How to enable or disable Apache modules

Toggling Apache modules enables features such as TLS, proxying, compression, and URL rewriting while keeping unused components unloaded to reduce complexity and attack surface.

Most modules are loaded as shared objects and activated through configuration, either via helper tools like a2enmod and a2dismod or by adding and removing LoadModule directives that point to the module’s .so file.

Module management is distribution-specific and mistakes can prevent Apache from starting, especially when configuration files reference directives provided by a module that has been disabled; run a configuration test before restarting and note that some modules are compiled in and cannot be toggled.

Platform packaging style	Preferred method	Where it takes effect
Debian, Ubuntu	a2enmod / a2dismod	Symlinks in /etc/apache2/mods-enabled pointing to /etc/apache2/mods-available.
openSUSE, SLES	a2enmod / a2dismod	Module list/flags stored in /etc/sysconfig/apache2 and applied by the startup scripts.
Fedora, CentOS, RHEL	Edit LoadModule lines	Usually /etc/httpd/conf.modules.d/ and /etc/httpd/conf/httpd.conf.
macOS (Apple-supplied)	Edit LoadModule lines	Usually /etc/apache2/httpd.conf.
Homebrew	Edit LoadModule lines	Commonly /opt/homebrew/etc/httpd/httpd.conf or /usr/local/etc/httpd/httpd.conf.
XAMPP	Edit LoadModule lines	Controlled by the bundled /httpd.conf and module directory.

Steps to enable or disable Apache modules using a2enmod and a2dismod:

List available modules from /etc/apache2/mods-available.

$ ls /etc/apache2/mods-available/
access_compat.load    dir.conf                  proxy_express.load
actions.conf          dir.load                  proxy_fcgi.load
actions.load          dump_io.load              proxy_fdpass.load
alias.conf            echo.load                 proxy_ftp.conf
alias.load            env.load                  proxy_ftp.load
allowmethods.load     expires.load              proxy_hcheck.load
asis.load             ext_filter.load           proxy_html.conf
auth_basic.load       file_cache.load           proxy_html.load
auth_digest.load      filter.load               proxy_http2.load
auth_form.load        headers.load              proxy_http.load
authn_anon.load       heartbeat.load            proxy.load
authn_core.load       heartmonitor.load         proxy_scgi.load
authn_dbd.load        http2.conf                proxy_uwsgi.load
authn_dbm.load        http2.load                proxy_wstunnel.load
##### snipped #####

openSUSE and SLES also provide a2enmod and a2dismod but typically manage the module list in /etc/sysconfig/apache2.

List enabled modules from /etc/apache2/mods-enabled.

$ ls /etc/apache2/mods-enabled/
access_compat.load  authz_user.load  filter.load       proxy_http.load
alias.conf          autoindex.conf   mime.conf         proxy.load
alias.load          autoindex.load   mime.load         reqtimeout.conf
auth_basic.load     deflate.conf     mpm_event.conf    reqtimeout.load
authn_core.load     deflate.load     mpm_event.load    setenvif.conf
authn_file.load     dir.conf         negotiation.conf  setenvif.load
authz_core.load     dir.load         negotiation.load  status.conf
authz_host.load     env.load         proxy.conf        status.load

Install the module package if the module is not present in /etc/apache2/mods-available.

Related: How to install Apache modules

Enable a module with a2enmod.

$ sudo a2enmod rewrite
Enabling module rewrite.
To activate the new configuration, you need to run:
  systemctl restart apache2

Disable a module with a2dismod.
```
$ sudo a2dismod status
Module status disabled.
To activate the new configuration, you need to run:
  systemctl restart apache2
```
Disabling a module that provides active configuration directives can prevent apache2 from starting with “Invalid command” errors.
Test the apache2 configuration syntax.
```
$ sudo apache2ctl configtest
Syntax OK
```
Restart apache2 to apply the module change.
```
$ sudo systemctl restart apache2
```
Related: How to manage the Apache web server service

Verify the module state with a2query.

$ sudo a2query -m rewrite
rewrite (enabled by site administrator)

Steps to enable or disable Apache modules manually:

Locate the module’s LoadModule line in the active configuration tree.

$ sudo grep -nr LoadModule /etc/httpd
/etc/httpd/conf/httpd.conf:53:# have to place corresponding `LoadModule' lines at this location so the
/etc/httpd/conf/httpd.conf:59:# LoadModule foo_module modules/mod_foo.so
/etc/httpd/conf.modules.d/00-base.conf:6:LoadModule access_compat_module modules/mod_access_compat.so
/etc/httpd/conf.modules.d/00-base.conf:7:LoadModule actions_module modules/mod_actions.so
/etc/httpd/conf.modules.d/00-base.conf:8:LoadModule alias_module modules/mod_alias.so
/etc/httpd/conf.modules.d/00-base.conf:9:LoadModule allowmethods_module modules/mod_allowmethods.so
/etc/httpd/conf.modules.d/00-base.conf:10:LoadModule auth_basic_module modules/mod_auth_basic.so
/etc/httpd/conf.modules.d/00-base.conf:11:LoadModule auth_digest_module modules/mod_auth_digest.so
/etc/httpd/conf.modules.d/00-base.conf:12:LoadModule authn_anon_module modules/mod_authn_anon.so
/etc/httpd/conf.modules.d/00-base.conf:13:LoadModule authn_core_module modules/mod_authn_core.so
/etc/httpd/conf.modules.d/00-base.conf:14:LoadModule authn_dbd_module modules/mod_authn_dbd.so
/etc/httpd/conf.modules.d/00-base.conf:15:LoadModule authn_dbm_module modules/mod_authn_dbm.so
##### snipped #####

Paths commonly differ on macOS (/etc/apache2/httpd.conf) and Homebrew (/opt/homebrew/etc/httpd/httpd.conf or /usr/local/etc/httpd/httpd.conf).

Install the module package if the module file is not present under the modules directory.

Related: How to install Apache modules
Open the configuration file that contains the module’s LoadModule directive.
```
$ sudo vi /etc/httpd/conf.modules.d/00-base.conf
```
Comment out the module’s LoadModule line to disable it.
```
#LoadModule rewrite_module modules/mod_rewrite.so
```
Removing a required module can stop httpd from starting if any configuration still uses that module’s directives.
Uncomment the module’s LoadModule line to re-enable it.
```
LoadModule rewrite_module modules/mod_rewrite.so
```
Add a LoadModule line for an installed module that is not referenced by any configuration file.
```
LoadModule php_module /opt/homebrew/opt/php/lib/httpd/modules/libphp.so
```
The module path varies by packaging and CPU architecture, so confirm the actual .so location before saving.

Related: Location for Apache modules
Test the httpd configuration syntax.
```
$ sudo httpd -t
Syntax OK
```
Restart the service to apply the change.
```
$ sudo systemctl restart httpd
```
Service name is commonly httpd on Fedora, CentOS, and RHEL and apache2 on Debian and Ubuntu.

Related: How to manage the Apache web server service
Confirm that the module is loaded or unloaded.
```
$ sudo httpd -M | grep rewrite
 rewrite_module (shared)
```
Related: Apache binary name for different distribution
Related: How to view a list of modules in Apache

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.

Discuss the article:

Comment anonymously. Login not required.