Azure Hints and Tips: Quick Web Server with Apache and LetsEncrypt

Contents

• Introduction
• Prerequisites
• Step 1: Create a Virtual Machine
• Step 2: Create DNS Record
• Step 3: Install Apache
• Step 4: Create a Virtual Host and Deploy a Website
• Step 5: Create a LetsEncrypt SSL Certificate

Introduction

Sometimes when you are working with Azure, you need to quickly set up a web server to host a simple website in order to test other services. This guide will show you how to set up a web server using Apache and secure it with a free SSL certificate from LetsEncrypt using your own custom domain.

Prerequisites

• An Azure account
• A domain name and access to the DNS records
• An Azure VNet with a subnet and a Network Security Group (NSG) that allows HTTP and HTTPS traffic requests from the internet and SSH access from your IP address.

Step 1: Create a Virtual Machine

1. In the Azure portal, follow the basic steps to create a new Linux virtual machine with a public IP address. Since this will be a short-lived test VM, we can simplify the configuration as much as possible:

• In Availability Options, select No infrastructure redundancy required.
• In Security Type, select Standard
• In Authentication Type, select Password and provide a username and password
• In Public inbound ports, select Allow selected ports and choose SSH from the list
• In Networking, select the VNet and subnet you want to use and ensure you have an NSG attached that allows SSH and HTTP/HTTPS traffic as per the prerequisites

1. Once the VM is created, note the public IP address and SSH into the VM using the username and password you provided.

Step 2: Create DNS Record

1. In your domain registrar’s DNS settings, create an A record that points to the public IP address of the VM you created in Step 1 for the domain you want to use to connect to this web server, e.g. www1.example.com.

• It is worth completing this step as soon as you have the public IP address of the server as it can take some time for the DNS record to propagate.

Step 3: Install Apache

1. Update the package list and install Apache:

    sudo apt update
    sudo apt install apache2
   

2. Start the Apache service and enable it to start on boot (not required for VMs deployed via the Azure portal as the service appears to be started automatically):

    sudo systemctl start apache2
    sudo systemctl enable apache2
   

3. Test that Apache is running by navigating to the public IP address of the VM in a web browser. You should see the default Apache page:

   

Step 4: Create a Virtual Host and Deploy a Website

1. Create a new directory for your website and set the permissions:

    sudo mkdir /var/www/www1.example.com
    sudo chown -R www-data:www-data /var/www/www1.example.com
    sudo chmod -R 755 /var/www/www1.example.com
   

2. Create a simple HTML file to test the website:

    echo "<html><head><title>www1.example.com</title></head><body><h1>Welcome to www1.example.com</h1></body></html>" > /var/www/www1.example.com/index.html
   

3. Create a new virtual host configuration file:

    sudo vi /etc/apache2/sites-available/www1.example.com.conf
   
    # Copy the following code into the file, then save and exit: 
   
    <VirtualHost *:80>
        ServerName www1.example.com
        # Server Alias is not required if setting up a sub domain www1.example.com
        # but it would be used to automatically redirect www.example.com to example.com, for example!
        # ServerAlias www.example.com
        DocumentRoot /var/www/www1.example.com
   
        ErrorLog ${APACHE_LOG_DIR}/example.com_error.log
        CustomLog ${APACHE_LOG_DIR}/example.com_access.log combined
    </VirtualHost>
   

4. Disable the default website and enable the virtual host for the new website and restart Apache:

    sudo a2dissite 000-default.conf
    sudo a2ensite www1.example.com.conf
    sudo systemctl restart apache2
   

5. Check that the website is accessible by navigating to http://www1.example.com in a web browser. You should see the simple HTML page you created above.

Step 5: Create a LetsEncrypt SSL Certificate

1. Install Certbot:

    sudo apt install certbot python3-certbot-apache
   

2. Obtain a certificate for the domain:

    sudo certbot --apache -d www1.example.com
   

3. Follow the prompts to create the certificate. Once complete, Certbot will update the Apache configuration to use the certificate.

4. Test that the website is now accessible via HTTPS by navigating to https://www1.example.com in a web browser. You should see the same simple HTML page you created above but served via HTTPS.