Difference between revisions of "Installing The LAMP Stack On A Server"
(→Apache) |
|||
| Line 89: | Line 89: | ||
To view the active set of Firewalld rules/services for the public zone that will be used: | To view the active set of Firewalld rules/services for the public zone that will be used: | ||
<nowiki>sudo firewall-cmd --zone=public --list-services</nowiki> | <nowiki>sudo firewall-cmd --zone=public --list-services</nowiki> | ||
| − | If HTTP/HTTPS are already permitted, nothing further needs to be configured at this time within this section, if they are NOT proceed with this section. | + | If HTTP/HTTPS are already permitted, nothing further needs to be configured at this time within this section, if they are NOT already permitted proceed with this section. |
To allow the HTTP/HTTPS traffic to the server so that connections can reach Apache, use the below: | To allow the HTTP/HTTPS traffic to the server so that connections can reach Apache, use the below: | ||
Revision as of 11:37, 21 December 2023
LAMP Stack refers to the following software tools all running on the same server together:
L - Linux
A - Apache (replaceable with Nginx)
M - MySQL or MariaDB (replaceable with other database tools)
P - PHP or Python
For this page, Linux, Apache, MariaDB, and PHP will be used.
Prerequisites
Ensure that you have created, configured, and secured a remote server at least at a basic level and that all the software packages installed are up to date. A Wiki page to do so can be found here.
Apache
Installing Apache
Install Apache using the command below:
sudo dnf install httpd
Enable the Apache service, httpd.service, to start at boot:
sudo systemctl start httpd.service sudo systemctl enable httpd.service
Check that the service has been started and is enabled:
sudo systemctl status httpd.service
Configuring Apache
Before doing anything further, it is a good best practice to back up the Apache configuration file located at '/etc/httpd/conf/httpd.conf' by default and storing that default somewhere just to be safe:
cp /etc/httpd/conf/httpd.conf /home/EXAMPLE_USER/httpd.conf.backup
Create an Apache config file, httpd-mpm.conf, using the template provided below. These are settings typical for use on a smaller cloud server running on something like Linode, DigitalOcean, AWS, or Azure:
nano httpd-mpm.conf
Inside httpd-mpm.conf, place the following -- adjust as needed for use-case:
KeepAlive Off
<IfModule prefork.c>
StartServers 4
MinSpareServers 20
MaxSpareServers 40
MaxClients 200
MaxRequestsPerChild 4500
</IfModule>
Configure Name-based Virtual Hosts
Create directories to store the files and logs for the site the server will be hosting:
sudo mkdir -p /var/www/html/EXAMPLE/{public, logs}
This will create a 'public' and a 'logs' directory at once, replace EXAMPLE with the domain name of the server or the IP address of the server, whichever will be used.
Create directories for the virtual hosts files for the server, 'sites-available' and 'sites-enabled':
sudo mkdir -p /etc/httpd/sites-available/ sudo mkdir -p /etc/httpd/sites-enabled/
Tell Apache where to look for the 'sites-enabled' directory to find the virtual hosts by adding the below to the config file '/etc/httpd/conf/httpd.conf' that was copied earlier:
sudo nano /etc/httpd/conf/httpd.conf
Append the below to 'httpd.conf' file:
IncludeOptional sites-enabled/*.conf
Now that Apache knows where to look, create a virtual hosts file for it to find, replacing EXAMPLE with the name of the domain or IP address of the server again:
cd /var/www/html/EXAMPLE sudo nano /etc/httpd/sites-available/EXAMPLE.conf
Add the below to the contents of that file:
<Directory /var/www/html/EXAMPLE/public_html>
Require all granted
</Directory>
<VirtualHost *:80>
ServerName EXAMPLE
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/EXAMPLE/public_html
ErrorLog /var/www/html/EXAMPLE/logs/error.log
CustomLog /var/www/html/EXAMPLE/logs/access.log combined
</VirtualHost>
Create a symbolic (or soft) link between the 'sites-available' directory created earlier and the 'sites-enabled' directory created at the same time:
sudo ln -s /etc/httpd/sites-available/EXAMPLE.conf /etc/httpd/sites-enabled/EXAMPLE.conf
Reload the Apache service for all the above changes to take effect:
sudo systemctl restart httpd.service
Configuring Firewalld To Allow HTTP/HTTPS Traffic
Firewalld will be used for this page, but the same results can be achieved via different commands for UFW or any other firewall services available.
To view the active set of Firewalld rules/services for the public zone that will be used:
sudo firewall-cmd --zone=public --list-services
If HTTP/HTTPS are already permitted, nothing further needs to be configured at this time within this section, if they are NOT already permitted proceed with this section.
To allow the HTTP/HTTPS traffic to the server so that connections can reach Apache, use the below:
sudo firewall-cmd --zone=public --add-service=http --permanent sudo firewall-cmd --zone=public --add-service=https --permanent sudo firewall-cmd --zone=public --add-service=http sudo firewall-cmd --zone=public --add-service=https sudo firewall-cmd --reload
HTTP/HTTPS traffic needs to be permitted to both the Runtime and the Permanent rule sets for Firewalld so that the changes take effect on the current boot and remain persistent on future boots. Additional information for Firewalld can be found on this Wiki here.