How to Install Drupal with Apache and Let’s Encrypt SSL on Debian 11


Drupal is a popular open-source content management system that allows you to build, manage, and maintain your website’s content with no coding knowledge.

Many different content management systems are available on the internet, but not all are right for every website. If you want to build your website with something flexible and powerful, look no further than Drupal.

Here, we will see how to install Drupal with Apache and Let’s Encrypt SSL on Debian 11.


Install LAMP Stack

Follow the below link to install the LAMP stack on your Debian system for Drupal installation.

Install AMP (Apache, MariaDB, and PHP) on Debian 11

Install PHP Extensions for Drupal

Use the apt command to install PHP extensions for Drupal installation.

sudo apt update

sudo apt install -y php-mysql php-gd php-dom php-curl php-imagick php-zip php-xml php-mbstring php-json php-pdo php-cli php-apcu

sudo apt install --no-install-recommends -y php-uploadprogress

Configure PHP for Drupal

Drupal recommends you a few PHP configurations for the better performance of the website. So, edit the /etc/php/7.4/apache2/php.ini file and update the below values. Not all values may be appropriate for all websites. But, you can start with the below values.

memory_limit = 256M

upload_max_filesize = 64M

post_max_size = 64M

realpath_cache_size = 256k

realpath_cache_ttl = 3600

sudo sed -i 's/memory_limit = .*/memory_limit = 256M/' /etc/php/7.4/apache2/php.ini

sudo sed -i 's/upload_max_filesize = .*/upload_max_filesize = 64M/' /etc/php/7.4/apache2/php.ini

sudo sed -i 's/post_max_size = .*/post_max_size = 64M/' /etc/php/7.4/apache2/php.ini

sudo sed -i 's/;realpath_cache_size = .*/realpath_cache_size = 256k/' /etc/php/7.4/apache2/php.ini

sudo sed -i 's/;realpath_cache_ttl = .*/realpath_cache_ttl = 3600/' /etc/php/7.4/apache2/php.ini

Setup Apache Virtual Host for Drupal

We will start with creating a virtual host for a Drupal installation. You can find all Apache virtual hosts under /etc/apache2/sites-available/ directory.

Typically, a virtual host file contains a ServerName, ServerAlias, Port number, Document root, log location, etc.

I am assuming the following,

Domain name:
Port No: 80
Document root: /var/www/html/

First, create a virtual host configuration file.

sudo nano /etc/apache2/sites-available/

Then, place the following information into the above configuration file. Change the values as per your requirement.

<VirtualHost *:80>

   DocumentRoot /var/www/html/

   ErrorLog ${APACHE_LOG_DIR}/www.itzgeek.net_error.log
   CustomLog ${APACHE_LOG_DIR}/www.itzgeek.net_access.log combined

   <Directory /var/www/html/>
      Options FollowSymlinks
      AllowOverride All
      Require all granted

      RewriteEngine on
      RewriteBase /
      RewriteCond %{REQUEST_FILENAME} !-f
      RewriteCond %{REQUEST_FILENAME} !-d
      RewriteCond %{REQUEST_URI} !=/favicon.ico
      RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]


Create a directory for placing Drupal files.

sudo mkdir -p /var/www/html/

Enable the site and Apache modules (SSL and rewrite).

sudo a2ensite 

sudo a2enmod rewrite ssl

Restart the Apache service.

sudo systemctl restart apache2

Install Let’s Encrypt SSL Certificate

Create DNS Record

Go to your domain registrar and create an A and CNAME (optional if you do not want to use www subdomain) record for your domain.

  1. Non-www Domain Name (Ex. >> A record point to your server IP
  2. www Domain Name (Ex. >> CNAME record point to

For this demo, I will create two records so that my Drupal website will be accessible at

DNS Records
DNS Records

Install Certbot client

The Certbot client that helps generate and install the Let’s Encrypt certificate is now available as a snap package for Debian. So, first, install snapd daemon on your system.

sudo apt update

sudo apt install -y snapd

Then, update snapd to the latest version.

sudo snap install core && sudo snap refresh core

Finally, install the Certbot client using the below command.

sudo snap install --classic certbot

sudo ln -s /snap/bin/certbot /usr/bin/certbot

Install SSL Certificate

Use the below command to generate and install the Let’s Encrypt SSL certificate in the Apache webserver.

sudo certbot --apache
1. Enter email address to receive notification on urgent renewal and security notices
2. Type Y and press Enter to register with the ACME server
3. Type Y or N to receive emails about EFF news, campaigns, newsletter.
4. Certbot will automatically detect the domain and ask you to activate HTTPS for your Drupal website. Type 1 or appropriate numbers separated by a comma in case you have multiple websites.
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1,2

Wait for the SSL installation to complete.

Redirect non-www HTTP requests to www HTTPS with Apache

The Certbot client will place the required rules to redirect the traffic from HTTP to the HTTPS website.

1. >>

2. >>

As you can see, the first domain is not reaching www HTTPS with rules placed by Certbot. So, you will have to add a rule manually to redirect traffic from non-www HTTP to www HTTPS domain, I.e., >> if required.

Auto-Renew SSL Certificate

The Certbot client comes with systemd for auto-renewal of SSL certificates. So, you will not have to renew the certificates manually.

Install Drupal with Apache

Create Database for Drupal

First, login into MariaDB/MySQL database server.

sudo mysql -u root -p

Then, create the database for Drupal installation along with the database user and password.


CREATE USER 'drupaluser'@'localhost' IDENTIFIED BY 'password';

GRANT ALL PRIVILEGES ON drupaldb.* TO 'drupaluser'@'localhost';


Download Drupal Package

Download the latest version of the Drupal installer using the below command.

wget -O drupal-latest.tar.gz

Then, extract the downloaded file.

tar -zxvf drupal-latest.tar.gz

And then, move the files to your website document root directory.

sudo mv drupal-*/* /var/www/html/

Update the ownership and a group of the Drupal website directory.

sudo chown -R www-data:www-data /var/www/html/

Install Drupal CMS

Open your browser and visit your Drupal domain to perform the Drupal installation.


1. Choose Language for your Drupal installation and website and then click Save and continue

2. Select an installation profile that is suitable for you and then click Save and continue

3. You may get Clean URLs Test – False Negatives on Verify requirements page. So, you can ignore it if you get a warning that CLEAN URLS is Disabled. Click the Continue anyway link at the bottom to proceed.

4. Enter the Drupal database details in the Database configuration page and then click Save and continue

5. Wait for the Drupal installation to complete

6. You will need to Configure site by entering Site Information, Site Maintenance Account, Region Settings, and Update Notifications. Finally, click Save and continue

7. Upon completion, the installer will redirect you to the Drupal back-end to manage the installation. Alternatively, you can access the Drupal back-end by going to https://your-drupal-website/user/login

Access Drupal Website

Now, you will be able to access the site with your domain name.



Screenshot of Drupal CMS Back-End:


After installing Drupal, you will need to enable the Trusted Host Settings to protect your Drupal website against HTTP HOST Header attacks.


That’s All. I hope you have learned how to install Drupal with Apache and Let’s Encrypt SSL on Debian 11.

You might also like