Before testing Apache, it is important to adjust the firewall settings to permit external access to the default web ports. If you have followed the prerequisites, you should have already configured the UFW firewall to restrict access to your server.
During the Apache installation process, it automatically registers itself with UFW and provides several application profiles. These profiles can be utilized to enable or disable access to Apache through the firewall.
To list the available UFW application profiles, run the following command:
Your output will be a list of the application profiles:
Output
Available applications:
Apache
Apache Full
Apache Secure
OpenSSH
As per the displayed output, there are three available profiles for Apache:
- Apache: This profile allows access only through port 80 for normal, unencrypted web traffic.
- Apache Full: This profile enables access through both port 80 (normal, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic).
- Apache Secure: This profile permits access only through port 443 for TLS/SSL encrypted traffic.
It is recommended to enable the most restrictive profile that still allows the desired traffic. Since this guide does not cover SSL configuration for your server, you only need to allow traffic on port 80.
You can verify the change by checking the status:
The output will provide a list of allowed HTTP traffic:
Output
Status: active
To Action From
————- ——— ——–
OpenSSH ALLOW Anywhere
Apache ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Apache (v6) ALLOW Anywhere (v6)
As mentioned in the displayed output, the profile has been activated to grant access to the Apache web server.