Web Server
Users need a Web Server to interact with Horde Groupware.
Apache Web Server
- Version 2.4 is supported
- Use SSL certificates to enable HTTPS for anything but local test installations. You can get free SSL certificates via letsencrypt.org
- Use mod_php to run PHP on the web server or fastcgi and PHP-FPM for larger installations.
- Enable mod_rewrite for URL rewriting
Configuration Highlights
- Horde 6 webroot is a sub directory inside the Horde 6 root directory ("horde-deployment")
- Default Horde configuration depends on AllowOverride to enable htaccess files. You can migrate the rewrite rules from the htaccess files into your web server config instead. This is less flexible but enables better performance.
- Some directories need write access for the PHP or web server user:
- ./web/static
- ./web/horde/config
- ./vendor/horde/horde/config
- ./web/kronolith/config
- ./vendor/horde/kronolith/config
- ./web/imp/config
- ./vendor/horde/imp/config
- ./var/vfs
- ./var/tmp
- ./var/log
- ./var/cache
Ubuntu mod_php Example Virtual Host Config
cat /etc/apache2/sites-enabled/web.horde.localhost.conf
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName web.horde.localhost
ServerAdmin webmaster@localhost
DocumentRoot /var/www/horde-deployment/web
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog /var/www/horde-deployment/var/log/error.log
CustomLog /var/www/horde-deployment/var/log/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
OpenSUSE mod_php and HTTPS Vhost config example
# General setup for the virtual host
DocumentRoot /srv/www/horde/web
ServerName dev.maintaina.com
ServerAdmin admin@maintaina.com
ErrorLog /srv/www/horde/var/log/apache2/error_log
TransferLog /srv/www/horde/var/log/apache2/access_log
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# You can use per vhost certificates if SNI is supported.
SSLCertificateFile /etc/letsencrypt/live/dev.maintaina.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/dev.maintaina.com/privkey.pem
# modern configuration, tweak to your needs
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
SSLHonorCipherOrder on
SSLCompression off
SSLSessionTickets off
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog /var/log/apache2/ssl_request_log ssl_combined
## Configure mod_rewrite for permalink
AllowOverride All
SetHandler application/x-httpd-php-source
DirectoryIndex index.php
AllowOverride All
Require all granted
Options +FollowSymlinks
nginx
Horde works with PHP-FPM and nginx 1.16-22
Detailed instructions TBD