Hello all,

I have a week off work and wanted to dive into Apache 2.4 installation and management full speed. I have read up on, and installed, httpd a few times already successfully. Getting httpd running, Selinux happy, and firewalld configured is not a problem. Dropping a website template into place and tweaking it is also not a problem. Now, I want to blow it all away and start from scratch with a purposeful install instead of mindlessly following a few guides that leave me with a working but relatively uninformed setup.

Environment:
CentOS7 minimal installation for httpd servers
Firewall device is a pfSense install, routing and forwarding is fine
Separate subnets and VLANs for some of the web servers

Needs (based on the articles I have read):
several domains point to my external IP address (using dynamic dns) - done
Apache virtual hosts file to handle different domains from one host
Apache reverse proxy settings to point some domains to other hosts in my network

Expected layout: (not complete)
Three domains point to my IP address. External ports 80 & 443 are forwarded to a VM handling httpd. domain1 has an entry in a virtual hosts file, domain2 has an entry of its own in the same file, and domain3 points to another VM. Part of this reasoning is that domain3 is hosting a web service that I don't want running on the primary VM, and I also want an excuse to get the apache proxy into place. This is 50% learning/ 50% useful in my home environment.

Questions:
Default file locations: Cent7 has a way of doing things, and I see references in guides to using /srv, some say /var/www, some say /opt... is there a defensible reason to use any location for hosting web server files in a particular location? I'm glad to do what is typical for a Cent type install, but I also understand that I can make this work from any location I choose.

Overview to How. Apache. Works. I have been a little overwhelmed reading articles and other questions and answers about httpd best practices, and I think I could use a 101 level breakdown of the components of Apache configuration. The LAMP stack itself is not the problem, since the scripting and db aspects are easy enough to install and tweak (so far). I would really appreciate if someone would write a quick blurb along these lines:
1 - Apache configuration files themselvces go under /etc/httpd/*
2 - Individual website files (vhosts etc.) go under /var/www/$vhost
3 - Vhost settings and configurations are under the same file?
4 - Are there any key file locations that I'm missing?

https://httpd.apache.org/docs/2.4/vhosts/examples.html has been very useful for me to start to see configuration syntax for hosting multiple sites as I'm trying to do, but I'm not quite sure what steps to take in order. Install httpd, declare site names and proxy addresses, and then host web files in the locations that I choose? I'm not even sure which settings go in which files.

Bonus points: I see lots of documentation on password files, locking directories, and avoiding exposing the indices of my sites, but I would imagine those steps come afterwards (or ideally simultaneously during creation)? No sites are publicly exposed yet, so installing the files and leaving them less secured up front is fine by me. The hosts are single-purpose and very locked down on their own networks so no one can browse to them, and there are no other services on those subnets/VLANs.

Thank you all in advance!

You can use whatever location you like as DocomentRoot for apache. I would suggest though to stick with your distro's default layout.
By default Centos uses /var/www/html and this directory is protected by SELinux to minimize the risks a webserver faces.

1. Yes, this is the default in Centos
2. As I've told you the docroot is /var/www/html, so better use /var/www/html/$vhost
3. Yes, anything is written in /etc/httpd/conf/httpd.conf, but you can use something like /etc/httpd/conf.d/$vhost for less clutter and better readability, as the files in there are included in apache configuration.
4. Doh, may the directory /etc/httpd/conf.d

Regards

Ah, fantastic. That was exactly what I needed to get started. I'll tackle this today, in order:

Configure Apache to know of and route to the appropriate vhost or proxied host
Configure vhosts themselves
Configure proxied host itself
Doc root is straightforward for each type of host

That gives me something to mangle before I have sharper questions. I expect to wish to lock down the individual directories with all of the options that I've seen previously online, but I'll put templates in place so I have specific examples first.

Thanks a ton bathory! Minimal, exact instructions are great.

https://wiki.apache.org/httpd/Distro...ce_package.29: is a peach.

Quick update on foundation steps: four local virtual hosts are set up for different domains with index files, routing properly from inside and outside of my network. I have a second server up (threw Etherpad on it since I've wanted that up for a while) and will be configuring Etherpad as the proxied host reached via my apache install.

Someone mentioned that if I wanted this project purely for learning I should consider Apache as my individual site server, but use nginx as the gateway or proxy. Not sure of the terminology there, but I'm wondering: is it hard to move this configuration from Apache to Nginx as the receiving host that sends requests to the vhosts and proxied hosts? I'm imaging it's as easy as removing the Apache configurations once I have them working and doing it again in Nginx, but if for some reason this is a Bad Idea please tell me now. Either way, I'll leave Nginx out of the mix until this is working well with Apache.

Also, thanks Habitual, that was a good link that I had found and you reminded me of. Part of my particular problem is knowing how much of the data I find is necessary on step 1, and I just needed to dive into the config file and vhost location to get an initial handle on this. Good progress for a day though!