Version of Apache installed on a Debian machine - apache

How can I check which version of Apache is installed on a Debian machine?
Is there a command for doing this?

Try apachectl -V:
$ apachectl -V
Server version: Apache/2.2.9 (Unix)
Server built: Sep 18 2008 21:54:05
Server's Module Magic Number: 20051115:15
Server loaded: APR 1.2.7, APR-Util 1.2.7
Compiled using: APR 1.2.7, APR-Util 1.2.7
... etc ...
If it does not work for you, run the command with sudo.

This works for my Debian:
$ /usr/sbin/apache2 -v

You should use apache2ctl -v or apache2 -v for newer Debian or Ubuntu distributions.
apache:/etc/apache2# apache2ctl -v
Server version: Apache/2.2.16 (Debian)
Server built: May 12 2011 11:58:18
or you can use apache2 -V to get more information.
apache2 -V
Server version: Apache/2.2.16 (Debian)
Server built: May 12 2011 11:58:18
Server's Module Magic Number: x
Server loaded: APR 1.4.2, APR-Util 1.3.9
Compiled using: APR 1.2.12, APR-Util 1.3.9
Architecture: 64-bit
Server MPM: Worker
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....

The command varies depending on how your version of Linux has named the Apache Server.
On Debian and Mac OS:
apachectl -v
On Red Hat and Amazon's EC2 Linux use:
httpd -v
On other verisons of Linux try:
apache2 -v
You can use two different flags:
-v # gives you the version number
-V # gives you the compile settings including version number.
If you want to run the command with the full directory like user3786265 did but don't know where your apache is located, use the whereis command:
whereis httpd

I am using Red Hat Linux and the following command works:
httpd -V

I think you have to be sure what type of installation you have binary or source.
To check what binary packages is installed: with root rights execute following command:
dpkg -l |grep apache2
result should be something like:
dpkg -l |grep apache2
ii apache2 2.4.10-10+deb8u8 amd64 Apache HTTP Server
ii apache2-bin 2.4.10-10+deb8u8 amd64 Apache HTTP Server (modules and other binary files)
ii apache2-data 2.4.10-10+deb8u8 all Apache HTTP Server (common files)
ii apache2-doc 2.4.10-10+deb8u8 all Apache HTTP Server (on-site documentation)
To find version you can run :
apache2ctl -V |grep -i "Server version"
result should be something like:
Server version: Apache/2.4.10 (Debian)

Try it with sudo
apachectl -V
-bash: apachectl: command not found
sudo apachectl -V
Server version: Apache/2.4.6 (Debian)
Server built: Aug 12 2013 18:20:23
Server's Module Magic Number: 20120211:24
Server loaded: APR 1.4.8, APR-UTIL 1.5.3
Compiled using: APR 1.4.8, APR-UTIL 1.5.2
Architecture: 32-bit
Server MPM: prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
bla bla....

You can also use the package manager directly:
dpkg -l | grep apache
This isn't focused on just version number, but it will make a broader search, which will give you other useful information, like module versions.

Another way round to check a package (including Apache) installed version on Debian-based system, we can use:
apt-cache policy <package_name>
e.g. for Apache
apt-cache policy apache2
which will show something like (look at the Installed line):
$ apt-cache policy apache2
apache2:
Installed: (none)
Candidate: 2.2.22-1ubuntu1.9
Version table:
2.2.22-1ubuntu1.9 0
500 http://hk.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages
500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages
2.2.22-1ubuntu1 0
500 http://hk.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages

For me this works on Debian 6 (Squeeze):
Linux www809 2.6.26-2-xen-686 #1 SMP Wed Sep 21 09:56:47 UTC 2011 i686 GNU/Linux
I had to go to the right path:
/usr/local/apache/bin** $ **./apachectl -v
./apachectl: line 71: ulimit: open files: cannot modify limit: Operation not permitted
Server version: Apache/2.2.21 (Unix)
Server built: Dec 17 2011 19:57:53

I tried running the command "httpd -V" and "apachectl -V", but I could not execute and was getting the error:
-ksh: php: not found [No such file or directory]
Then I tried another way. I went to the Apache directory on my server and then tried executing the command:
./apachectl -v
This worked for me and returned the output:
Server version: Apache/2.2.20 (Unix)
Server built: Sep 6 2012 17:22:16
I hope this helps.

You can use apachectl -V or apachectl -v. Both of them will return the Apache version information!
xgqfrms:~/workspace $ apachectl -v
Server version: Apache/2.4.7 (Ubuntu)
Server built: Jul 15 2016 15:34:04
xgqfrms:~/workspace $ apachectl -V
Server version: Apache/2.4.7 (Ubuntu)
Server built: Jul 15 2016 15:34:04
Server's Module Magic Number: 20120211:27
Server loaded: APR 1.5.1-dev, APR-UTIL 1.5.3
Compiled using: APR 1.5.1-dev, APR-UTIL 1.5.3
Architecture: 64-bit
Server MPM: prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/etc/apache2"
-D SUEXEC_BIN="/usr/lib/apache2/suexec"
-D DEFAULT_PIDLOG="/var/run/apache2.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="mime.types"
-D SERVER_CONFIG_FILE="apache2.conf"
You may be more like using apache2 -V or apache2 -v. It seems easier to remember!
xgqfrms:~/workspace $ apache2 -v
Server version: Apache/2.4.7 (Ubuntu)
Server built: Jul 15 2016 15:34:04
xgqfrms:~/workspace $ apache2 -V
Server version: Apache/2.4.7 (Ubuntu)
Server built: Jul 15 2016 15:34:04
Server's Module Magic Number: 20120211:27
Server loaded: APR 1.5.1-dev, APR-UTIL 1.5.3
Compiled using: APR 1.5.1-dev, APR-UTIL 1.5.3
Architecture: 64-bit
Server MPM: prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/etc/apache2"
-D SUEXEC_BIN="/usr/lib/apache2/suexec"
-D DEFAULT_PIDLOG="/var/run/apache2.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="mime.types"
-D SERVER_CONFIG_FILE="apache2.conf"

For me apachectl -V did not work, but apachectl fullstatus gave me my version.

Some installations of Apache are fubar (think Oracle's packaging of it, OHS) and do not understand the -V flag, nor can be invoked directly without running into missing library errors.
Easiest way is to use the strings command (part of binutils) on the httpd binary and grep for a string that might resemble a version. For example, assuming your httpd binary is under directory /foo/bar:
$ strings /foo/bar/httpd | grep 2.2
GLIBC_2.2.5
Oracle-HTTP-Server/2.2.22 (Unix)
Success_Accepted_202
202 Accepted
Most binaries (not all) contain their version (at least their major version) as static strings. This is my go-to way to get versions (or to corroborate what a binary's help message matches what reality on the ground truly is.)

Or, less directly:
nmap -A localhost -p 80

Surely typing /usr/sbin/apache2 -v into the shell is the best and quickest way to go, by the way here's another option, just in case there's PHP too in your server and you're interested into gathering Apache version (and much more infos) in quick programmatical steps.
Just make an info.php file in your Apache web root folder (or whatever you like) and write these inside it:
<?php
phpinfo();
?>
Now go to yoursite.com/info.php (or localhost/info.php for local machines).
You'll see your Apache version in PHP Variables section, here's an example:
phpinfo() example dump page
Also, please notice that these steps obviously apply to any web server with PHP integration, so it's not limited to Apache and once created that page could be handy while developing (just don't forget to remove it on production environments!!)

dlocate -s apache2 | grep '^Version:'

works in debian 11 bullseye
/usr/sbin/apache2 -v

Related

How to find the path of apache config file

I want to add some configuration in my Apache Web server configuration file so, anyone would help me with a command in Linux/Ubunbtu.
First find your httpd processes:
ps -ef | grep httpd
root 14124 1096 0 21:46 ? 00:00:00 /opt/apache/bin/httpd -k start
httpd 14125 14124 0 21:46 ? 00:00:00 /opt/apache/bin/httpd -k start
httpd 14126 14124 0 21:46 ? 00:00:00 /opt/apache/bin/httpd -k start
httpd 14127 14124 0 21:46 ? 00:00:00 /opt/apache/bin/httpd -k start
httpd 14240 6263 0 21:49 pts/0 00:00:00 grep --color=auto http
This will tell you:
the path to the httpd process. Here /opt/apache
Maybe the name and path of the configuration file, as an argument to the httpd process. The httpd process would then be started with the -f CONFIG-FILE argument.
In case 2., you are done!
In case 1, go to the directory the httpd process is from and run this:
cd /opt/apache/bin
./apachectl -V
Server version: Apache/2.4.37 (Unix)
Server built: Jun 21 2019 21:32:47
Server's Module Magic Number: 20120211:83
Server loaded: APR 1.6.5, APR-UTIL 1.6.1
Compiled using: APR 1.6.5, APR-UTIL 1.6.1
Architecture: 64-bit
Server MPM: worker
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/opt/apache"
-D SUEXEC_BIN="/opt/apache/bin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
And there you have it! The last line: -D SERVER_CONFIG_FILE="conf/httpd.conf" tells you that the configuration file is httpd.conf in the conf directory. Since it is an absolute path, look at the value of HTTPD_ROOT to know where the root is for this Apache. Here it is -D HTTPD_ROOT="/opt/apache".
So the full path is: HTTPD_ROOT/SERVER_CONFIG_FILE. Here, /opt/apache/conf/httpd.conf.
Another method:
cd /opt/apache/bin
./httpd -S
Hope this helps!

Virtual Hosts on Mac directing to ServerRoot

I was mainly using XAMPP for my local development needs, but I felt it time to take the crutches off and work from the command line interface.
The issue I am running into is that my virtual hosts are directing to the ServerRoot, and not where the virtual host points. The ones I'm trying currently are laravel apps, so my file structure is
/usr/local/var/www/domain1/laravel
/usr/local/var/www/domain1/public_html
Here is my config files
# /etc/apache2/httpd.conf
ServerRoot "/usr/local/var/www"
ServerName 127.0.0.1
DocumentRoot "/usr/local/var/www"
# /etc/apache2/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/usr/local/var/www/mydomain.com/public_html"
ServerName dev.mydomain
ServerAlias www.dev.mydomain
ErrorLog "/private/var/log/apache2/dev.mydomain/error_log"
CustomLog "/private/var/log/apache2/dev.mydomain/access_log" common
</VirtualHost>
# /ect/hosts
127.0.0.1 localhost
127.0.0.1 dev.mydomain
::1 localhost
::1 dev.mydomain
When I go to dev.mydomain in the browser, it takes me to /usr/local/var/www instead of /usr/local/var/www/mydomain/public_html
I've already restarted the server.
Edit 1:
When I traverse the file path, the php files are not parsing either and are opening as regular text files.
Edit 2:
I commented the httpd.conf DocumentRoot line out and restarted apache, but the issue persists. When I do a apachectl -t -D DUMP_VHOSTS the Virtual Configuration comes back blank. I have Include /private/etc/apache2/extra/httpd-vhosts.conf uncommented as well as the LoadModule vhost_alias_module.
I changed
Include /private/etc/apache2/extra/httpd-vhosts.conf
to
Include /etc/apache2/extra/httpd-vhosts.conf
but they both link to the same file.
Edit 3:
Doing apachectl -S returns back a different server root than what I established. `apachectl -t -D DUMP_VHOSTS also returns back empty. I think it's possible I might be running a different version of apache than what came default on OSX. I played with it a few years ago. Is there a way to tell where the current running Apache config path is at?
Edit 4:
I checked where the httpd was running and found I have a different apache running than what is default.
MacBook-Pro:extra Daniel$ whereis httpd
/usr/sbin/httpd
Daniels-MacBook-Pro:extra Daniel$ /usr/sbin/httpd -V
Server version: Apache/2.4.29 (Unix)
Server built: Jan 17 2018 18:20:31
Server's Module Magic Number: 20120211:68
Server loaded: APR 1.5.2, APR-UTIL 1.5.4
Compiled using: APR 1.5.2, APR-UTIL 1.5.4
Architecture: 64-bit
Server MPM: prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_FLOCK_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/usr"
-D SUEXEC_BIN="/usr/bin/suexec"
-D DEFAULT_PIDLOG="/private/var/run/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="/private/etc/apache2/mime.types"
-D SERVER_CONFIG_FILE="/private/etc/apache2/httpd.conf"
I uncommented the vhosts lines again in the other config but now I get an error on restart saying
httpd: Syntax error on line 69 of /usr/local/etc/httpd/httpd.conf: Cannot load lib/httpd/modules/mod_mpm_prefork.so into server: dlopen(/usr/local/var/www/lib/httpd/modules/mod_mpm_prefork.so, 10): image not found
Okay, the issue was that I installed apache a few years ago with Homebrew and forgot. I was configuring the OSX apache config files. To find out which config file is being used, use:
$ whereis httpd
/usr/sbin/httpd
$ /usr/sbin/httpd -V
Server version: Apache/2.4.29 (Unix)
Server built: Jan 17 2018 18:20:31
Server's Module Magic Number: 20120211:68
Server loaded: APR 1.5.2, APR-UTIL 1.5.4
Compiled using: APR 1.5.2, APR-UTIL 1.5.4
Architecture: 64-bit
Server MPM: prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_FLOCK_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/usr"
-D SUEXEC_BIN="/usr/bin/suexec"
-D DEFAULT_PIDLOG="/private/var/run/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="/private/etc/apache2/mime.types"
-D SERVER_CONFIG_FILE="/private/etc/apache2/httpd.conf" <- where you config is, mine wasn't here
The reason the modules were not loading was because I changed the ServerRoot line a long time ago and didn't realize it. The default ServerRoot is /usr/local/opt/httpd, which contains the lib directory, which is where the modules are located and loaded from. Reseting the httpd.conf back to default and looking into that directory before I changed the path was what helped me catch it.

Apache 2.4 graceful restart is killing connections

I have RHEL7.2 with Apache 2.4.6 (From the RHEL repository) using the event-mpm. When I do a graceful restart using the following command, active connections are terminated.
/usr/sbin/httpd -f /path/to/httpd.conf -k graceful
Everything I have read suggests that this should not be the case. Any worker processes/threads should complete their active connections before being terminated and replaced by a new worker with the new config.
I tested this by using JMeter and by using ab on some 'large' files (~15Mb). I was seeing the problem on small 1Kb files also, but I was only able to reliably reproduce the problem on JMeter and not from ab. Using the larger file highlights the problem more reliably as there is a higher chance of the reload happening during an active connection.
For more background, I was originally thinking that the behaviour I was seeing from JMeter (but not from ab) was new connections failing during the brief time that the master listening process was reloading and refusing new connections. This did not make sense as the OS is meant to queue the new connections. This is when I investigated the possibility that it was killing existing connections and tried with the larger files.
Any thoughts on what may be going on here, how I can test further and possibly how to resolve?
Here is the Apache info, if it helps:
Server version: Apache/2.4.6 (Red Hat Enterprise Linux)
Server built: Jul 12 2016 05:02:54
Server's Module Magic Number: 20120211:24
Server loaded: APR 1.4.8, APR-UTIL 1.5.2
Compiled using: APR 1.4.8, APR-UTIL 1.5.2
Architecture: 64-bit
Server MPM: event
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="/run/httpd/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"

mod_ssl.so not loading

I am trying to run Apache with SSL for my website. But when I start the Apache it throws the error saying:
httpd: Syntax error on line 127 of /usr/local/custom/apache/conf/httpd.conf:
Cannot load modules/mod_ssl.so into server: /usr/local/custom/apache/modules/mod_ssl.so:
undefined symbol: apr_global_mutex_lockfile
I also encountered the same issue.
The root cause of the issue is a version mismatch in the apr version
In order to fix it, download the following: apr-util-1.5.4.tar.gz and apr-1.5.1.tar.gz.
These can be downloaded at : https://apr.apache.org/download.cgi
Assuming that you have http src untarred in /src/httpd, you untar the apr-1.5.1 and apr-util in the opt/src/httpd/srclib
So the unzipped structure would be opt/src/httpd/srclib/apr and opt/src/httpd/srclib/apr-util
After this is done, you can run the configure with the following command
./configure --prefix=/opt/httpd-2.4.10 --with-included-apr
make
make install
This will install httpd in
/opt/httpd-2.4.10
You can check if the correct version of APR is referenced using the following command
/opt/httpd-2.4.10/bin/httpd -V
You should see output as below.
Server version: Apache/2.4.10 (Unix)
Server built: Dec 16 2014 11:46:58
Server's Module Magic Number: 20120211:36
Server loaded: APR 1.5.1, APR-UTIL 1.5.4
Compiled using: APR 1.5.1, APR-UTIL 1.5.4
Architecture: 64-bit
Server MPM: worker
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/opt/httpd-2.4.10"
-D SUEXEC_BIN="/opt/httpd-2.4.10/bin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"

How to determine if OpenSSL and mod_ssl are installed on Apache2

Does anyone know the command to determine if OpenSSL and mod_ssl are installed on Apache2?
If you have PHP installed on your server, you can create a php file, let's called it phpinfo.php and add this <?php echo phpinfo();?>, and open the file in your browser, this shows information about your system environment, to quickly find info about your Apache loaded modules, locate 'Loaded Modules' on the resulting page.
If you have PHP installed on your server, you can chek it in runtime using "extension_loaded" funciontion. Just like this:
<?php
if (!extension_loaded('openssl')) {
// no openssl extension loaded.
}
?>
Usually, when you compile your apache2 server (or install it by packages facility stuff), you can check any directive that're available to be used by tapping this command:
~# $(which httpd) -L | grep SSL # on RHEL/CentOS/Fedora
~# $(which apache2) -L | grep SSL # on Ubuntu/Debian
~# $(which httpd2) -L | grep SSL # on SUSE
If you don't see any SSL* directive, it means that you don't have apache2 with mod_ssl compiled.
The default Apache install is configured to send this information on the Server header line. You can view this for any server using the curl command.
$ curl --head http://localhost/
HTTP/1.1 200 OK
Date: Fri, 04 Sep 2009 08:14:03 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8a DAV/2 PHP/5.2.6 SVN/1.5.4 proxy_html/3.0.0
Use the following commands.
$ openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013 (or similar output)
For RHEL/CentOS/Fedora:
$ httpd -t -D DUMP_MODULES | grep ssl
ssl_module (shared)
For Ubuntu/Debian
$ apache2 -t -D DUMP_MODULES | grep ssl
ssl_module (shared)
For SUSE
$ httpd2 -t -D DUMP_MODULES 2>&1 | grep ssl
ssl_module (shared)
Using Apache 2, you can see what modules are currently loaded by the HTTP daemon by running the following command:
apache2ctl -M
The -M option is really just a parameter passed to httpd.
apache2ctl is a front end to the Apache HyperText Transfer Protocol
(HTTP) server. It is
designed to help the administrator control the functioning of the Apache apache2 daemon.
NOTE: The default Debian configuration requires the environment variables APACHE_RUN_USER,
APACHE_RUN_GROUP, and APACHE_PID_FILE to be set in /etc/apache2/envvars.
The apache2ctl script returns a 0 exit value on success, and >0 if an error occurs. For
more details, view the comments in the script.
Fortunately, Most flavors of Linux have OpenSSL "out of the box".
To verify installation:
openssl version
Response:
OpenSSL 1.0.1t 3 May 2016
Note: version OpenSSL 1.0.1 through 1.0.1f (inclusive)
are vulnerable to the OpenSSL Heartbleed Bug.
Versions 1.0.1g and greater are fixed.
For additional install info:
Ubuntu/Debian
dpkg -l | grep -i openssl
Response:
ii libcrypt-openssl-random-perl 0.04-2+b1 amd64 module to access the OpenSSL pseudo-random number generator
ii libcurl3:amd64 7.38.0-4+deb8u5 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
ii libgnutls-openssl27:amd64 3.3.8-6+deb8u4 amd64 GNU TLS library - OpenSSL wrapper
ii openssl 1.0.1t-1+deb8u6 amd64 Secure Sockets Layer toolkit - cryptographic utility
ii python-ndg-httpsclient 0.3.2-1 all enhanced HTTPS support for httplib and urllib2 using PyOpenSSL
ii python-openssl 0.14-1 all Python 2 wrapper around the OpenSSL library
ii ssl-cert 1.0.35 all simple debconf wrapper for OpenSSL
Yea, OpenSSL is installed!
To install OpenSSL if you don't have it, try:
Debian/Ubuntu:
sudo apt-get install openssl
RedHat/CentOS:
yum install openssl
To determine openssl & ssl_module
# rpm -qa | grep openssl
openssl-libs-1.0.1e-42.el7.9.x86_64
openssl-1.0.1e-42.el7.9.x86_64
openssl098e-0.9.8e-29.el7.centos.2.x86_64
openssl-devel-1.0.1e-42.el7.9.x86_64
mod_ssl
# httpd -M | grep ssl
or
# rpm -qa | grep ssl
You should install this Apache mod, http://httpd.apache.org/docs/2.0/mod/mod_info.html, it basically gives you a run down of the mods you're using and the Apache settings.
I have this enabled on my Apache and it gives me this info for my website,
Server Version: Apache/2.2.3 (Debian) mod_jk/1.2.18 PHP/5.2.0-8+etch13 mod_ssl/2.2.3 OpenSSL/0.9.8c mod_perl/2.0.2 Perl/v5.8.8
If you just run openssl in your terminal it should present the openSSL shell. My first clue to knowing that I didn't have mode_ssl was when I got the following error after adding SSLEngine on in my virtualhost file:
Invalid command 'SSLEngine', perhaps misspelled or defined by a module not included in the server configuration
In centos I just had to install it via yum install mod_ssl
Just look in the ssl_engine.log in your Apache log directory where you should find something like:
[ssl:info] [pid 5963:tid 139718276048640] AH01876: mod_ssl/2.4.9 compiled against Server: Apache/2.4.9, Library: OpenSSL/1.0.1h
Create a test.php file with the following code in a www folder:
<?php echo phpinfo();?>
When you navigate to that page/URL in the browser. You will see something similar if you have openssl enabled:
Enable mod_ssl in httpd.conf and restart the apache. You will see the openssl information in error.log as below
[Fri Mar 23 15:13:38.448268 2018] [mpm_worker:notice] [pid 8891:tid 1] AH00292: Apache/2.4.29 (Unix) OpenSSL/1.0.2n configured -- resuming normal operations
[Fri Mar 23 15:13:38.448502 2018] [core:notice] [pid 8891:tid 1] AH00094: Command line: '/opt/apps/apache64/2.4.29/bin/httpd'
to verify in php command lie
$php -i | grep openssl
In my case this is how I got the information:
find where apache logs are located, and go there, in my case:
cd /var/log/apache2
find in which log openssl information can be found:
grep -i apache.*openssl *_log
e.g. error_log ...
to get fresh information, restart apache, e.g.
rcapache2 restart # or service apache2 restart
check for last entries in the log, e.g.
/var/log/apache2 # tail error_log
[Thu Jun 09 07:42:24 2016] [notice] Apache/... (Linux/...) mod_ssl/2.2.22 OpenSSL/1.0.1t ...
To find the ssl version
Go to Apache bin folder in command prompt
Enter these commands "openssl version"