Linux Quickies #2 – Build a Webserver

The second in a short series of posts concerning things I’ve probably documented elsewhere (though not always) but which could do with being re-stated or refreshed a bit. This time, it’s how to turn a freshly-built RCSL distro into a functioning web server -which depends on getting networking right, as documented in the previous piece.

Do all that follows as root:

1. Disable SELinux

vi /etc/selinux/config

Change the line:


…to read:


SELinux prevents the web server working properly. There are ways of configuring SELinux so that it doesn’t do that, but it’s a pain and I’m not documenting it here. You don’t have to completely disable SELinux: setting the parameter to permissive will keep it switched on, but it will just warn (quietly) that web serving breaches policy, rather than stopping web serving in its tracks.

2. Disable (or modify) the Firewall

Issue these commands:

service iptables stop
chkconfig iptables off

These two commands switch off the firewall and prevent it from re-starting. Without these commands, port 80 is blocked by default, so although your web server runs, no-one would be able to talk to it, which is a bit pointless. If you prefer having a firewall switched on, you can leave it on by issuing neither of those two previous commands and instead, just open up ports 80 and 443 (for https traffic), inbound and outbound, like so:

vi /etc/sysconfig/iptables

Add these lines BEFORE the two existing REJECT statements:

-A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 
-A INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
-A OUTPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 
-A OUTPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT


service iptables restart

3. Install and configure the Software

Issue these commands:

yum install httpd
service httpd start

If you want to configure lots of subtle options, then the configuration file is available in /etc/httpd/conf/httpd.conf -but usually, everything just works OK without any further configuration. You can at this point open a browser on a remote PC and enter the url (or whatever your web server’s IP address is). If all is well, you’ll see a test page that will just say “It works!” (if you’re using Scientific Linux) or a more elaborate test page with banner, graphics and explanatory text (if you’re using CentOS).

Your document root is /var/www/html, so drop any files you want to view via http in there, and change your remote browser’s URL to match. For example:

vi /var/www/html/dizwell.html

Add the following line, then save:

<h1>This is a Dizwell web page</h1>

Now browse remotely to and you’ll see this: