LAMP & FAMP Servers

Linux Apache + MySQL + PHP – FreeBSD Apache + MySQL + PHP

 

Setup Apache, MySQL, PHP stack on Linux Server

Updating the server

Make sure all packages are up-to-date, run the following apt command or apt-get command:

 

# sudo apt update

# sudo apt upgrade

 

Installing Apache Server

Apache HTTP Server, also known as “Apache.” It is a web server famous for promoting the growth of the World Wide Web. Hence, we are going to install Apache on Linux, run:

 

# sudo apt install apache2

 

Start, stop, restart and get the status of Apache server

 

The syntax is as follows for the systemctl command:

 

# sudo systemctl start apache2.service <-- Start the server

# sudo systemctl restart apache2.service <-- Restart the server

# sudo systemctl stop apache2.service <-- Stop the server

# sudo systemctl reload apache2.service <-- Reload the server config

# sudo systemctl status apache2.service <-- Get the server status

 

Update the Firewall and open port 80 and 443

 

It is important that you open TCP port 80 (www) and 443 (https) so that LAMP on Linux works. Type the following commands:

 

# sudo ufw allow www

# sudo ufw allow https

# sudo ufw status

 

Sample outputs:

 

Status: active

 

To Action From
-- ------ ----
22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)

 

Test it by typing your server’s IP or domain name:

 

http://server1.yourdomain.tld

http://your_public_IPv4_here

 

Configure Apache

 

Edit the following file using a text editor such as vi/vim, nano, emacs and so on:

 

# sudo vi /etc/apache2/mods-available/mpm_prefork.conf

 

# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxRequestWorkers: maximum number of server processes allowed to start
# MaxConnectionsPerChild: maximum number of requests a server process serves

<IfModule mpm_prefork_module>
StartServers 4
MinSpareServers 20
MaxSpareServers 40
MaxRequestWorkers 200
MaxConnectionsPerChild 4500
</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

 

Above settings should be adjusted as per your deployment’s needs. Finally, disable the Apache event module and enable httpd prefork, run:

 

# sudo a2dismod mpm_event

# sudo a2enmod mpm_prefork

 

To activate the new configuration, you need to run:

 

# sudo systemctl restart apache2.service

 

How to create your first virtual hosts

 

Make a copy of the default Apache configuration for your domain called www.yourdomain.tld as follows using the cp command:

 

# sudo cp -v /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/www.yourdomain.tld.conf

 

Update /etc/apache2/sites-available/www.yourdomain.tld.conf as follows:

 

<Directory /var/www/yourdomain.tld/public_html>

        Require all granted

</Directory>

<VirtualHost *:80>

        ServerName yourdomain.tld

        ServerAlias www. yourdomain.tld

        ServerAdmin webmaster@ yourdomain.tld

        DocumentRoot /var/www/yourdomain.tld/public_html

        ErrorLog ${APACHE_LOG_DIR}/www.yourdomain.tld _error.log

        CustomLog ${APACHE_LOG_DIR}/www.yourdomain.tld _access.log combined

</VirtualHost>

 

Next, create a new directory to store HTML/PHP files for domain:

 

# mkdir -vp /var/www/yourdomain.tld/public_html

 

Add a new Linux user, run:

 

# sudo useradd -d /var/www/yourdomain.tld/ -s /usr/sbin/nologin -c 'www. yourdomain.tld user' cbzuser

# sudo passwd -l cbzuser

 

Enable your site and disable default LAMP site:

 

# sudo a2ensite www. yourdomain.tld

# sudo a2dissite 000-default

 

Create a new html file named index.html:

 

# vi /var/www/yourdomain.tld/public_html/index.html

 

Append HTML4/HTML5 code:

 

<html>

        <head>

                <title>www. yourdomain.tld on Linux</title>

        </head>

        <body>

                <h2>www.yourdomain.tld </h2>

                <p>This is a test LAMP server.</p>

                <hr>

        </body>

</html>

 

Save and close the file. Use the chown command and chmod command commands to set tight permissions on your Apache DocumentRoot:

 

# sudo chown -R cbzuser:cbzuser /var/www/yourdomain.tld/

# sudo chmod 0444 /var/www/yourdomain.tld/

# sudo find /var/www/yourdomain.tld/ -type d -print0 | sudo xargs -0 -I {} chmod 0445 "{}"

 

To activate the new configuration, you need to run:

 

# sudo systemctl reload apache2.service

 

Fire a web browser and test it:

http://www.yourdomain.tld

 

Installing MariaDB Server

Now you have a web server up and running along with your first virtual host too. It is time to install MariaDB, which is a drop-in replacement for MySQL server. Type the following apt command:

 

# sudo apt install mariadb-server

 

Improve MariaDB installation security

Run mysql_secure_installation script:

 

# sudo mysql_secure_installation

 

This script enables you to improve the security of your MariaDB installation in the following ways:

You can set a password for root accounts.
Delete root accounts that are accessible from outside the localhost.
Remove anonymous-user accounts.
Erase the test database, which by default can be accessed by anonymous users.

 

How to create a MariaDB database and user/password

To create a database and grant your users permissions to use databases, run:

 

# mysql -u root -p

 

Enter MariaDB’s root password when prompted. Create a database named ‘wpdb’ and grant your user permissions on it. Change the database name (wpdata) and username (wpuser)/change the password (wppassword):

 

CREATE DATABASE wpdb;

GRANT ALL ON wpdb.* TO 'wpuser' IDENTIFIED BY 'wppasword';

quit

 

Test new db and user/password combination:

 

# mysql -u wpuser -p'wppasword' wpdb

 

Installing PHP Language

PHP is the last part of the puzzle that makes it possible to produce dynamic webpages. PHP is also a popular web development engine for a LAMP stack. Therefore, let us install PHP:

 

# sudo apt install php libapache2-mod-php

 

Finding and installing PHP modules

Installation of PHP modules that allows MySQL access and GD lib too:

 

# sudo apt install php-mysql php-gd

 

One can get a list of all PHP modules using the combination of apt-cache command and grep command:

 

# apt-cache search php | egrep 'module' | grep default

 

Sample outputs:

 

libapache2-mod-php - server-side, HTML-embedded scripting language (Apache 2 module) (default)

php-bcmath - Bcmath module for PHP [default]

php-bz2 - bzip2 module for PHP [default]

php-curl - CURL module for PHP [default]

php-dev - Files for PHP module development (default)

php-enchant - Enchant module for PHP [default]

php-gd - GD module for PHP [default]

php-gmp - GMP module for PHP [default]

php-imap - IMAP module for PHP [default]

php-interbase - Interbase module for PHP [default]

php-intl - Internationalisation module for PHP [default]

php-json - JSON module for PHP [default]

php-ldap - LDAP module for PHP [default]

php-mbstring - MBSTRING module for PHP [default]

php-mysql - MySQL module for PHP [default]

php-odbc - ODBC module for PHP [default]

php-pgsql - PostgreSQL module for PHP [default]

php-pspell - pspell module for PHP [default]

php-readline - readline module for PHP [default]

php-recode - recode module for PHP [default]

php-snmp - SNMP module for PHP [default]

php-soap - SOAP module for PHP [default]

php-sqlite3 - SQLite3 module for PHP [default]

php-sybase - Sybase module for PHP [default]

php-tidy - tidy module for PHP [default]

php-xml - DOM, SimpleXML, WDDX, XML, and XSL module for PHP [default]

php-xmlrpc - XMLRPC-EPI module for PHP [default]

php-zip - Zip module for PHP [default]

 

Restart Apache:

 

# sudo systemctl restart apache2.service

 

Testing PHP instllation along with LAMP

Create a file named test.php as follows:

 

# sudo vi /var/www/yourdomain.tld/public_html/test.php

 

Append the following code:

 

# any type of customized code.

 

Save and close the file. Set permisions:

 

# sudo chown -R cbzuser:cbzuser /var/www/yourdomain.tld/

# sudo chmod 0444 /var/www/yourdomain.tld/

# sudo find /var/www/yourdomain.tld/ -type d -print0 | sudo xargs -0 -I {} chmod 0445 "{}"

 

Open a webbrowser and type url:

http://your-ip/test.php

http://www.yourdomain.tld /test.php

 

This page indicates that your PHP 7.3 is working correctly on a LAMP server. It is time you delete that page as it exposed sensitive information using the rm command:

 

# sudo rm -v /var/www/yourdomain.tld/public_html/test.php

 

Install Apache, MySQL, PHP stack on FreeBSD Server

Update your ports

Like always make sure everything is up to date before starting. I like to do:

 

# portsnap fetch update && portupgrade -a

 

Installing Apache Server

To install the port:

 

# cd /usr/ports/www/apache24/ && make install clean

 

Or, to add the package:

 

# pkg install www/apache24

 

Starting up Apache service on boot

Add following to the end of “/etc/rc.conf” file to launch Apache at start up:

 

echo 'apache24_enable="YES"' >> /etc/rc.conf

 

Starting / stopping / restarting Apache server

To start Apache to make sure it works:

 

# /usr/local/etc/rc.d/apache24 start

 

To restart Apache server:

 

# /usr/local/etc/rc.d/apache24 restart

 

To stop Apache server:

 

# /usr/local/etc/rc.d/apache24 stop

 

You can also use the service command for starting/stoping/restarting Apache server on FreeBSD:

 

## service command to control Apache server ##

service apache24 start

service apache24 restart

service apache24 stop

service apache24 status

 

Note: If you are getting this error “Could not reliably determine the server's fully qualified domain name, using 127.0.0.1.” Set the ‘ServerName’ directive globally to suppress this message:

 

Add next line to /usr/local/ect/apache24/httpd.conf file:

ServerName localhost

 

Replace localhost with the server’s domain name which can be obtained with:

 

# hostname -f

 

Installing MySQL Server

To install the port:

 

# cd /usr/ports/databases/mysql56-server/ && make install clean

 

Or, to add the package:

 

# pkg install databases/mysql56-server

 

Install MySQL Client

To install the port:

 

# cd /usr/ports/databases/mysql56-client/ && make install clean

 

Or, to add the package:

# pkg install databases/mysql56-client

 

Starting up Mysql server service on boot

Finally, /etc/rc.conf must contain the following line to allow the MySQL server to start:

 

echo 'mysql_enable="YES"' >> /etc/rc.conf

 

Starting / stopping / restarting Mysql server

To start the Mysql server type:

 

# /usr/local/etc/rc.d/mysql-server start

 

To restart the Mysql server type:

 

# /usr/local/etc/rc.d/mysql-server restart

 

To stop the Mysql server type:

 

# /usr/local/etc/rc.d/mysql-server stop

 

You can also use the service command for starting/stoping/restarting mysql server on FreeBSD:

 

## command to start/stop mysql servers on FreeBSD ##

service mysql-server start

service mysql-server restart

service mysql-server stop

service mysql-server status

 

Setting up Mysql server passwords

 

The default is set to allow anyone to have full access. It’s very important that you set up passwords. To set a password on the anonymous accounts use:

 

# mysql -u root

 

Run the following sql queries at mysql> prompt (replace host_name with actual system host name which can be obtained with hostname -f command:

 

mysql> SET PASSWORD FOR ''@'localhost' = PASSWORD('newpwd-here');

mysql> SET PASSWORD FOR ''@'host_name' = PASSWORD('newpwd-here');

mysql> quit

 

To set a password for the root account use:

 

# mysql -u root

 

Run the following sql queries at mysql> prompt:

 

mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('newpwd-here');

mysql> SET PASSWORD FOR 'root'@'host_name' = PASSWORD('newpwd-here');

mysql> quit

 

Note: An alternative method to set a password for the MySQL root user is to run the following command:

 

/usr/local/bin/mysqladmin -u root password 'PASSWORD-HERE'

 

After setting the password, here is how you shutdown mysqld server:

 

# mysqladmin -u root -p shutdown

 

Enter password:

Tip: If you “forget” the root password, here is how you can reset it

 

Stop mysqld with this command:

 

# /usr/local/etc/rc.d/mysql-server.sh stop

 

Modify the start command to add this option to the command line. Do not leave this option on for long. Only for when you need it. It bypasses all usual mysql security:

 

-Sg|--skip-grant-tables

 

This option causes the server not to use the privilege system at all. This gives everyone full access to all databases! (You can tell a running server to start using the grant tables again by executing mysqladmin flush-privileges or mysqladmin reload.)

 

Modify it in /usr/local/etc/rc.d/mysql-server.sh:

 

/usr/local/bin/safe_mysqld --user=mysql --skip-grant-tables > /dev/null & && echo -n ' mysqld'

 

Start mysqld:

 

# /usr/local/etc/rc.d/mysql-server.sh start

 

Connect to mysql:

 

# mysql

 

Look out because this next step will reset the passwords for all root users. Make sure that’s what you want to do. You may wish to restrict this SQL by including an “and host = ‘something'” clause. Inspect existing users with “SELECT host, user from user;“. Select the mysql database and reset the password:

 

mysql> use mysql

mysql> update user set password = PASSWORD('secret') where user = 'root';

mysql> quit

 

=> Do not forget to undo that mysql bypass i.e. Stop mysqld with: /usr/local/etc/rc.d/mysql-server.sh stop

=> Remove the option from the vi /usr/local/etc/rc.d/mysql-server.sh and remove --skip-grant-tables options.

=> Restart mysqld with: /usr/local/etc/rc.d/mysql-server.sh start

 

Installing PHP Language

When you build PHP, you need to add the configuration option so that PHP build includes support for the Apache server. Type the following commands:

 

# cd /usr/ports/lang/php56

# make config

 

When the menu comes up to select/deselect various build options. You should select:

 

Now you will do the make clean command. I normally do these commands all in one but to get the configuration menu, I do them apart.

 

# make install clean

 

Install mod_php for Apache

Type the following commands to build mod_php for Apache:

 

# cd /usr/ports/www/mod_php56

# make install clean

 

Install php extensions

If you aren’t sure if it’s or you didn’t check it with your MySQL install, you will do it the commands the same way so you get the menus to configure to add support for both MySQL and MySQLi to communicate with the MySQL server.

 

# cd /usr/ports/lang/php56-extensions/

# make config

 

You may also select other extensions as per your PHP apps requirements. Then finish up with:

 

# make install clean

 

Configure mod_php

To configure it you will type the following command that just makes a copy of a file:

 

# cp /usr/local/etc/php.ini-development /usr/local/etc/php.ini

 

To configure Apache and open the file:

 

# ee /usr/local/etc/apache24/httpd.conf

 

Using ee text editor for simple edits, look for this line:

DirectoryIndex index.html

 

And change it so it reads as follows:

DirectoryIndex index.html index.htm index.php

 

Find and set the following values as per your domain, IP, and port number:

 

ServerAdmin webmaster@ yourdomain.tld

ServerName www.yourdomain.tld :80

Listen :80

 

Save and close the file. Create a file called /usr/local/etc/apache24/modules.d/001_mod_php.conf as follows:

 

# cat /usr/local/etc/apache24/modules.d/001_mod_php.conf

 

<FilesMatch ".php$">

    SetHandler application/x-httpd-php

</FilesMatch>

<FilesMatch ".phps$">

    SetHandler application/x-httpd-php-source

</FilesMatch>

 

Now restart Apache server:

 

# /usr/local/etc/rc.d/apache24 restart

 

OR

 

# service apache24 restart

 

Test your setup

Create a file called /usr/local/www/apache24/data/test.php:

 

# vi /usr/local/www/apache24/data/test.php

 

Append the following code:

 

# any type of customized code

 

Save and close the file. Fire a web-browser and type the url:

http://yourdomain.tld/test.php

http://your-ip-address/test.php