Linux Apache + MySQL + PHP – FreeBSD Apache + MySQL + PHP
Updating the server
Make sure all packages are up-to-date, run the following apt command or apt-get command:
# sudo apt update
# sudo apt upgrade
Installing Apache Server
Apache HTTP Server, also known as “Apache.” It is a web server famous for promoting the growth of the World Wide Web. Hence, we are going to install Apache on Linux, run:
# sudo apt install apache2
Start, stop, restart and get the status of Apache server
The syntax is as follows for the systemctl command:
# sudo systemctl start apache2.service
# sudo systemctl restart apache2.service
# sudo systemctl stop apache2.service
# sudo systemctl reload apache2.service
# sudo systemctl status apache2.service
Update the Firewall and open port 80 and 443
It is important that you open TCP port 80 (www) and 443 (https) so that LAMP on Linux works. Type the following commands:
# sudo ufw allow www
# sudo ufw allow https
# sudo ufw status
Sample outputs:
Status: active
To Action From -- ------ ---- 22/tcp ALLOW Anywhere 80/tcp ALLOW Anywhere 443/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6) 80/tcp (v6) ALLOW Anywhere (v6) 443/tcp (v6) ALLOW Anywhere (v6)
Test it by typing your server’s IP or domain name:
http://server1.yourdomain.tld
http://your_public_IPv4_here
Configure Apache
Edit the following file using a text editor such as vi/vim, nano, emacs and so on:
# sudo vi /etc/apache2/mods-available/mpm_prefork.conf
# prefork MPM # StartServers: number of server processes to start # MinSpareServers: minimum number of server processes which are kept spare # MaxSpareServers: maximum number of server processes which are kept spare # MaxRequestWorkers: maximum number of server processes allowed to start # MaxConnectionsPerChild: maximum number of requests a server process serves <ifmodule mpm_prefork_module=""> StartServers 4 MinSpareServers 20 MaxSpareServers 40 MaxRequestWorkers 200 MaxConnectionsPerChild 4500 </ifmodule> # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Above settings should be adjusted as per your deployment’s needs. Finally, disable the Apache event module and enable httpd prefork, run:
# sudo a2dismod mpm_event
# sudo a2enmod mpm_prefork
To activate the new configuration, you need to run:
# sudo systemctl restart apache2.service
How to create your first virtual hosts
Make a copy of the default Apache configuration for your domain called www.yourdomain.tld as follows using the cp command:
# sudo cp -v /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/www.yourdomain.tld.conf
Update /etc/apache2/sites-available/www.yourdomain.tld.conf as follows:
<directory public_html="" tld="" var="" www="" yourdomain=""> Require all granted </directory> <virtualhost :80=""> ServerName yourdomain.tld ServerAlias www. yourdomain.tld ServerAdmin webmaster@ yourdomain.tld DocumentRoot /var/www/yourdomain.tld/public_html ErrorLog ${APACHE_LOG_DIR}/www.yourdomain.tld _error.log CustomLog ${APACHE_LOG_DIR}/www.yourdomain.tld _access.log combined </virtualhost>
Next, create a new directory to store HTML/PHP files for domain:
# mkdir -vp /var/www/yourdomain.tld/public_html
Add a new Linux user, run:
# sudo useradd -d /var/www/yourdomain.tld/ -s /usr/sbin/nologin -c 'www. yourdomain.tld user' cbzuser
# sudo passwd -l cbzuser
Enable your site and disable default LAMP site:
# sudo a2ensite www. yourdomain.tld
# sudo a2dissite 000-default
Create a new html file named index.html:
# vi /var/www/yourdomain.tld/public_html/index.html
Append HTML4/HTML5 code:
This is a test LAMP server.
Save and close the file. Use the chown command and chmod command commands to set tight permissions on your Apache DocumentRoot:
# sudo chown -R cbzuser:cbzuser /var/www/yourdomain.tld/
# sudo chmod 0444 /var/www/yourdomain.tld/
# sudo find /var/www/yourdomain.tld/ -type d -print0 | sudo xargs -0 -I {} chmod 0445 "{}"
To activate the new configuration, you need to run:
# sudo systemctl reload apache2.service
Fire a web browser and test it:
http://www.yourdomain.tld
Installing MariaDB Server
Now you have a web server up and running along with your first virtual host too. It is time to install MariaDB, which is a drop-in replacement for MySQL server. Type the following apt command:
# sudo apt install mariadb-server
Improve MariaDB installation security
Run mysql_secure_installation script:
# sudo mysql_secure_installation
This script enables you to improve the security of your MariaDB installation in the following ways:
You can set a password for root accounts.
Delete root accounts that are accessible from outside the localhost.
Remove anonymous-user accounts.
Erase the test database, which by default can be accessed by anonymous users.
How to create a MariaDB database and user/password
To create a database and grant your users permissions to use databases, run:
# mysql -u root -p
Enter MariaDB’s root password when prompted. Create a database named ‘wpdb’ and grant your user permissions on it. Change the database name (wpdata) and username (wpuser)/change the password (wppassword):
CREATE DATABASE wpdb;
GRANT ALL ON wpdb.* TO 'wpuser' IDENTIFIED BY 'wppasword';
quit
Test new db and user/password combination:
# mysql -u wpuser -p'wppasword' wpdb
Installing PHP Language
PHP is the last part of the puzzle that makes it possible to produce dynamic webpages. PHP is also a popular web development engine for a LAMP stack. Therefore, let us install PHP:
# sudo apt install php libapache2-mod-php
Finding and installing PHP modules
Installation of PHP modules that allows MySQL access and GD lib too:
# sudo apt install php-mysql php-gd
One can get a list of all PHP modules using the combination of apt-cache command and grep command:
# apt-cache search php | egrep 'module' | grep default
Sample outputs:
libapache2-mod-php - server-side, HTML-embedded scripting language (Apache 2 module) (default)
php-bcmath - Bcmath module for PHP [default]
php-bz2 - bzip2 module for PHP [default]
php-curl - CURL module for PHP [default]
php-dev - Files for PHP module development (default)
php-enchant - Enchant module for PHP [default]
php-gd - GD module for PHP [default]
php-gmp - GMP module for PHP [default]
php-imap - IMAP module for PHP [default]
php-interbase - Interbase module for PHP [default]
php-intl - Internationalisation module for PHP [default]
php-json - JSON module for PHP [default]
php-ldap - LDAP module for PHP [default]
php-mbstring - MBSTRING module for PHP [default]
php-mysql - MySQL module for PHP [default]
php-odbc - ODBC module for PHP [default]
php-pgsql - PostgreSQL module for PHP [default]
php-pspell - pspell module for PHP [default]
php-readline - readline module for PHP [default]
php-recode - recode module for PHP [default]
php-snmp - SNMP module for PHP [default]
php-soap - SOAP module for PHP [default]
php-sqlite3 - SQLite3 module for PHP [default]
php-sybase - Sybase module for PHP [default]
php-tidy - tidy module for PHP [default]
php-xml - DOM, SimpleXML, WDDX, XML, and XSL module for PHP [default]
php-xmlrpc - XMLRPC-EPI module for PHP [default]
php-zip - Zip module for PHP [default]
Restart Apache:
# sudo systemctl restart apache2.service
Testing PHP instllation along with LAMP
Create a file named test.php as follows:
# sudo vi /var/www/yourdomain.tld/public_html/test.php
Append the following code:
# any type of customized code.
Save and close the file. Set permisions:
# sudo chown -R cbzuser:cbzuser /var/www/yourdomain.tld/
# sudo chmod 0444 /var/www/yourdomain.tld/
# sudo find /var/www/yourdomain.tld/ -type d -print0 | sudo xargs -0 -I {} chmod 0445 "{}"
Open a webbrowser and type url:
http://your-ip/test.php
http://www.yourdomain.tld /test.php
This page indicates that your PHP 7.3 is working correctly on a LAMP server. It is time you delete that page as it exposed sensitive information using the rm command:
# sudo rm -v /var/www/yourdomain.tld/public_html/test.php
Update your ports
Like always make sure everything is up to date before starting. I like to do:
# portsnap fetch update && portupgrade -a
Installing Apache Server
To install the port:
# cd /usr/ports/www/apache24/ && make install clean
Or, to add the package:
# pkg install www/apache24
Starting up Apache service on boot
Add following to the end of “/etc/rc.conf” file to launch Apache at start up:
echo 'apache24_enable="YES"' >> /etc/rc.conf
Starting / stopping / restarting Apache server
To start Apache to make sure it works:
# /usr/local/etc/rc.d/apache24 start
To restart Apache server:
# /usr/local/etc/rc.d/apache24 restart
To stop Apache server:
# /usr/local/etc/rc.d/apache24 stop
You can also use the service command for starting/stoping/restarting Apache server on FreeBSD:
## service command to control Apache server ## service apache24 start service apache24 restart service apache24 stop service apache24 status
Note: If you are getting this error “Could not reliably determine the server's fully qualified domain name, using 127.0.0.1.” Set the ‘ServerName’ directive globally to suppress this message:
Add next line to /usr/local/ect/apache24/httpd.conf file:
ServerName localhost
Replace localhost with the server’s domain name which can be obtained with:
# hostname -f
Installing MySQL Server
To install the port:
# cd /usr/ports/databases/mysql56-server/ && make install clean
Or, to add the package:
# pkg install databases/mysql56-server
Install MySQL Client
To install the port:
# cd /usr/ports/databases/mysql56-client/ && make install clean
Or, to add the package:
# pkg install databases/mysql56-client
Starting up Mysql server service on boot
Finally, /etc/rc.conf must contain the following line to allow the MySQL server to start:
echo 'mysql_enable="YES"' >> /etc/rc.conf
Starting / stopping / restarting Mysql server
To start the Mysql server type:
# /usr/local/etc/rc.d/mysql-server start
To restart the Mysql server type:
# /usr/local/etc/rc.d/mysql-server restart
To stop the Mysql server type:
# /usr/local/etc/rc.d/mysql-server stop
You can also use the service command for starting/stoping/restarting mysql server on FreeBSD:
## command to start/stop mysql servers on FreeBSD ## service mysql-server start service mysql-server restart service mysql-server stop service mysql-server status
Setting up Mysql server passwords
The default is set to allow anyone to have full access. It’s very important that you set up passwords. To set a password on the anonymous accounts use:
# mysql -u root
Run the following sql queries at mysql> prompt (replace host_name with actual system host name which can be obtained with hostname -f command:
mysql> SET PASSWORD FOR ''@'localhost' = PASSWORD('newpwd-here');
mysql> SET PASSWORD FOR ''@'host_name' = PASSWORD('newpwd-here');
mysql> quit
To set a password for the root account use:
# mysql -u root
Run the following sql queries at mysql> prompt:
mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('newpwd-here');
mysql> SET PASSWORD FOR 'root'@'host_name' = PASSWORD('newpwd-here');
mysql> quit
Note: An alternative method to set a password for the MySQL root user is to run the following command:
/usr/local/bin/mysqladmin -u root password 'PASSWORD-HERE'
After setting the password, here is how you shutdown mysqld server:
# mysqladmin -u root -p shutdown
Enter password:
Tip: If you “forget” the root password, here is how you can reset it
Stop mysqld with this command:
# /usr/local/etc/rc.d/mysql-server.sh stop
Modify the start command to add this option to the command line. Do not leave this option on for long. Only for when you need it. It bypasses all usual mysql security:
-Sg|--skip-grant-tables
This option causes the server not to use the privilege system at all. This gives everyone full access to all databases! (You can tell a running server to start using the grant tables again by executing mysqladmin flush-privileges or mysqladmin reload.)
Modify it in /usr/local/etc/rc.d/mysql-server.sh:
/usr/local/bin/safe_mysqld --user=mysql --skip-grant-tables > /dev/null & && echo -n ' mysqld'
Start mysqld:
# /usr/local/etc/rc.d/mysql-server.sh start
Connect to mysql:
# mysql
Look out because this next step will reset the passwords for all root users. Make sure that’s what you want to do. You may wish to restrict this SQL by including an “and host = ‘something'” clause. Inspect existing users with “SELECT host, user from user;“. Select the mysql database and reset the password:
mysql> use mysql
mysql> update user set password = PASSWORD('secret') where user = 'root';
mysql> quit
=> Do not forget to undo that mysql bypass i.e. Stop mysqld with: /usr/local/etc/rc.d/mysql-server.sh stop
=> Remove the option from the vi /usr/local/etc/rc.d/mysql-server.sh and remove --skip-grant-tables options.
=> Restart mysqld with: /usr/local/etc/rc.d/mysql-server.sh start
Installing PHP Language
When you build PHP, you need to add the configuration option so that PHP build includes support for the Apache server. Type the following commands:
# cd /usr/ports/lang/php56
# make config
When the menu comes up to select/deselect various build options. You should select:
Now you will do the make clean command. I normally do these commands all in one but to get the configuration menu, I do them apart.
# make install clean
Install mod_php for Apache
Type the following commands to build mod_php for Apache:
# cd /usr/ports/www/mod_php56
# make install clean
Install php extensions
If you aren’t sure if it’s or you didn’t check it with your MySQL install, you will do it the commands the same way so you get the menus to configure to add support for both MySQL and MySQLi to communicate with the MySQL server.
# cd /usr/ports/lang/php56-extensions/
# make config
You may also select other extensions as per your PHP apps requirements. Then finish up with:
# make install clean
Configure mod_php
To configure it you will type the following command that just makes a copy of a file:
# cp /usr/local/etc/php.ini-development /usr/local/etc/php.ini
To configure Apache and open the file:
# ee /usr/local/etc/apache24/httpd.conf
Using ee text editor for simple edits, look for this line:
DirectoryIndex index.html
And change it so it reads as follows:
DirectoryIndex index.html index.htm index.php
Find and set the following values as per your domain, IP, and port number:
ServerAdmin webmaster@ yourdomain.tld ServerName www.yourdomain.tld :80 Listen :80
Save and close the file. Create a file called /usr/local/etc/apache24/modules.d/001_mod_php.conf as follows:
# cat /usr/local/etc/apache24/modules.d/001_mod_php.conf
<filesmatch> SetHandler application/x-httpd-php <filesmatch> SetHandler application/x-httpd-php-source </filesmatch></filesmatch>
Now restart Apache server:
# /usr/local/etc/rc.d/apache24 restart
OR
# service apache24 restart
Test your setup
Create a file called /usr/local/www/apache24/data/test.php:
# vi /usr/local/www/apache24/data/test.php
Append the following code:
# any type of customized code
Save and close the file. Fire a web-browser and type the url:
http://yourdomain.tld/test.php
http://your-ip-address/test.php