There are numerous ways to organize your Apache configuration files. In some cases this organization will be dictated by your Linux distribution or control panel choice. When I’m working on RedHat/CentOS with no control panel here’s what I have found to be a good organization:
- Minimize changes to /etc/httpd/conf/httpd.conf. It’s easier to upgrade or migrate if this file has few or not changes.
- Place virtual host definitions in /etc/httpd/conf/vhosts.conf.
- Put the document root for each website at /var/www/vhosts/[domain name]/httpdocs. Do not include “www” on the domain name. For example with “acme.com” the document root would be /var/www/vhosts/acme.com/httpdocs.
- Here’s a template for the virtual host definition:
12345678910111213141516171819202122232425262728293031NameVirtualHost *:80<VirtualHost *:80>ServerAdmin webmaster@acme.comServerName acme.comServerAlias www.acme.comDocumentRoot /var/www/vhosts/acme.com/httpdocsErrorLog logs/acme.com-error_logCustomLog logs/acme.com-access_log combined<Directory /var/www/vhosts/acme.com/httpdocs>AllowOverride All</Directory></VirtualHost><VirtualHost *:443>DocumentRoot /var/www/vhosts/acme.com/httpdocsServerName acme.comServerAlias www.acme.comErrorLog logs/acme.com-ssl-error_logCustomLog logs/acme.com-ssl-access_log common<Directory /var/www/vhosts/acme.com/httpdocs>AllowOverride All</Directory>SSLEngine onSSLProtocol -ALL +SSLv3 +TLSv1SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORTSSLCertificateFile /etc/pki/tls/certs/acme.com.crtSSLCertificateKeyFile /etc/pki/tls/private/acme.com.keySSLCACertificateFile /etc/pki/tls/certs/gd_bundle.crt</VirtualHost>
Of course the SSL portion of the template is optional.