Configure Apache for Manual Installation on Linux

Table of Contents

Introduction
Configure Apache
Additional Apache Configurations

Introduction

This document describes the basic configuration of your Apache webserver for the use with ownCloud. It assumes that you already have successfully installed the Apache Webserver. Please read the Apache Documentation for more or enhanced configuration options.

Configure Apache

On Debian, Ubuntu, and their derivatives, Apache installs with a useful configuration. All you have to do is create an /etc/apache2/sites-available/owncloud.conf file with these lines in it, replacing the Directory and other file paths with your own file paths:

Alias /owncloud "/var/www/owncloud/"

<Directory /var/www/owncloud/>
  Options +FollowSymlinks
  AllowOverride All

 <IfModule mod_dav.c>
  Dav off
 </IfModule>
</Directory>

Then create a symlink to /etc/apache2/sites-enabled:

sudo ln -s /etc/apache2/sites-available/owncloud.conf /etc/apache2/sites-enabled/owncloud.conf

Additional Apache Configurations

For ownCloud to work correctly, you need the module mod_rewrite. Enable it by running: a2enmod rewrite. Additionally recommended modules are mod_headers, mod_env, mod_dir, mod_mime, and mod_unique_id. To enable them, run the following commands:
```
sudo a2enmod headers
sudo a2enmod env
sudo a2enmod dir
sudo a2enmod mime
sudo a2enmod unique_id
```
If you want to use the OAuth2 app, then mod_headers must be installed and enabled.
You must disable any server-configured authentication for ownCloud since it uses basic authentication internally for DAV services. If you have turned on authentication on a parent folder (e.g. via an AuthType Basic directive), you can disable the authentication specifically for the ownCloud entry. As in the above example configuration file, add the following line in the Directory section:
```
Satisfy Any
```
When using SSL, take special note of the ServerName. You should specify one in the server configuration as well as in the CommonName field of the certificate. If you want your ownCloud to be reachable via the internet, set both of these to the domain for your ownCloud server.
Now restart Apache
```
sudo service apache2 restart
```
If you’re running ownCloud in a sub-directory and want to use CalDAV or CardDAV clients, make sure you have configured the correct Service Discovery URLs.

Apache Mod_Unique_Id Configuration

The use of mod_unique_id enables an administrator to trace requests via logfiles.

mod_unique_id provides a magic token for each request which is guaranteed to be unique across "all" requests under very specific conditions.

If you enable the module, there is nothing else you have to do as ownCloud automatically includes the UNIQUE_ID environment variable, provided by the module, in ownCloud’s log file.

To confirm that it’s working, check that the UNIQUE_ID environment variable is being set by running phpinfo() (like in the screenshot below).

phpinfo() showing that Apache is sending the UNIQUE_ID value from mod_unique_id

Next, compare the value set for UNIQUE_ID in the output of phpinfo() with the value in ownCloud’s log file to ensure that they’re the same. In the example below, you can see an example log entry, where ownCloud is logging the unique id provided by Apache as the value for the first key reqId in the record.

{
	"reqId": "XDyankIou@F-GwxW82dx7QAAAAo",
	"level": 3,
	"time": "2019-01-14T14:20:14+00:00",
	"remoteAddr": "127.0.0.1",
	"user": "--",
	"app": "PHP",
	"method": "GET",
	"url": "\/index.php\/apps\/files\/?dir=\/Documents&fileid=26",
	"message": "..."
}

Using SSL

You can use ownCloud over plain HTTP, but we strongly encourage you to use SSL/TLS to encrypt all of your server traffic and to protect users’ logins and data in transit.

Use a Professional Certificate

You can install any purchased or free certificate like the ones via Let’s Encrypt.

Read Using Let’s Encrypt SSL Certificates if you want to use free of charge certificates for Apache.

Use the Default Simple Self-Signed Certificate

Apache installed on an Ubuntu system comes already set up with a simple self-signed certificate.

Self-signed certificates have their drawbacks - especially when you plan to make your ownCloud server publicly accessible. You may want to consider getting a certificate signed by a commercial signing authority or a free certificate like the ones from Let’s Encrypt.

Using the simple self-signed certificate provided by the Apache installation, all you have to do is to enable the ssl module and the default site. Open a terminal and run:

sudo a2enmod ssl
sudo a2ensite default-ssl
sudo service apache2 reload

Multi-Processing Module (MPM)

Apache prefork has to be used. Don’t use a threaded MPM like event or worker with mod_php, because PHP is currently not thread safe.

If you want to use a threaded MPM, look at a FastCGI configuration where PHP is running in its own memory space. ownCloud limits its support to Apache prefork only.

In case you have enabled mpm_event during an earlier setup of Apache, you may get conflict notes from Apache. Use the following commands to solve this issue. The order of commands is recommended to ensure a smooth transition.

sudo a2dismod mpm_event
sudo systemctl restart apache2
sudo a2enmod mpm_prefork
sudo systemctl restart apache2