and 2 months of free support for the jobs done.

How can we help you?

Didn’t you find the answer to your question? We are always happy to help you out.