This tutorial will teach you how to install a LAMP stack on a virtual server.
LAMP is a suite of software including:
- Linux;
- Apache;
- MySQL;
- PHP.
This will allow you to run your own website after installing it.
We are going to use a virtual server, HT-VPS-5 tariff, 16 GB RAM and 160 GB SSD-drive. However, for the majority of basic tasks (blog, business card site) and projects that are not very demanding, a simpler HT-VPS-1 configuration will be fine. The operating system we use is the Linux distribution Ubuntu 20.04.
To begin with, allow us to have a look at the basics of running a website. Each site requires different components for its functionality. Typically, these include a web server, support for the programming language that the site is written in, and database support. Here we will guide you how to install Apache web server, PHP language support and MySQL database support.
SSH SETUP
We are going to do all operations using the prompt with the SSH protocol. You should know your IP address, username and password. You will receive this data for connection in an email when you order a virtual server.
Open a command prompt (terminal) on your local computer and input the command to connect.
shh root@XXX.XXX.XXX.XXX
Enter the address of your server instead of XXX.XXX.XXX.XXX
.
If this is the first time you connect, you may see this message:
The authenticity of host 'XXX.XXX.XXX.XXX (XXX.XXX.XXX.XXX)' can't be established. RSA key fingerprint is SHA256:YaaqERsh9oMs/Qa5nlMJLlb4ewlJDGLaDGsuOcDzOs8. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Please just press 'yes'
or the letter 'y'
, you will be asked to enter your password
When you enter a password, no symbols are shown on the screen for security reasons.
Warning: Permanently added 'XXX.XXX.XXX.XXX' (RSA) to the list of known hosts. root@ip_XXX.XXX.XXX.XXX's password:
Type in the password and press 'Enter'
.
When you connect to the server, you get to the command prompt on the server itself, i.e. in the system installed on the server.
Before you install any components, we recommend you upgrade your system to the latest up-to-date version.
Run the commands sequentially:
apt update
apt upgrade
An update of the system will start.
The next step is to reboot the server, you can do this using the reboot
command.
Before proceeding to the LAMP installation, you need to perform the initial configuration of the server.
Right now you are logged in as root, which is insecure, so you should create a non-privileged user.
Let's run the adduser [username]
command to do this, for instance:
adduser host-telecom
Next, enter the password for this user twice.
Please remember your password or save it in a secured place.
After that you will be asked to enter some user data (full name, phone number, etc.), but you don't have to enter all of this, you can just leave the fields blank by pressing 'enter'
each time.
Now, you created a new user, although he doesn't have administrator rights. To give it root
privileges, you need to add it to the sudo group.
Execute the command:
usermod -aG sudo host-telecom
UFW FIREWALL SETUP
To improve server security, we recommend to use the popular and simple to customize UFW firewall. Various applications can register their own profiles for UFW, meaning ready-made sets of security settings that you can activate. Let's output the list of current profiles with the command:
sudo ufw app list
Available applications: OpenSSH
The profile of the OpenSSH service is now available in our case, which allows us to connect to the server via SSH.
Activate this service using the command:
ufw allow OpenSSH
Rules updated
Rules updated (v6)
Next, activate the firewall by command:
ufw enable
You will be warned that the current connection may be interrupted:
Command may disrupt existing ssh connections. Proceed with operation (y|n)?
But because you have enabled OpenSSH, don't be concerned and type 'y'
and press 'Enter'
.
Firewall is active and enabled on system startup
To check the status of the firewall run the command:
ufw status
You can see that it is active and the OpenSSH
profile is also active:
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
You allowed only SSH connections, and the firewall now blocks all other connections. Later, you will allow HTTP connections to open a website.
Here's a very important point: you need to connect using SSH, not as root, but as the host-telecom user you just created.
For this purpose, don't close your current SSH connection to root for now, but instead open a new terminal window and connect in it, just in case you might suddenly run into problems and be able to fix them.
In the new terminal window, run the command:
ssh host-telecom@XXX.XXX.XXX.XXX
Enter the password for the host-telecom
user.
If all is successful, you will be prompted to enter commands, but you will be working under the host-telecom
user, and all administrative commands will have to be executed via sudo, i.e. you will enter 'sudo'
before each command.
You can close the SSH session with the root user by typing the 'exit'
command.
APACHE WEB SERVER SETUP
To install the Apache web server, run the command:
sudo apt install apache2
Make changes to the firewall before testing the Apache web server.
Check the list of profiles:
sudo ufw app list
You will find that apart from OpenSSH, 3 new Apache profiles are also added. Each profile contains a set of settings:
- Apache — opens port
80
, used by the http protocol; - Apache Full — opens ports 80 and
443
, used by http and https protocols; - Apache Secure — opens port
443
only.
You need to apply Apache Full
to allow both http
and https
traffic.
Run the command to activate the profile:
sudo ufw allow in "Apache Full"
Rule added
Rule added (v6)
Once this is done, you can test how Apache works and open the default website.
For this purpose, open your browser and enter the IP address of the server. The following information page will appear:
Actually it is already a running website with a single HTML page.
MYSQL DATABASE SUPPORT SETUP
To install MySQL database support, run the command:
sudo apt install mysql-server
Once the installation is complete, we recommend running a special script that helps you set various security settings. Run the command to do this:
sudo mysql_secure_installation
Further you need to answer a few questions. The first is to enable the VALIDATE PASSWORD plugin, used to prevent simple passwords from being used when setting MySQL database passwords. To enable it, type 'y'
and press 'enter'
.
The next step asks you to set the level of password validation:
There are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary
file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG:
Choose medium: enter 1 and press 'enter'
.
Then enter a strong password and confirm it.
Please note: This is the password for the root user specifically for MySQL, and is not related to the root user you have on your system.
You can answer all subsequent questions with 'y'
and then press 'enter'
:
- request to remove an anonymous user,
- request to disable remote authorization of the root user,
- deleting the test database.
Once complete, you will be prompted to activate the settings and customizations you have made.
You will get a message as a result:
Success.
All done!
PHP LANGUAGE SUPPORT SETUP
Further, you should install support for the PHP language. To do this, you need to install three packages:
- PHP
- libapache2-mod-php — a module that allows you to process PHP files,
- php-mysql — allows PHP to communicate with MySQL.
sudo apt install php libapache2-mod-php php-mysql
The LAMP installation is now complete.
However, before you can launch your site, you have to create a virtual host for it. Create a directory for your site and make the settings for your host.
Run the command:
sudo mkdir /var/www/mysite
Specify the domain of your site instead of mysite
.
You created the directory using sudo
, i.e. as root
. Change the permissions and group for this directory to be under your host-telecom
user.
sudo chown -R $USER:$USER /var/www/mysite
Then, you should create a configuration file for your virtual host. Configuration files are stored in the /etc/apache2/sites-available
directory. Open the console text editor nano
and create a configuration file. Run the command:
sudo nano /etc/apache2/sites-available/mysite.conf
Paste the following code:
<VirtualHost *:80>
ServerName XXX.XXX.XXX.XXX
ServerAlias XXX.XXX.XXX.XXX
ServerAdmin host-telecom@localhost
DocumentRoot /var/www/mysite
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Please note, for ServerName we entered the IP address of our server, if you have a domain you should specify it.
Exit the nano editor by pressing Ctrl + X
, and enter 'yes'
to save the file..
To get your virtual host activated by the web server, run the command:
sudo a2ensite mysite
You need to restart the server to allow the changes to take effect. Run the command:
sudo systemctl reload apache2
Create a test page in your directory where your site files should be located. Open the nano
text editor again:
nano /var/www/mysite/index.php
And add the following code in it:
<?php
phpinfo();
This is a PHP function that displays detailed information about the current php
configuration. Enter the IP address of your server into the address bar of your browser and you will see that you get a page with PHP configuration information.
We've reviewed the basic steps of setting up Apache, PHP, MySQL and learned how to create virtual hosts. Now you can install almost any CMS and launch your online business or blog.