How to Enable Apache Userdir Module on RHEL/CentOS?

If you are running a web server with Apache on RHEL/CentOS, you may need to enable the Userdir module to allow users to create and serve their own web content. The Userdir module enables users to access their own web directories using a URL format like http://example.com/~username.

Enabling the Apache Userdir module on RHEL/CentOS is a straightforward process that involves installation, configuration, and security considerations. This article will guide you through the complete setup process.

Prerequisites and Installation

Step 1: Install Apache Web Server

Before enabling the Userdir module, ensure Apache web server is installed on your RHEL/CentOS system

sudo yum install httpd

Configuring Userdir Module

Step 2: Enable Userdir Module

On RHEL/CentOS systems, the Userdir module is typically available by default. You need to configure it by editing the configuration file

sudo nano /etc/httpd/conf.d/userdir.conf

Step 3: Configure Userdir Settings

Edit the Userdir configuration to uncomment and modify the following directives

UserDir public_html

<Directory "/home/*/public_html">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    Require method GET POST OPTIONS
</Directory>

The UserDir public_html directive specifies that user content will be served from the public_html directory in each user's home folder.

Step 4: Restart Apache Service

After configuring the Userdir module, restart Apache to apply changes

sudo systemctl restart httpd
sudo systemctl enable httpd

Setting Up User Directories

Step 5: Create User Directory Structure

Each user needs to create their own public_html directory with proper permissions

mkdir ~/public_html
chmod 755 ~/public_html
chmod 711 ~

The home directory must have execute permissions for Apache to access the public_html subdirectory.

Security and Firewall Configuration

Firewall Settings

Ensure your firewall allows HTTP traffic

sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --reload

SELinux Configuration

If SELinux is enabled, set the appropriate boolean to allow userdir access

sudo setsebool -P httpd_enable_homedirs on
sudo setsebool -P httpd_read_user_content on

Security Considerations

Disable Directory Indexing

To prevent directory browsing, modify the autoindex configuration

sudo nano /etc/httpd/conf.d/autoindex.conf

Comment out or remove the Options Indexes directive for enhanced security.

File Permissions Management

Create a dedicated group for userdir management

sudo groupadd webusers
sudo usermod -aG webusers username
sudo chown -R username:webusers /home/username/public_html
sudo chmod -R 755 /home/username/public_html

Testing the Configuration

Create a test HTML file to verify the setup

echo "<h1>Welcome to user's web directory</h1>" > ~/public_html/index.html

Access the user directory via web browser using http://your-server-ip/~username.

Conclusion

Enabling the Apache Userdir module on RHEL/CentOS allows users to host personal web content securely. Proper configuration of permissions, SELinux, and firewall settings ensures both functionality and security. Regular monitoring of resource usage and implementing appropriate security measures helps maintain a stable web hosting environment.