Installing The LAMP Stack On A Server

From Nick's Personal Wiki
Revision as of 11:51, 25 March 2026 by Nick (talk | contribs) (→‎Prerequisites)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

LAMP Stack refers to the following software tools all running on the same server together:

L - Linux

A - Apache (replaceable with Nginx)

M - MySQL or MariaDB (replaceable with other database tools)

P - PHP or Python

For this page, Linux, Apache, MariaDB, and PHP will be used.


Prerequisites

Ensure that you have created, configured, and secured a remote server (at least at a basic level) and that all the software packages installed are up to date. A Wiki page to do so can be found here.

Apache

Installing Apache

Install Apache using the command below: 

sudo dnf install httpd

Enable the Apache service, httpd.service, to start at boot: 

sudo systemctl start httpd.service
sudo systemctl enable httpd.service

Check that the service has been started and is enabled: 

sudo systemctl status httpd.service


Configuring Apache

Before doing anything further, it is a good best practice to back up the Apache configuration file located at '/etc/httpd/conf/httpd.conf' by default and storing that default somewhere just to be safe: 

cp /etc/httpd/conf/httpd.conf /home/EXAMPLE_USER/httpd.conf.backup

Create an Apache config file, httpd-mpm.conf, using the template provided below. These are settings typical for use on a smaller cloud server running on something like Linode, DigitalOcean, AWS, or Azure: 

nano httpd-mpm.conf

Inside httpd-mpm.conf, place the following -- adjust as needed for use-case: 

KeepAlive Off

<IfModule prefork.c>
    StartServers        4
    MinSpareServers     20
    MaxSpareServers     40
    MaxClients          200
    MaxRequestsPerChild 4500
</IfModule>

Configure Name-based Virtual Hosts

Create directories to store the files and logs for the site the server will be hosting: 

sudo mkdir -p /var/www/html/EXAMPLE/{public, logs}

This will create a 'public' and a 'logs' directory at once, replace EXAMPLE with the domain name of the server or the IP address of the server, whichever will be used.

Create directories for the virtual hosts files for the server, 'sites-available' and 'sites-enabled': 

sudo mkdir -p /etc/httpd/sites-available/
sudo mkdir -p /etc/httpd/sites-enabled/

Tell Apache where to look for the 'sites-enabled' directory to find the virtual hosts by adding the below to the config file '/etc/httpd/conf/httpd.conf' that was copied earlier: 

sudo nano /etc/httpd/conf/httpd.conf

Append the below to 'httpd.conf' file: 

IncludeOptional sites-enabled/*.conf

Now that Apache knows where to look, create a virtual hosts file for it to find, replacing EXAMPLE with the name of the domain or IP address of the server again: 

cd /var/www/html/EXAMPLE
sudo nano /etc/httpd/sites-available/EXAMPLE.conf

Add the below to the contents of that file: 

<Directory /var/www/html/EXAMPLE/public_html>
    Require all granted
</Directory>
<VirtualHost *:80>
    ServerName EXAMPLE
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html/EXAMPLE/public_html
    ErrorLog /var/www/html/EXAMPLE/logs/error.log
    CustomLog /var/www/html/EXAMPLE/logs/access.log combined
</VirtualHost>

Create a symbolic (or soft) link between the 'sites-available' directory created earlier and the 'sites-enabled' directory created at the same time: 

sudo ln -s /etc/httpd/sites-available/EXAMPLE.conf /etc/httpd/sites-enabled/EXAMPLE.conf

Reload the Apache service for all the above changes to take effect: 

sudo systemctl restart httpd.service


Configuring Firewalld To Allow HTTP/HTTPS Traffic

Firewalld will be used for this page, but the same results can be achieved via different commands for UFW or any other firewall services available.

To view the active set of Firewalld rules/services for the public zone that will be used: 

sudo firewall-cmd --zone=public --list-services

If HTTP/HTTPS are already permitted, nothing further needs to be configured at this time within this section, if they are NOT already permitted proceed with this section.

To allow the HTTP/HTTPS traffic to the server so that connections can reach Apache, use the below: 

sudo firewall-cmd --zone=public --add-service=http --permanent
sudo firewall-cmd --zone=public --add-service=https --permanent
sudo firewall-cmd --zone=public --add-service=http
sudo firewall-cmd --zone=public --add-service=https

sudo firewall-cmd --reload

HTTP/HTTPS traffic needs to be permitted to both the Runtime and the Permanent rule sets for Firewalld so that the changes take effect on the current boot and remain persistent on future boots. Additional information for Firewalld can be found on this Wiki here.

MariaDB

Installation

To install the MariaDB packages: 

sudo dnf install mariadb-server

Start and enable the MariaDB service: 

sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service

Run the installation script for MariaDB: 

sudo mysql_secure_installation

This will run a script with prompts to determine the various MariaDB installation security options. These can be configured as desired, left as defaults, or can be configured with the suggestions below: 

Answer 'yes' to the following:
Change the root password for MariaDB
Remove Anonymous user accounts
Disable root logins outside of localhost
Remove test databases
Reload privileges


Creating A Database

With the MariaDB software installed, log into MariaDB using the root password configured above (if available): 

mysql -u root -p

Create a database for the server to use, replace DATABASE_NAME with the desired name: 

create database DATABASE_NAME;

Create a new user with permission to access this database, replacing USER_NAME and PASSWORD with desired selections: 

grant all on DATABASE_NAME.* to 'USER_NAME' identified by 'PASSWORD';

The database is now created, a user to access it created, and the created user has permissions to use it.

PHP

Installation

To install PHP and needed modules: 

sudo dnf install php php-pear php-mysqlnd


Configuration

Edit the below file for better error messages and logs: 

sudo nano /etc/php.ini

By appending/editing the '/etc/php.ini' file with the following: 

error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR
error_log = /var/log/php/error.log
max_input_time = 30

Create the directories for the log files specified in the '/etc/php.ini' file: 

sudo mkdir /var/log/php

Grant the Apache user and group permission to read/write those files: 

sudo chown apache:apache /var/log/php

PHP should now be installed so Apache will need to be restarted for the changes to take effect: 

sudo systemctl restart httpd.service
Retrieved from "https://nlear.xyz/wiki/index.php?title=Installing_The_LAMP_Stack_On_A_Server&oldid=203"