March 1, 2023
If you’re running an open source server in the gBlock cloud, you are probably already familiar with a LAMP stack. If you haven’t used one before, LAMP is a web application and deployment stack that is very common and simple to install and use on your virtual machines. This blog will walk you through a LAMP installation so you can get development cranking.
LAMP stands for Linux, Apache Web server, MySQL database, and Perl, Python, or PHP, all common tools for administrators and developers. As LAMP has become more and more common, software extensions have been created that facilitate these different tools working together.
As far as how they do work together, a user accessing your Apache web server will call up your applications and files, which are located on attached storage. The web server delivers code that is created in Perl/Python/PHP, which in turn references the MySQL database.
OK, ready to get started? First step is to grab the packages and configure your quotas.
1) Add packages with
# yum install wget bzip2 unzip zip nmap openssl fileutils ncftp gcc gcc-c++
Next, if you have not already, enable quotas on your server. In Red Hat, while logged in as root, use a text editor to edit the /etc/fstab file. Add the usrquota and/or grpqouta options to the file systems that require quotas.
Run quotacheck to create a table of quota-enabled file systems with current disk usage. For example,
# quotacheck –cug /home
will create quota files in the /home directory, with –c creating them for each file system, -u specifying user quotas, and –g specifying group quotas.
You can also type edquota and a user name to launch your default editor and edit the quotas for an individual user directly. This will set disk limits. Do this for each user that requires a quota. The system will display the used blocks, as well as soft, hard, and inodes. Hard block limits are the maximum amount of disk space allotted to that user, while soft limits allow the user to go above that limit for a period of time. Set this grace period by entering
# edquota –t
2) Install MySQL
# yum install mysql-devel mysql-server #chkconfig --level 2345 mysqld on #/etc/init.d/mysqld start
Check that networking is enabled. Run:
# netstat -tap | grep mysql
It should show a line like this:
[root@server1 named]# netstat -tap | grep mysql tcp 0 0 *:mysql *:* LISTEN 2470/mysqld
If it does not, edit /etc/my.cnf and comment out the option skip-networking:
# vi /etc/my.cnf #skip-networking #/etc/init.d/mysqld restart
Set a password using one of these methods:
Create additional database users:
mysql> CREATE USER 'name'@'localhost' IDENTIFIED BY 'some_pass'; mysql> GRANT ALL PRIVILEGES ON *.* TO 'monty'@'localhost' -> WITH GRANT OPTION;
Alternatively you can run:
/usr/bin/mysql_secure_installation
3) Install Apache2 with PHP
To get started installing Apache2 with PHP, enter:
# yum install httpd mod_ssl php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel
Edit httpd.conf:
# vi /etc/httpd/conf/httpd.conf
Change directory index to include php pages:
[...] DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl [...]
Start Apache:
# chkconfig httpd on #/etc/init.d/httpd start
Edit httpd.conf to hide the Apache version number:
# vi /etc/httpd/conf/httpd.conf ServerSignature off
Edit sysctl.conf to enable SYN cookies protection:
# Enable TCP SYN Cookie Protection net.ipv4.tcp_syncookies = 1
Restart the network server:
# service network restart
Configure Mod_Evasive. Mod_Evasive offers Apache protection against DDoS.
# cd /root # wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz # tar zxf mode_evasive-1.10.1.tar.gz # cd mod_evasive # /usr/sbin/apxs -cia mod_evasive20.c # vi /etc/httpd/conf/httpd.conf DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10
Add vsftpd (If necessary). This enables secure FTP access to your web server.
#yum install vsftpd #vi /etc/vsftpd/vsftpd.conf
Disable anonymous logins:
# vi /etc/vsftpd/vsftpd.conf
in the 12th line edit
anonymous_enable=NO
Save vsftpd.conf file and restart the daemon:
# service vsftpd restart
Start VSFTP:
#chkconfig –levels 235 vsftpd on #service vsftpd start
With this default configuration, the users' FTP directory will be set to their home directory.
4) Set up PHPMyAdmin
You should now have all the tools you need for a fully loaded LAMP stack. Happy developing!