Introduction
Deploying a Laravel application in production requires a few crucial steps to ensure that your web application is secure, efficient, and scalable. Among these steps are configuring the web server, in this case, Apache, and securing your application with SSL certificates (https) provided by Let’s Encrypt.
In this tutorial, we’ll go through a step-by-step guide on how to deploy a Laravel application with Apache on a Linux server and secure it using Let’s Encrypt. We will cover everything from uploading your Laravel application to configuring virtual hosts in Apache and setting up encrypted communication with SSL certificates.
Prerequisites
- A Laravel application is ready to be deployed.
- Basic knowledge of SSH.
- A Linux server (Ubuntu or Centos is recommended) with Apache installed.
- Access to your server with root privileges.
- A domain name configured to point to your server’s public IP address.
Deployment Flow
Step 1: Upload Your Laravel Application
Use an SSLH client (OpenSSH, PuTTY, MacOS built-in terminal, etc) and:
- Connect to your server using SSH (with password authentication or non-password authentication) :
ssh [email protected] - Navigate to the ‘/var/www’ directory:
cd /var/www - Upload your Laravel application using SCP or your preferred method:
Make sure the owner of the ‘/var/www/your-laravel-app’ is the web server user, commonly ‘www-data’ for Apache on Ubuntu/Debian systems:
sudo chown -R www-data:www-data /var/www/your-laravel-appStep 2: Configure Apache Virtual Host for Laravel
Create a new configuration file for your application:
sudo nano /etc/apache2/sites-available/your-laravel-app.confInsert the following virtual host configuration, making sure to replace ‘your-domain.com’ with your actual domain:
<VirtualHost *:80>
ServerName your-domain.com
ServerAlias www.your-domain.com
DocumentRoot /var/www/your-laravel-app/public
<Directory /var/www/your-laravel-app/public>
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Enable the new site and rewrite module:
sudo a2ensite your-laravel-app
sudo a2enmod rewrite
sudo systemctl restart apache2Step 3: Install Let’s Encrypt and Obtain SSL Certificates
Install the Certbot tool and Apache plugin:
sudo apt-get update
sudo apt-get install python-certbot-apacheRun Certbot to obtain an SSL certificate:
sudo certbot --apache -d your-domain.com -d www.your-domain.comFollow the prompt and choose the option to redirect HTTP traffic to HTTPS to secure your site.
Certbot will automatically renew the SSL certificates before they expire, ensuring that your site remains secure.
Step 4: Laravel Configuration and Optimization
Configure your .env file with the correct database settings and other environment variables:
APP_ENV=production
APP_DEBUG=false
APP_KEY=SomeRandomStringOptimize your Laravel application for production:
php artisan optimize
php artisan config:cache
php artisan route:cache
php artisan view:cacheMake sure to set the proper permissions:
sudo chown -R www-data:www-data /var/www/your-laravel-app
sudo chmod -R 755 /var/www/your-laravel-app
sudo chmod -R 777 /var/www/your-laravel-app/storage
sudo chmod -R 777 /var/www/your-laravel-app/bootstrap/cacheAdvanced Configuration
If you need more complex configurations such as load balancing, reverse proxy configuration, or additional security measures, here are some snippets:
For setting up a reverse proxy with Apache:
<IfModule mod_proxy.c>
<Proxy *>
Require all granted
</Proxy>
ProxyPass / http://127.0.0.1:8000/
ProxyPassReverse / http://127.0.0.1:8000/
</IfModule>
To add additional headers for security:
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniffEnable these headers using:
sudo a2enmod headers
sudo systemctl restart apache2Conclusion
You have successfully deployed and secured your Laravel application with Apache and Let’s Encrypt. Your application is now running on a production server with an SSL certificate, ensuring that all communications are encrypted and secure.
