Apache httpd 2.4 on Red Hat Enterprise Linux 6

An update of this article can be found here.

My team here at Red Hat maintains the web server stack in Fedora and RHEL. One of the cool projects we’ve been working on recently is Software Collections. With RHEL we’ve always suffered from the tension between offering a stable OS platform to users, and trying to support the latest-and-greatest open source software. Software Collections is a great technology we’re using to address that tension. Remi Collet has blogged about the PHP 5.4 software collection (now available in the 1.0 release of our product) over at his blog and on this developer blog. Also, another team member, Jan Kaluza, has been working on a collection of httpd 2.4 for RHEL6 – something we keep hearing requests for in bugzilla.

To kick the wheels of Jan’s collection in a RHEL 6.4 VM, here’s what I did:

# curl -s http://repos.fedorapeople.org/repos/jkaluza/httpd24/epel-httpd24.repo > /etc/yum.repos.d/epel-httpd24.repo
# yum install httpd24-httpd
  httpd24-httpd.x86_64 0:2.4.6-5.el6

Dependency Installed:
  httpd24-apr.x86_64 0:1.4.8-2.el6  httpd24-apr-util.x86_64 0:1.5.2-5.el6  httpd24-httpd-tools.x86_64 0:2.4.6-5.el6
  httpd24-runtime.x86_64 0:1-6.el6


This has dropped a complete installation of Apache httpd 2.4.6 into /opt/rh/httpd24 which can be used alongside the httpd 2.2.15 package supported in RHEL 6.4.

# rpm -ql httpd24-httpd | grep sbin

The httpd install is contained inside /opt/rh/httpd24 as far as possible, but we do “leak” into the normal RHEL filesystem in a couple of places – notably to offer an init script. This makes firing up the newly installed 2.4 daemon in my VM as easy as any other service:

# service httpd24-httpd start
Starting httpd:                                            [  OK  ]
# curl -s http://localhost/ | grep 'Test Page for'
		<title>Test Page for the Apache HTTP Server on Red Hat Enterprise Linux</title>

That’s the httpd packagers’ equivalent of getting your program to print “Hello, World” – we’re successfully serving the familiar HTML “welcome page” over HTTP on port 80.

I wanted to check whether the SELinux labelling is being applied correctly in the httpd 2.4 collection. Using some /usr/bin/semanage magic, it’s actually very simple for us to automatically apply SELinux policy inside software collections using an RPM %post script. Here’s one way to check whether it’s working:

# ps Zf -C httpd
LABEL                             PID TTY      STAT   TIME COMMAND
unconfined_u:system_r:httpd_t:s0 1772 ?        Ss     0:00 /opt/rh/httpd24/root/usr/sbin/httpd
unconfined_u:system_r:httpd_t:s0 1774 ?        S      0:00  _ /opt/rh/httpd24/root/usr/sbin/httpd
unconfined_u:system_r:httpd_t:s0 1775 ?        S      0:00  _ /opt/rh/httpd24/root/usr/sbin/httpd
unconfined_u:system_r:httpd_t:s0 1776 ?        S      0:00  _ /opt/rh/httpd24/root/usr/sbin/httpd
unconfined_u:system_r:httpd_t:s0 1777 ?        S      0:00  _ /opt/rh/httpd24/root/usr/sbin/httpd
unconfined_u:system_r:httpd_t:s0 1778 ?        S      0:00  _ /opt/rh/httpd24/root/usr/sbin/httpd

Success – those “httpd_t” labels which I’ve highlighted tell me that httpd processes are running in the correct domain.

Finally, here’s a quick demo of one httpd 2.4 feature I really love – an embedded Lua interpreter in the form of mod_lua:

# cat > /opt/rh/httpd24/root/var/www/html/hello.lua <<EOF
function handle(r)
    r.content_type = "text/plain"
    r:puts("Hello Lua World!n")
    return apache2.OK
# echo 'AddHandler lua-script .lua' > /opt/rh/httpd24/root/etc/httpd/conf.d/lua.conf
# service httpd24-httpd reload
Reloading httpd:
# curl -s http://localhost/hello.lua
Hello Lua World!

If you try out this collection, let us know in the comments how you get on.



  • Hi, thanks for this useful information. I was attempting to use this collection though and ran into an issue. While the installation process was fine, I seem to be having an issue getting Apache 2.4 and mod_ssl to work as expected. I installed httpd24-httpd and httpd24-mod_ssl and got my server correctly running. I also have openssl 1.0.1e installed on my system. For some reason, when I try to set mod_ssl to use only TLSv1.2 I get an error saying that it is not a valid protocol. All the documentation around the web has said that this problem only occurs when you are using a Apache 2.2.x or using openssl < 1.0.1. I was wondering if this might have something to do with the way that mod_ssl was compiled for this collection.

    The reason I am trying to get httpd 2.4 and openssl 1.0.1 working correctly on my server is that I want to take advantage of the perfect forward secrecy ciphers when negotiating my SSL handshake.

    • Hi there – thanks a lot for your feedback!

      We are aware of this issue and are working on a fix. It is slightly complicated because the packages are being built against the OpenSSL packages from RHEL 6.3, but we need to take advantage of TLSv1.x features from the RHEL 6.5 openssl 1.0.1e. The bug is being tracked here:


      Regards, Joe

  • Pingback: Our Top 12 Blog Articles of 2013 | Red Hat Developer Blog()

  • Hi. Is it possble to get the mod _ssl, mod_geoip.so, mod_jk ? Thanks

    • Hi Ruben. mod_ssl is included in the repo I’m talking about in this post. You’d need to install the “httpd24-mod_ssl” package. We don’t currently have mod_geoip or mod_jk packaged in SCL format, but it’s simple enough to install modules either from source or to adapt the Fedora spec files to build into SCL packages.

  • If you use IUS to get the PHP55 packages, how do you get them installed in /opt/rh/httpd24/root? Is there a yum switch or env variable to have them installed there?

    • Looks to me like the IUS PHP55 won’t work as compiled with this httpd24 anyway 🙁 Never mind. I was really hoping to find an httpd24/PHP55 repo to avoid compiling everything by hand. That way yum won’t keep it patched.

    • Mark, no, it’s not that simple. You would have to rewrite the IUS spec files to use the SCL packaging macros.

  • Pingback: Installing HHVM with Apache 2.4 on CentOS 6.5 (64 bit) | Daryl LaRoche, Los Angeles Web Developer()

  • Naheem

    Has the above repo been updated RE Heartbleed?

  • Brian W

    Is there a 2.4.9 or above version available for RHEL 6? There is a specific bug fixed in 2.4.7 and above that we are looking to correct in our environment. Ideally, we would like to install 2.4.9.

    • Hi Brian – sorry, no we don’t have a newer version available at the moment. If you have a specific issue which is affecting you the best route is always to contact support so we can track and prioritise customer requests internally.

  • Good afternoon all. I have a question regarding Apache HTTP Server and RHEL 6.5. Please work with me if I get any of this wrong or confused. OK, After a security scan of out corporate web page currently hosted on RHEL 6.5 and running Apache http server 2.2.15, we (security) are recommending an updateupgrade to 2.2.29, not 2.4 (although that would be nice) which is recommended by Apache. Is this a reasonable request and is this version of Apache supported for this release of RHEL? We’re being told by or Host that 2.2.15 is the highest they can go for now on this version of Red Hat.

    So, is that a true statement? Could they be referring to a version of Apache generic to this platform… and not the Apache http Server that is open source?

    Any comments andor links would be extremely helpful.



    • Hi Don –

      With Red Hat Enterprise Linux we backport security fixes to ensure that customers have a stable and secure platform. This page explains more: https://access.redhat.com/security/updates/backporting

      So yes – we have do httpd 2.2.15 in RHEL 6, but we do have all applicable security fixes applied!

      If you ever have any questions around security issues in Red Hat products you can contact the Product Security team as described here:

      I hope that clears it up! Any further questions, let me know.

  • Hi, Is it possible to install mod_perl . I have installed mod_perl through yum but it doesnt work with the httpd2.4

    • Hi Ganesh – yes, mod_perl is available as part of the perl516 collection. To install, run:

      # yum install perl516-mod_perl

      Once installed, the mod_perl config for httpd is available at:


      • Ganesh R

        Thanks Joe. I’ll try this.

  • Amadou

    Please, can someone provide instructions as to how to get apache, webmin and php packages installed on redhat 6.6 – Each time I run my commands, I get told “No packages available”

  • Senthamil Selvan


    As per your instruction, installed http 2.4 in RHEL 6.5. Now i am having apache 2.2.15 and 2.4 in same server.

    While configuring module(cognos module) in apache 2.4 configuration (httpd.conf) getting below error.

    Starting httpd: httpd: Syntax error on line 56 of /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf: API module structure ‘cognos_module’ in file /opt/cognos/c10_64/cgi-bin/lib64/mod2_2_cognos.so is garbled – expected signature 41503234 but saw 41503232 – perhaps this is not an Apache module DSO, or was compiled for a different Apache version?

    Same module in apache 2.2.15, not getting any error.

    Please give me your suggestion about this error.

    • Hi Senthamil – the module you are trying to use is compiled for Apache httpd 2.2. Modules for Apache 2.2 are not compatible with Apache 2.4. It is likely that IBM provide an alternative build of this module which is built for Apache 2.4 – I suggest you contact them for more information.

  • Senthamil Selvan

    Thanks for your rely Joe Orton

  • Sig Petursson

    Does anyone have experience with applying Shibboleth SP to a RedHat 6.6/HTTPD24 configuration?

  • Peter L


    Could you please share the “/usr/bin/semanage magic” which required to have SELinux policies correctly applied?


    • Peter L

      Disregard this, all good now.