ultimate guide to setting up the lamp stack on centos 6 (apache, php, mysql) _ living with...

8/9/2019 Ultimate Guide to Setting Up the LAMP Stack on CentOS 6 (Apache, PHP, MySQL) _ Living With Technology

1/16

Living with technology

Personal blog of Stanislav Khromov

Ultimate guide to setting up the LAMP stack on CentOS 6

(Apache, PHP, MySQL)

Brace for awesome!

This is a tutorial that covers the entire process of seing up CentOS 6 and installing/configuringApache P!P "#S$% S&%inu' and iptables as (ell as securing the server) This tutorial (ill give#ou a base setup for running static as (ell as d#namic (eb sites using P!P and "#S$%) This tutorialsuits *PS or other lo(+memor# configuration as (ell as dedicated servers)

Prequisites

This tutorial assumes basic ,no(ledge of shell/console usage and ,no(ledge of one te't editor)

-ou need a freshl# installed CentOS 6 installation to proceed ."inimal installation is recommendedOnce #ou0re in a root shell start reading belo(1

mate guide to setting up the LAMP stack on CentOS 6 (Apache, PH... https://khromov.wordpress.com/2013/02/04/ultimate-guide-to-setting-u...

16 1/21/2015 9:54 PM


2/16

Step 1 – Choose a text editor

2ano is ver# simple to use and has on+screen help at all times)

*im is a good editor but has a slightl# steeper learning curve) !ere is a good tutorial)

3f #ou find it hard to choose install and tr# them both b# installing thei via -um the CentOS pac,agemanager1

Since this is #our first installation using -um #ou ma# be prompted about importing a 4P4 ,e#)&nter - follo(ed b# the &nter ,e# to accept)

Step 2 – Configure your network

Aempt to ping an e'ternal server such as google5

3f #ou receive a response s,ip the rest of this section as #ou have connectivit#) 3f it fails ,eepreading)

2ot having connectivit# is most often due to the lac, of a !CP server running on the net(or, to

issue an 3P to #our server) 3f that is the case #ou need to configure the 3P manuall#)

!ere is a useful step+b#+step tutorial for seing up static 3P address on CentOS 6)

Step 3 – Update your system

After a fresh CentOS 6 install run5

Select all updates and let it complete no( run5

-ou should see #our CentOS version at the time of (riting this that version is5CentOS release 6)7 .8inal

Step 4 – Configure (or disa!e" S#$inux

3 usuall# disable S&%inu' as it ma,es for some cr#ptic errors (hen running the %A"P stac,) 3f #ou(ould li,e to have a go at running S&%inu' enabled (ith %A"P here is a good article to get #oustarted)

To disable S&%inu'5

1 yum install vim nano

1 ping google.com -c 4

1 yum update

1 cat /etc/*release*

1 vim /etc/selinux/config


16 1/21/2015 9:54 PM


3/16

Change the S&%329:; line to disabled li,e so5

2o( reboot #our machine

Step % – &dd the #P#$ repo

&P&% is an e'tra soft(are repositor# (ith a lot of useful soft(are that is not in the base repo)


4/16

%oad up the iptables config file

elo( the 5O9TP9T ACC&PT GH5HI line add

3f #ou are going to be changing #our SS! port .see separate section belo( no( is a suitable step toallo( connections to the ne( SS! port)

3f (e are changing SS! to port 4711 this line should also be added5

Step / – Change SS- port

Changing #our SS! port ma,es it harder for hac,ers to find information about #our server via portscanning) To change the port .in our case to 7J open the sshd config file5

Search for the line LMPort NN change it to5

.2ote the removal of the hash sign)

"a,e sure #ou have added the iptables rules for #our ne( port1 .See section above)

@estart sshd b# issuing5

3f #ou are currentl# on a SS! console log out and log bac, on to #our server using the ne( port)

Step 0 – nsta!! extra ni)etohae pa)kages i5 desired

This section is optional go to Step H to continue if #ou don0t (ant an# e'tra pac,ages)

htop4ood replacement for top)

curl and wget

Simplifies file retrieval from the command line) -ou should install at least one of these) The# are oftenincluded in #our CentOS installation)

unpThis pac,age allo(s #ou to unip files

man"anuals for commands) Sometimes not included in minimal installations)

1 vim /etc/sysconfig/ipta#les

1 - IN0 -m state --state NE2 -p tcp --dport )3 -' E0

1 - IN0 -m state --state NE2 -m tcp -p tcp --dport 4511 -' E0

1 vim /etc/ss$/ss$dconfig

1 0ort 4511

1 service ss$d restart

1 yum install $top

1 yum install curl %get

1 yum install un6ip


16 1/21/2015 9:54 PM


5/16

Step 16 – 7eoot8

2o( is a great time to reboot issue the command

3f #our server is not accessible (ith SS!/!TTP after reboot there might be something amiss (ith theiptables seings)

Step 11 – nsta!! phpmyadmin

php"#Admin is a po(erful tool for manipulating "#S$% databases let0s install it1

2o( #ou can bro(se to5

hp5//D#our+ipQ/phpm#admin

dd blow"sh#secret for securty

Add a secret ,e# to RcfgGblo(fish>secret0I so it loo,s li,e belo(5

According to this site #our pass(ord ma# contain up to 76 characters)

3t0s also a good idea to protect php"#Admin behind another la#er !TTP authentication)

-ou can find out ho( to do that in this e'cellent tutorial)

Step 12 – &dd extra users

llow your new user to sudosudo allo(s a user to temporaril# ta,e on the role as root)

2ote5 3f #ou are geing a blan, te't file .not found in this step install sudo (ith#um install sudo

8ind the line5

1 yum install man

1 s$utdo%n -r no%

1,748

cd /var/%%%/$tml%get $ttp&//do%nloads.sourceforge.net/pro'ect/p$pmyadmin/p$p9ydmin/4.3.1/pun6ip p$p9ydmin-7.8.(-englis$.6ipmv p$p9ydmin-7.8.(-englis$ p$pmyadminrm -f p$p9ydmin-7.8.(-englis$.6ip

1,7

cd p$pmyadmincp config.sample.inc.p$p config.inc.p$pvim config.inc.p$p

1 :cfg;#lo%fis$secret< " your-secret-ey=

1,

useradd usernamepass%d username

1 vim /etc/sudoers

1 root LL">LL? LL


16 1/21/2015 9:54 PM


6/16

9nder this line add a ne( one to allo( #our ne(l# created user to use sudo5

Save the file .it0s read+onl# so #ou need to force the (rite using 5(1 in *im

Step 13 – Configure &pa)he

Let$s ma%e some sane mod"catons to the Apache con"guraton to mpro&e default beha&our and lower thememory consumpton' ( am con"gurng ths for a )1*MB ser&er+ f you ha&e more memory you may retanthese &alues at ther orgnal se,ngs or ad-ust them d.erently'

llow for 'htaccess o&errdes

Search for the Allo(Override directive in the configuration file)

Change the instances of5

to

-ou (ill also need to uncomment the general Allo(Override declaration b# removing the hashtag .Min front of it)

efore .commented out5

After .Correct version5

/hange the amount of (or,ers spa(ned

8ind the 3f"odule prefor,)c directive and change according to the e'ample belo()

This reduces the memor# footprint of Apache in e'change for slo(er responses under heav# load)

Enablng 0eepAl&e

1 username LL">LL? LL

1 vim /etc/$ttpd/conf/$ttpd.conf

1 llo%@verride None

1 llo%@verride ll

1 A llo%@verride ll

1 llo%@verride ll

1,748(5)

BIf9odule prefor.cC StartServers ) 9inSpareServers 8 9axSpareServers ,3 ServerLimit ,8( 9axlients ,8( 9axDe+uests0er$ild 4333B/If9oduleC


16 1/21/2015 9:54 PM


7/16

Change the KeepAlive directive from O to On)


8/16

Press enter multiple times (hen prompted to select options .this (ill pic, the defaults))Add the APC e'tension to the P!P configuration5

9nder the line GP!PI add5

AdVust sie of cache5


9/16

9nder the Gm#sldI directive add the follo(ing line5

Step 1' – &dd irtua! hosts to &pa)he

*irtual hosts allo( multiple (eb sites to be served from a single Apache installation)

The virtual hosts can be added to the end of the Apache configuration file)

!ere is an e'ample configuration (ith t(o (eb hosts5

Step 1. – Set up )ron 9os

Seing up cron Vobs is useful for scheduling tas,s) 8or this (e0re going to install C@O2 and Crontab)

To see the local user crontab issue5

!ere is a great resource for learning ho( to manipulate the crontab file)

9arnng@emember that the scheduled commands are run as the user (hos crontab the# are in) 8or cron Vobs

that reuire elevated privileges using the root crontab or changing file permissions ma# benecessar#)

Se,ng up a cron -ob to bac%up all mysl databases

8irst start editing the crontab5

2o( add a ne( line (hich (ill run our command5

This simple command (ill bac, up all databases to the file /root/sldump)sl at midnight ever# da#)2ote5 This reuires #ou to set a Gm#sldumpI user as advised in Step W)

1 vim /etc/my.cnf

1 sip-innod#

1,748(

5)13111,

NameFirtualGost *&)3 BFirtualGost *&)3CServerName your-default-site.comHocumentDoot /var/%%%/$tmlB/FirtualGostC

BFirtualGost *&)3CServername your-second-site.comServerlias %%%.your-second-site.comHocumentDoot /var/%%%/$tml/your-second-site.comB/FirtualGostC

1,

yum install cronta#sc$config crond on

1 cronta# -e

1 cronta# -e

1 3 3 * * * mys+ldump --all-data#ases C /root/s+ldump.s+l


16 1/21/2015 9:54 PM


10/16

:ou;re done8

Congratulations on seing up CentOS 6 (ith %A"P) The section belo( contains useful commandsand other t(ea,s #ou can perform)

ing appropriate fi!e permissions 5or P-P sites


11/16

?eeda)k

That0s it for this tutorial1 3 appreciate an# feedbac, #ou might have so if something is unclear or can be improved feel free to leave a comment1

Sour)es and additiona! in5ormation

hp5//(i,i)centos)org/!o(Tos/2et(or,/SecuringSS!

hp5//((()linu'mail)info/add+epel+centos+6/

hp5//romanrm)ru/en/dd+benchmar,

hp5//((()vectorns)com/blog/Y+running+'ampp+on+fedora+(ith+selinu'+enabled

hp5//((()c#berciti)bi/fa/rhel+fedorta+linu'+iptables+fire(all+configuration+tutorial/

hp5//((()uestion+defense)com/tools/phpm#admin+blo(fish+secret+generator

hp5//((()reall#linu')com/docs/htaccess)shtml

#xp!ore posts in the same )ategories= Computers evelopment Technical solutions TutorialsThis entr# (as posted on H7/HN/NH? at H?5N and is filed under Computers evelopment Technicalsolutions Tutorials) -ou can subscribe via @SS N)H feed to this postZs comments)


12/16

N7/HW/NH? at H5N=GBI Chec, out m# CentOS tutorial for information on ho( to set automatic database bac,up viaC@O2) .Step W in the guide) GBI

7ep!yian)otore Says=

Y/HJ/NH? at ?5?4reat tutorial1 Than,s a lot1

7ep!y-e)tor Says=

6/H=/NH? at H75WW*er# ver# good and detailed boo,mar,ed for future use T!A2KS1

7ep!ySren D9essing Says=

H/HY/NH? at 65W4reat guide for %A"P [ut 3 can install apc using the commando pecl channel+update pecl)php)net"# server don0t understand pecl

7ep!ykhromo Says=

/HY/NH? at 75N?

!i S\ren

P&C% should have been installed during step 6 in the tutorial) 3t0s part of the php+pearpac,age)

Please tr# the follo(ing5#um install php+pear

Then run5pecl channel+update pecl)php)net

%et me ,no( if that (or,s for #ou)

7ep!ykronik06. Says=

6/N/NH? at N?5N6Than, #ou so much for a comprehensive tutorial11One commentStep W starts out sa#ing (e should add a bloc, of code to a configuration file (hich #ou do notmention) 3 figured out it (as the /etc/m#)cnf but it (as pre# unclear)

Again than,s111

7ep!ykhromo Says=


f 16 1/21/2015 9:54 PM


13/16

NJ/N/NH? at =576!i ,roni,

This is (hat happens (hen #ou re+order the steps once too man# during editing)

3t0s fi'ed no( than,s1

7ep!yAerry E>o Says=

7/H/NH7 at H5N74reat tut int the beginning #ou mentio a freshl# installled Centos0) To be complete #ou mightsa# (hich installation .es,top/"inimal es,top/"inimal/asic Server/ server/


14/16

Add the follo(ing te't5

G


15/16

hp5//pecl)php)net/pac,age/APC

pecl install apc should (or, fine though and as an added bonus #ou get the latest version.ing up the $&+P sta)k on CentES ' &pa)he* P-P* +yS,$ B $iing withte)hno!ogy – CSH&$ Iiki Says=

W/H7/NH7 at NH5H6GBI 9ltimate guide to seing up the %A"P stac, on CentOS 6 Apache P!P "#S$% _ %iving(ith technolog#) GBI

7ep!yJaheer &hmad Khan Says=

HN/H6/NH7 at NN57J-ou reall# save m# time Than,s a lot for such a details and hand# guide

7ep!yUnderstanding my LPS – nsta!!ing $&+P B #an DriMth Says=

HJ/H6/NH7 at HY5WNGBI a fe( guides (hich 30ll be borro(ing from heavil#(ith this post) 3n particular 3 found that9ltimate guide to seing up the %A"P stac, on CentOS 6 .Apache P!P "#S$% (asparticularl# instrumental in advancing m# understanding and guiding me through this ne( GBI

7ep!y

nsta!!er son LPS CentES ae) SS- B


16/16

Follow “Living with technology”

uild a (ebsite (ith

ultimate guide to setting up the lamp stack on centos 6 (apache, php, mysql) _ living with...

Documents