LAMP is the acronym for Linux Apache Mysql Php.
For the “Linux” side of Lamp, it all depends on your hosting and your preferences. We advise beginners to take a Debian Stable distribution, which is robust, secure and not too complicated. Experts are also numerous to remain under this distribution for their servers!
A good part of this doc is based on the Ubuntu documentation concerning LAMP.
Installing basic packages:
sudo apt-get install apache2 php5 mariadb-server libapache2-mod-php5 php5-mysql apache2-utils php5-gd php5-imagick
The installation of the mysql database will ask you to create a password for “root”. Be sure to write it down!
You can ofcourse install Mysql instead of Mariadb, but we don't recommend it here at khagnat…
Go to the address of the server and admire the page: “It works” :) This means installed and running!!
Apache is basically functional from scratch, but there are some small useful tricks for a configuration similar to Khaganat.
For wiki farm or pastebin(among others), it is necessary to activate the rewriting of the URLs.
Run the command:
Sudo a2enmod rewrite
/etc/apache2/apache2.conf and add at the end(if it is not already there):
<ifModule mod_rewrite.c> RewriteEngine On </ IfModule>
Then check that in the “/etc/apache2/sites-available/default” file, the “AllowOverride” option is set to “All” for the parts that are being rewritten by url (all “/var/www” to not complicate the task):
Options Indexes FollowSymLinks MultiViews AllowOverride all Order allow, deny Allow from all
Do not forget to restart the Apache Web service:
With a basic configuration, Apache indicates that you must read the directory
/var/www as the base directory of the site, each folder being added to the address. For example, if your “www” folder is organized as follows:
page1 through the web, it's necessary to put the following in the address bar(of the browser):
We can change this by making aliases in the file:
/etc/apache2/sites-enable/000-default.conf, like this:
Alias /adresse /var/www/dossier1 <Directory /var/www/dossier1> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all </Directory>
/address to whatever you want; If it's just the bar
/, then it will be the root of the site(as will be seen by typing
www.mon_site.net/). You can also point to addresses outside of
/var/www. For example: pointing to
home/user/monsite allows you to work in a directory with basic user rights.
For a site accessible to all, these kind of alias options suffices.
To restart the apache server:
Logged in as root
There are several possibilities to allow our user “Lambda”1) to modify what's in the folder /var/www. The easiest and fastest way is to assign the rights of this folder to the www-data group, and then put lambda in that www-data group.
Sudo adduser lambda www-data Chown -R www-data: www-data /var/www
To add the lambda user to www-data, there is also the command:
Usermod -a -G www-data lambda
Both commands do the job!
Restart the session so that Apache can take the rights into account for the current user.
It's better to let the www-data group manage the rights, basically because otherwise it's an open bazaar. Adding the user “lambda” in this group makes it possible to modify everything without taking the lead.
From a security perspective, maybe www-data shouldn't have these kind of rights, but(at the same time) it requires it to be able to understand everything, otherwise Apache will just block everything.. so let's keep it simple!
If some cms causes problems, the following command sequence(on the folder in question) can reassign the rights to www-data and allow them to be resolved(Run these as root):
chgrp -R www-data "folder" chown -R www-data "folder" chmod -R g+w "folder"
chgrp to reassign the owner group,
chown to change the owner anyway(less important, in theory chgrp should already fix most of the worries),
chmod to give the right permissions write on the folder, add,
w for write, so write). The
-R option allows recursion(so the change applies to subfolders).
To be able to access it via the web address
http://monserverur.com/pad, you must use the proxy option in Apache.
Begin by activating the proxy modules:
A2enmod proxy proxy_http
Then add this information in
<VirtualHost *:80> ProxyVia On ProxyRequests Off ProxyPass /pad/ http://localhost:9001/ ProxyPassReverse /pad/ http://localhost:9001/ ProxyPreserveHost on <Proxy *> Options FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Proxy> </VirtualHost>
Restart the apache service
Service apache2 restart
Your etherpad should now be accessible at the right address!
Phpmyadmin is considered as a program with high potential security breaches.. and you would be better off without it. But at the same time, going without a database would be ideal…
In short, despite these considerations, phpmyadmin is a handy way to manage a database when you have little knowledge, because it helps you do the job well. So… we'll try to install it.
OBS: MySQL Workbench would be a better solution, “all in all”!!
Sudo apt-get install phpmyadmin
Select “apache” in the options, then for the database, let the process complete.
Please enter the password for the administrative account that will be used to create the MySQL database as well as the users. Database administrator password:
This is the root password.
Choose the database password… and do not forget to pass it in a “secure way” to the other admins.
By default, phpmyadmin is accessible at
site.net/phpmyadmin, which helps a malicious user find the door. It can be modified via the file
/etc/apache2/conf.d/phpmyadmin.conf, You can change the default alias like this:
The simple addition of the “plouf” in front should already avoid automatic attacks!
Relaunch Apache for this to take effect.
Having a login other than “root” would be as good. But can it be easily changed?
OBS: It's pretty bad to use ROOT as the database login. A better way is to make a user and select the rights accordingly!!
To import a database via phpmyadmin(for ex: forum backups ), you must create the database, associate it with a user who is the only one having access to the database, then lastly import the saved “.sql”.
If the database is too large, there will be errors. One fix is to change /etc/php5/apache2/php.ini to increase the maximum size allowed. The phpmyadmin program makes error linking(so you can see what needs to be changed).
Creating a user and a mysql database for the different services:
1) launch mysql
$ Mysql -u root -p
The password will be requested.
2) Create the database:
Mysql> create database MyDatabase;
3) Create a user and grant him access rights to the database without a password but only locally:
Mysql> GRANT ALL ON MyDatabase. * TO User @ localhost;
3.1) Do the same thing but with a password:
Mysql> GRANT ALL PRIVILEGES ON MyDatabase * TO User @ localhost IDENTIFIED BY 'Password';
4) Do not forget to update the database:
mysql> FLUSH PRIVILEGES;