If you believe my posts will help someone please feel free to share.

Setting Up Apache on Amazon EC2

 

Install Apache

 

We’ve installed Apache, a web server but we still can’t see a web page.

What gives?

This is because you can’t accept inbound traffic. You are allowing inbound traffic on port 22 for SSH but not on port 80 needed for HTTP.

So we need to allow Inbound traffic from Port 80

And now when we visit our public domain we see the default web page of the Apache HTTP server.

This page tells us the default location to add HTML content

“You may now add content to the directory /var/www/html/. Note that until you do so, people visiting your website will see this page, and not your content. To prevent this page from ever being used, follow the instructions in the file /etc/httpd/conf.d/welcome.conf.”
So let’s go there.
Currently we are in the users home directory. We can use pwd to see where we are.
You are in the home directory of the ec user
[ec2-user@ip-172-30-1-107 ~]$ pwd
/home/ec2-user
Let’s take a peek in this directory using the ls -la command. This will list all files and their group and user permissions. We will use ls -la again in a minute.


[ec2-user@ip-172-30-1-107 ~]$ ls -la
total 24
drwx------ 3 ec2-user ec2-user 4096 Feb 16 19:22.
drwxr-xr-x 3 root     root     4096 Feb 16 19:22..
-rw-r--r-- 1 ec2-user ec2-user   18 Aug 30 19:00 .bash_logout
-rw-r--r-- 1 ec2-user ec2-user  193 Aug 30 19:00 .bash_profile
-rw-r--r-- 1 ec2-user ec2-user  124 Aug 30 19:00 .bashrc
drwx------ 2 ec2-user ec2-user 4096 Feb 16 19:22.ssh

We need to go to the directory /var/www/html/
Let’s go check it out

[ec2-user@ip-172-30-1-107 html]$ cd /var/www/html
[ec2-user@ip-172-30-1-107 html]$ ls
[ec2-user@ip-172-30-1-107 html]$ ls -la
total 8
drwxr-xr-x 2 root root 4096 Feb 16 21:41 .
drwxr-xr-x 6 root root 4096 Feb 16 21:18 ..
We see there are no files here. Let’s create an HTML file, index.html using nano

[ec2-user@ip-172-30-1-107 html]$ nano index.html

Oh nooooooo permission denied (see message at bottom of next image).

What the hell. Well its because the permission for this directory is set to root, and we are logged in as ec-user.

Have you noticed in our command line

 

[ec2-user@ip-172-30-1-107 html]$

 

If we want to create a file in this directory as is, we need to write the file with root permissions.

You NEVER want to log in as root, and it is really hard in an Amazon EC2 server without some making some serous changes. Fortunately we can use the sudo command to do this.

If you add the prefix sudo to most linux commands, that command will run with elevated privileges required to perform certain, usually administrative tasks.

Basically if you need to do shit as root then instead of logging in as root use the sudo command.

The ec2-user has sudo privileges on AWS EC2 servers.

So a quick aside as I show you.

Sometimes you can find the list of users who can sudo here

less /etc/sudoers

However, on this Amazon EC2 instance the file is located here

/etc/sudoers.d/cloud-init

and we don’t have permission to see it as ec2-user

This is a bit meta but if you need to elevate your privileges with sudo to read the contents of the sudoers file.

[ec2-user@ip-172-30-1-107 etc]$ sudo nano /etc/sudoers.d/cloud-init

When the files opens you will see ec2-user listed.

A side note, you may have tried to use the change directory command, cd to get into the sudoers.d directory; however, you would get a permission denied as this directory requires root. You can’t use sudo cd because cd is part of the shell. sudo foo means run the program foo as root. cd is not a program  but an in-built command and sudo only applies to programs.

If for some reason you really wanted to cd into this directory you’d have to become root (this is NOT recommended)
[ec2-user@ip-172-30-1-107 etc]$ sudo -s
[root@ip-172-30-1-107 etc]# cd sudoers.d
[root@ip-172-30-1-107 sudoers.d]# ls
cloud-init

To get out of root and back to ec2-user simply use exit

[root@ip-172-30-1-107 sudoers.d]# exit

[ec2-user@ip-172-30-1-107 etc]$

See how the username before the @ changes from root to ec2-user

Phew ok back to making out first HTML page.

All of this to say that ec2-user has sudo privelges and as such can create an index.html with root permission to match the permssions of the direcotry that have the Apache HTML files
[ec2-user@ip-172-30-1-107 html]$ cd /var/www/html
[ec2-user@ip-172-30-1-107 html]$ ls
[ec2-user@ip-172-30-1-107 html]$ ls -la
total 8
drwxr-xr-x 2 root root 4096 Feb 16 21:41.
drwxr-xr-x 6 root root 4096 Feb 16 21:18..
[ec2-user@ip-172-30-1-107 html]$
OK so we are in the directory Apache told us the files are in, we understand the containing directories have root permissions. So we will sudo and make this file
[ec2-user@ip-172-30-1-107 html]$ sudo nano index.html

Control X will exit and ask you to save.

Navigate back to the public url for this EC2 instance. Boom!