How to set up LAMP stack on Ubuntu 20.04?

LAMP. Four horsemen of the Linux hosted websites, an acronym of the names of its original four open-source components: the Linux, the Apache HTTP Server, the MySQL database, and PHP. 

LAMP stack is mostly used to host different web services and sites. LAMP is not the only stack for this purpose, but surely one of the most known one. Stacks you also might have heard of:

  • LEMP (NginX is used instead of Apache);
  • LAPP (PostgreSQL is used instead of MySQL);
  • LLMP (Lighttpd is used instead of Apache). 

In this guide.

In this guide, we shall install a LAMP stack on the Pilw.io Ubuntu 20.04 server with a non-root sudo-enabled user account and a basic firewall. Also, we will check if everything is working by creating a hello world template. We will do the following steps:

  1. Installing Apache and configuring the Firewall;
  2. Installing the MySQL;
  3. Installing PHP;
  4. Creating a Virtual Host for your Website;
  5. Testing PHP processing on the Apache webserver.

Prerequisites

For our very own LAMP stack server, we will need an Ubuntu 20.04 server, which you can access as root or an account with sudo privileges.

You can either check API tutorial video https://www.youtube.com/watch?v=v5JDf-yvonY&t=1s or log into Pilw.io user interface and simply create a virtual machine on the platform.

Step 1. Installing Apache and configuring the Firewall

Install Apache using Ubuntu’s package manager, apt:

sudo apt-get update && sudo apt-get upgrade
sudo apt-get install apache2

Once the installation is finished, we shall need to adjust the firewall settings to allow HTTP traffic and SSH. To list all currently available UFW application profiles, let’s run:

sudo ufw app list

Command will return something like this:

Available applications:
 Apache
 Apache Full
 Apache Secure
 OpenSSH

Apache – This profile opens only port 80 (HTTP)

Apache Full – This profile opens both port 80 and port 443 (TLS/SSL encrypted traffic).

Apache Secure – This profile opens only port 443

OpenSSH – Our SSH connection on port 22

To open the SSH connection and port 80, we will need to run the following commands:

sudo ufw allow in "OpenSSH" 
sudo ufw allow in "Apache"

And then let’s verify the change we made:

sudo ufw status
Status: active
To                         Action      From
--                         ------      ----
Apache                     ALLOW       Anywhere
OpenSSH                    ALLOW       Anywhere
Apache (v6)                ALLOW       Anywhere (v6)
OpenSSH (v6)               ALLOW       Anywhere (v6)

Now the traffic on the 80 and 22 ports are allowed through the firewall

We can even our progress by typing our VM public IP address in the web browser

http://your_server_ip

And we should have something like this, which is a default Apache web page:

Step 2 — Installing the MySQL

Now when one of „four horsemen“ is installed and working let us continue with the database. Every website needs a database that stores and manages our data. MySQL is one of these systems used within PHP environments. To install it:

sudo apt install mysql-server

When prompted, confirm installation by typing Y, and then ENTER.

When the installation is finished, it’s recommended to run a security script that comes pre-installed with MySQL. This script will remove some insecure default settings and lock down access to the database system. To start the interactive script just type:

sudo mysql_secure_installation

This will ask if you want to configure the VALIDATE PASSWORD PLUGIN. During the process, a few questions will be asked. We bolded answers out for you.

Output

Securing the MySQL server deployment.
Connecting to MySQL using a blank password.
VALIDATE PASSWORD COMPONENT can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD component?

Press y|Y for Yes, any other key for No: Y

There are three levels of password validation policy:
LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary                                 file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2

Please set the password for root here.

New password: YOUR_MYSQL_PASS
Re-enter new password: YOUR_MYSQL_PASS

Estimated strength of the password: 50

Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y

By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. 

You should remove them before moving into a production environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y

Success.

Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y

Success.

By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y

- Dropping test database...

Success.

- Removing privileges on test database...

Success.

Reloading the privilege tables will ensure that all changes made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y

Success.
All done!

One plugin is configured, let’s test that we are able to log in to the MySQL console:

sudo mysql

This will connect to the MySQL server as root and we should see output like this:

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 8.0.20-0ubuntu0.20.04.1 (Ubuntu)
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>

To exit the MySQL console, type:

mysql> exit

As you can see, we did not provide a password to connect as the root, even though we run through the mysql_secure_installation script. So, what’s the magic? The plugin checks that the Linux user matches the MySQL user using the SO_PEERCRED socket option to obtain information about the user running the client program. Thus, the plugin can be used only on systems that support the SO_PEERCRED option, such as Linux. The SO_PEERCRED socket option allows retrieving the uid of the process that is connected to the socket. It is then able to get the user name associated with that uid.

Now to the final component of our LAMP stack – the PHP

Step 3 — Installing PHP

We have our Apache to show our content, MySQL to store it and now let’s add some flexibility and dynamics with the PHP. Alongside the PHP package, we will install a php-mysql module, to communicate with the database. We will also need a libapache2-mod-php for Apache to handle the PHP files.

To install these packages, run:

sudo apt install php libapache2-mod-php php-mysql

After the installation, we shall verify the version of the PHP by typing:

php -v
PHP 7.4.3 (cli) (built: May 26 2020 12:24:22) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies with Zend OPcache v7.4.3, Copyright (c), by Zend Technologies

That’s it for the LAMP stack. But we want to be sure, that everything is working as should do, so let’s set up a small Apache virtual host for our website files and folders

Step 4 — Creating a Virtual Host for your Website

Apache web server is almost similar to the Nginx with its server blocks. In this section, we will set up a domain called yourdomain, but be vigilant and replace it with your own domain name.

Create a directory for yourdomain as here:

sudo mkdir /var/www/yourdomain

Then, open a new configuration file in Apache’s sites-available directory using your preferred command-line editor. I will use nano for that: 

sudo nano /etc/apache2/sites-available/yourdomain.conf

This will create a new blank file. Paste in the following configuration which is located in /etc/apache2/sites-available/yourdomain.conf:

<VirtualHost *:80>
    ServerName yourdomain
    ServerAlias www.yourdomain 
    ServerAdmin youraccountname@localhost
    DocumentRoot /var/www/yourdomain
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

With this configuration, we are telling the web server to serve the yourdomain domain using /var/www/yourdomain as the web root directory. If you don’t want a domain you can simply remove or comment the options ServerName and ServerAlias by adding a # in the beginning of each option’s lines. 

You can now use a2ensite to enable the new virtual host/site:

sudo a2ensite yourdomain

You might want to disable the default website that comes installed with Apache. This is required if you’re not using a custom domain name because in this case, Apache’s default configuration would overwrite your virtual host. To disable Apache’s default website, type:

sudo a2dissite 000-default

Then check the configuration file for errors, run:

sudo apache2ctl configtest

And reload Apache so changes take effect:

sudo systemctl reload apache2

Now let’s create a index.html file so that we can test that virtual host works as intended:

nano /var/www/testme/index.html

Insert the following content in the html file:

<html>
    <head>
        <title>My hello world website!</title>
    </head>
    <body>
        <h1>Hello World!</h1>
        <p>This is the landing page of our test site.</p>
    </body>
</html>

Now we can check the result by typing the domain name or the IP address in the browser:

http://your_domain or http://server_IP

And we can see a site, telling us Hello world! That means, our site is working!

Step 5 — Testing PHP processing on the Apache webserver

Just to be sure, we can also create PHP test script to confirm that Apache is able to handle and process requests for PHP files.

Create a new file named info.php inside your custom web root folder:

nano /var/www/your_domain/info.php

And insert a PHP code 

<?php
phpinfo();

To test the script, just type the info.php after the domain name or the IP address:

http://server_domain/info.php or http://IP/info.php

And the result should be:

A page with the information about the PHP. If you can see this, it means that PHP is installed correctly and working as expected.

0 Comments

Add Yours →

Leave a Reply