Documentation et Tutoriels - Hébergement Web Caramania.Ca

apt update
apt install -y apache2

# Vérifier
systemctl status apache2

# Tester : http://VOTRE_IP

dnf install -y httpd
systemctl enable --now httpd

# Vérifier
systemctl status httpd

# Ouvrir le pare-feu
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reload

# Tester : http://VOTRE_IP

# Ajouter le dépôt PHP
apt install -y software-properties-common
add-apt-repository ppa:ondrej/php -y
apt update

# Installer PHP et le module Apache
apt install -y php8.4 libapache2-mod-php8.4 \
    php8.4-cli php8.4-common php8.4-mysql \
    php8.4-curl php8.4-gd php8.4-mbstring \
    php8.4-xml php8.4-zip php8.4-intl

# Activer le module PHP
a2enmod php8.4

# Redémarrer Apache
systemctl restart apache2

# Vérifier
php -v

# Installer EPEL et Remi
dnf install -y epel-release
dnf install -y https://rpms.remirepo.net/enterprise/remi-release-9.rpm
dnf module reset php -y
dnf module enable php:remi-8.4 -y

# Installer PHP et les modules
dnf install -y php php-cli php-common php-mysqlnd php-curl php-gd php-mbstring php-xml php-zip php-intl httpd

# Redémarrer Apache
systemctl restart httpd

# Vérifier
php -v

echo '<?php phpinfo();' > /var/www/html/info.php

# Tester : http://VOTRE_IP/info.php
# Supprimez après le test !
rm /var/www/html/info.php

# Réécriture d'URL (pour WordPress, Laravel...)
a2enmod rewrite

# SSL
a2enmod ssl

# Headers (sécurité)
a2enmod headers

# Compression
a2enmod deflate

# Expires (cache)
a2enmod expires

# Proxy (si reverse proxy nécessaire)
a2enmod proxy proxy_http

# Redémarrer
systemctl restart apache2

cat > /etc/apache2/sites-available/monsite.com.conf << 'EOF'
<VirtualHost *:80>
    ServerName monsite.com
    ServerAlias www.monsite.com
    ServerAdmin admin@monsite.com
    DocumentRoot /var/www/monsite.com
    
    <Directory /var/www/monsite.com>
        Options -Indexes +FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
    
    ErrorLog ${APACHE_LOG_DIR}/monsite.com.error.log
    CustomLog ${APACHE_LOG_DIR}/monsite.com.access.log combined
</VirtualHost>
EOF

# Créer le dossier
mkdir -p /var/www/monsite.com
echo '<h1>Mon Site</h1><?php phpinfo();' > /var/www/monsite.com/index.php
chown -R www-data:www-data /var/www/monsite.com

# Activer le site
a2ensite monsite.com.conf

# Désactiver le site par défaut (optionnel)
a2dissite 000-default.conf

# Tester et redémarrer
apachectl configtest
systemctl reload apache2

cat > /etc/httpd/conf.d/monsite.com.conf << 'EOF'
<VirtualHost *:80>
    ServerName monsite.com
    ServerAlias www.monsite.com
    ServerAdmin admin@monsite.com
    DocumentRoot /var/www/monsite.com
    
    <Directory /var/www/monsite.com>
        Options -Indexes +FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
    
    ErrorLog /var/log/httpd/monsite.com.error.log
    CustomLog /var/log/httpd/monsite.com.access.log combined
</VirtualHost>
EOF

# Créer le dossier
mkdir -p /var/www/monsite.com
echo '<h1>Mon Site</h1><?php phpinfo();' > /var/www/monsite.com/index.php
chown -R apache:apache /var/www/monsite.com

# Tester et redémarrer
httpd -t
systemctl reload httpd

nano /etc/php/8.4/apache2/php.ini

# Paramètres recommandés :
# upload_max_filesize = 64M
# post_max_size = 64M
# memory_limit = 256M
# max_execution_time = 300
# max_input_vars = 3000
# date.timezone = America/Montreal

systemctl restart apache2

nano /etc/php.ini

# Paramètres recommandés :
# upload_max_filesize = 64M
# post_max_size = 64M
# memory_limit = 256M
# max_execution_time = 300
# max_input_vars = 3000
# date.timezone = America/Montreal

systemctl restart httpd

# Éditer la configuration de sécurité
nano /etc/apache2/conf-available/security.conf

# Ajouter/modifier :
# ServerTokens Prod
# ServerSignature Off
# TraceEnable Off

# Activer les headers de sécurité
cat > /etc/apache2/conf-available/security-headers.conf << 'EOF'
<IfModule mod_headers.c>
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header always set X-XSS-Protection "1; mode=block"
    Header always set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>
EOF

a2enconf security-headers
systemctl reload apache2

apt install -y certbot python3-certbot-apache

# Obtenir un certificat
certbot --apache -d monsite.com -d www.monsite.com

# Renouvellement automatique
certbot renew --dry-run

dnf install -y certbot python3-certbot-apache

# Obtenir un certificat
certbot --apache -d monsite.com -d www.monsite.com

# Renouvellement automatique
certbot renew --dry-run

# Réécriture d'URL WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# Protection des fichiers sensibles
<FilesMatch "^(wp-config\.php|\.htaccess)">
    Order allow,deny
    Deny from all
</FilesMatch>

# Compression GZIP
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/javascript
</IfModule>

# Statut
systemctl status apache2

# Redémarrer
systemctl restart apache2

# Recharger la config
systemctl reload apache2

# Tester la configuration
apachectl configtest

# Activer/désactiver un site
a2ensite monsite.com.conf
a2dissite monsite.com.conf

# Activer/désactiver un module
a2enmod rewrite
a2dismod rewrite

# Logs
tail -f /var/log/apache2/error.log
tail -f /var/log/apache2/access.log

# Statut
systemctl status httpd

# Redémarrer
systemctl restart httpd

# Recharger la config
systemctl reload httpd

# Tester la configuration
httpd -t

# Logs
tail -f /var/log/httpd/error_log
tail -f /var/log/httpd/access_log