There are numerous ways to organize your Apache configuration files. In some cases this organization will be dictated by your Linux distribution or control panel choice. When I’m working on RedHat/CentOS with no control panel here’s what I have found to be a good organization:
- Minimize changes to /etc/httpd/conf/httpd.conf. It’s easier to upgrade or migrate if this file has few or not changes.
- Place virtual host definitions in /etc/httpd/conf/vhosts.conf.
- Put the document root for each website at /var/www/vhosts/[domain name]/httpdocs. Do not include “www” on the domain name. For example with “acme.com” the document root would be /var/www/vhosts/acme.com/httpdocs.
- Here’s a template for the virtual host definition:
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster@acme.com
ServerName acme.com
ServerAlias http://www.acme.com
DocumentRoot /var/www/vhosts/acme.com/httpdocs
ErrorLog logs/acme.com-error_log
CustomLog logs/acme.com-access_log combined
<Directory /var/www/vhosts/acme.com/httpdocs>
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/vhosts/acme.com/httpdocs
ServerName acme.com
ServerAlias http://www.acme.com
ErrorLog logs/acme.com-ssl-error_log
CustomLog logs/acme.com-ssl-access_log common
<Directory /var/www/vhosts/acme.com/httpdocs>
AllowOverride All
</Directory>
SSLEngine on
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORT
SSLCertificateFile /etc/pki/tls/certs/acme.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/acme.com.key
SSLCACertificateFile /etc/pki/tls/certs/gd_bundle.crt
</VirtualHost>
Of course the SSL portion of the template is optional.