sudo mkdir /var/www/your_domain
Now we will set permissions on the directory with the $USER environment variable, which should refer to your current system user:sudo chown -R $USER:$USER /var/www/your_domain
Open a new configuration file under Apache's sites-available directory using a command line editor. In our example, we are using nano:sudo nano /etc/apache2/sites-available/your_domain.conf
Paste the following settings:<VirtualHost *:80> ServerName your_domain ServerAlias www.your_domain ServerAdmin webmaster@localhost DocumentRoot /var/www/your_domain ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>
With these VirtualHost settings, we are essentially telling Apache to serve the content of your domain in the following directory:/var/www/your_domain
You can test Apache without a domain name by removing the ServerName and ServerAlias options or by adding a # at the beginning of each option's line. Now you can use a2ensite to activate this virtual host:sudo a2ensite your_domain
For convenience and security reasons, it is recommended to disable the default website that comes with Apache. To disable the default Apache website, type:sudo a2dissite 000-default
To ensure that your configuration file does not contain any syntax errors, you can run:sudo apache2ctl configtest
Finally, reload Apache for the changes to take effect:sudo systemctl reload apache2
Your new site is active, but its root directory—/var/www/your_domain—is empty.Scenario 1: Name-based virtual host
This is the most common scenario. One server hosts multiple sites, each with its own domain (example1.com, example2.com), and all requests arrive at the same IP. Apache differentiates them via the Host header of the request.
<VirtualHost *:80>
ServerName example1.com
ServerAlias www.example1.com
DocumentRoot /var/www/example1
ErrorLog ${APACHE_LOG_DIR}/example1-error.log
CustomLog ${APACHE_LOG_DIR}/example1-access.log combined
</VirtualHost>
Save to /etc/apache2/sites-available/example1.conf, enable with a2ensite example1 and run systemctl reload apache2.
Scenario 2: HTTPS with Let's Encrypt
Today, most sites require HTTPS. After installing certbot, run certbot --apache -d example1.com -d www.example1.com. certbot automatically duplicates the VirtualHost to port 443 with the SSL certificate, and adds a redirect from HTTP to HTTPS.
Important: make sure port 443 is open in the firewall (ufw allow 443/tcp) and the domain's A record points to the server before you run certbot — otherwise domain-control validation will fail.
Common issues + fixes
- "AH00558: Could not reliably determine the server's fully qualified domain name" — add
ServerName 127.0.0.1to/etc/apache2/apache2.conf. - Two VirtualHosts loaded on the same domain — check ordering with
apache2ctl -S; the first is the default for requests that don't match any ServerName. - Config file changes don't take effect — you must
systemctl reload apache2after every change (not just restart).
On our managed servers, creating a new site through cPanel sets up the VirtualHost automatically with active SSL. Managed VPS includes this management as standard.