Installing and configuring web server

In this guide, we will install an Apache server with PHP and MySQL server, where we can install available PHP software (or our own PHP sites), using an Ubuntu 12.04 x64 server. Some steps maybe valid on other distributions, on Debian, we must be root before executing a sudo sentence (and omit the word sudo), on SUSE, for example, we must use yast instead of apt-get, and so on.

Basic installation

To install Apache server, just type:

$ sudo apt-get install apache

# Confirm install and wait a moment

After a few seconds we will now have our server installed. If we access our server with the IP in our browser:

Screenshot 02-06-2013-210604

Apache will create www-data user and the homonimous group and files (and scripts) will be accessed from this user and group.

When we try to restart our server:

$ sudo service apache2 restart

we can see the next message:

apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerName

To fix this, we must add the ServerName directive to /etc/apache2/httpd.conf with a fully qualified domain name (FQDN) as argument. If our FQDN is vps.mydomain.com we must edit the file /etc/apache2/httpd.conf and write down:

ServerName vps.mydomain.com

Save the file and try to restart the server again. We won’t see the last message.

Now, we must install php and set up a few apache and PHP modules. To install php and some modules:

 $ sudo apt-get install php5 libapache2-mod-php5 php-pear php5-gd php5-mcrypt php-apc php5-intl php5-curl

Maybe some PHP scripts require other modules, we can find all modules available in our distribution with:

$ aptitude search php

Let’s install mysql server:

$ sudo apt-get install mysql-server

Accept the next confirmation, and after a few seconds we will see a screen like this:

MySQL password askWe must, then choose a password for our new mysql server, it’s good to choose a strong password for root access, we must repeat this password to continue the installation.

Store all websites inside our user’s home

This can be done in lots of ways, it depends on the way each one of us wants to organize the files. And that’s one of the ways I do in some of my servers. My home directory is /home/cloud, so I create a new directory called www:

~ $ mkdir www

Then, inside this new directory I create as many directories as websites I want to host, imagine, we are hosting totaki.com, gaspar.totaki.com and admin.totaki.com (other domains are good too, but you must buy them and point them to your servers’ ip), so:

~ $ cd www

www $ mkdir totaki.com

www $ mkdir gaspar.totaki.com

www $ mkdir admin.totaki.com

I could create gaspar.totaki.com inside totaki.com, that’s your choice. Inside each one of the directories I create two more: www, where I will put the web files and logs where the logs will be stored. I prefer to log each site separately:

www $ mkdir totaki.com/{www,logs}

www $ mkdir gaspar.totaki.com/{www,logs}

www $ mkdir admin.totaki.com/{www,logs}

Then, we can copy our sites files to totaki.com/www , gaspar.totaki.com/www, we will copy later admin.totaki.com files with some tools.

After copying these files, we must create the sites in Apache. To do this, we create the files /etc/apache2/sites-available/totaki.com , /etc/apache2/sites-available/gaspar.totaki.com and /etc/apache2/sites-avalable/admin.totaki.com ; every new site we create, we also create a file in /etc/apache2/sites-available/ and these will be the content, for example for totaki.com:

<VirtualHost *:80>
        ServerAdmin info@totaki.com
        ServerName totaki.com
        ServerAlias www.totaki.com

        DocumentRoot /home/cloud/www/totaki.com/www
        <Directory />
                Options FollowSymLinks
                AllowOverride All
        </Directory>
        <Directory /home/cloud/www/totaki.com/www/>
                Options FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>
        ErrorLog    "/home/cloud/www/totaki.com/logs/error.log"        
        LogLevel warn        
        CustomLog "/home/cloud/www/totaki.com/logs/access.log" combined       
</VirtualHost>

We could easily create a script that creates this file for every site we have. In ServerName we can put gaspar.totaki.com and admin.totaki.com with aliases alternatives in ServerAlias to fix addresses with www for example.

Then, we must enable our new sites:

$ sudo a2ensite totaki.com

$ sudo a2ensite gaspar.totaki.com

$ sudo a2ensite admin.totaki.com

Don’t worry if we don’t have anything in admin.totaki.com yet. To make the new sites work, we must reload our server’s configuration:

$ sudo service apache2 reload

We can use restart, but it’s a bit slower when we have lot’s of sites, and the server will be completely turned off before restarting, so users coming at this moment will be lost.

Even after activating a site, we can change it’s configuration by editing /etc/apache2/sites-available/[site_name] enabling the site just makes a link of this file in /etc/apache2/sites-enabled/[site_name]

Useful Apache2 modules

Enabling modules is like enabling sites, instead of a2ensite we will use a2enmod. First module, and one of my favourites is mod_rewrite. It allows websites to use a user friendly URLs making internal redirections. Lots of websites use it. To enable this module we must type:

$ sudo a2enmod rewrite

$ sudo service apache2 restart

To take advantage of this module we must also write something in the site configuration /etc/apache2/sites-available/[site_name], inside the <Directory> tag, something like this:

<Directory /home/cloud/www/site_name/www>
 ...
 AllowOverride All
 ....
</Directory>

Already written in the example file above.

We can also add the module ssl for https sites:

$ sudo a2enmod ssl

We can see all available mods at /etc/apache2/mods-available directory.

Installing phpMyAdmin

To easily manage MySQL databases we can install phpMyAdmin into our server, password protected, of course. We must create a new directory (i.e. tarballs) for phpMyAdmin compressed file (and so for all compressed files for web software installation):

www $ mkdir admin.totaki.com/tarballs

Then, download it, to do so, we go to the official download site and download the last version. At the moment of writing this guide, it was, 4.0.2, we can download the all-languages or English only version in tar.bz2 (for example), just try to download the file and copy the link and paste it in our server ssh session writing wget before:

www $ cd admin.totaki.com/tarballs

www/admin.totaki.com/tarballs $ wget [download_file].tar.bz2

In my case:

www/admin.totaki.com/tarballs $ wget http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.2/phpMyAdmin-4.0.2-all-languages.tar.bz2/download

Let’s extract the file in our www directory:

www/admin.totaki.com/tarballs $cd ../www

www/admin.totaki.com/www/ $ tar xvjf ../tarballs/phpMyAdmin-4.0.2-all-languages.tar.bz2

It will create another directory (phpMyAdmin-4.0.2-all-languages/) we can rename it to pma or phpMyAdmin to create an easy access from a direct URL:

www/admin.totaki.com/www $ mv phpMyAdmin-4.0.2-all-languages pma

and freely remove setup directory, to avoid intruders to run these scripts. We have just installed phpMyAdmin, it will prompt for password when we go to http://admin.totaki.com/pma . We can have two more steps to make it more secure with an extra password, to run all future tools in admin.totaki.com. We can also make phpMyAdmin enters as root (or anybody).

Password protect folder (for example, pma folder)

To make Apache asks for user name and password before entering a folder, we must create a .htaccess file (dot htaccess), that’s a UNIX hidden file and store passwords outside the document root, for example in www/admin.totaki.com/passwords.

Passwords must be created using htpasswd, to do so:

$ cd www/admin.totaki.com

www/admin.totaki.com $ mkdir passwords

www/admin.totaki.com $ htpasswd -c passwords/www gaspar

New password:

Re-type new password

Adding password for user Gaspar

In this example we’ve created the file www inside www/admin.totaki.com/passwords and then, created the user gaspar. The program asks us for password twice. Then, edit www/admin.totaki.com/www/.htaccess like this:

AuthUserFile /home/cloud/www/admin.totaki.com/passwords/www
AuthType Basic
AuthName “Restricted Area”
Require valid-user

When a user enters this website, will see a message like this:

Screenshot 07-06-2013-090608Make phpMyAdmin login automatically as a user (i.e. root)

It’s not recommended to make it log in with MySql root privileges, but it would be useful if we have several users in our system and we want them to login automatically. It’s only a basic configuration of phpMyAdmin.

We are going to enable some phpMyAdmin features that require a database, so, first, we must create a database and some tables with a sql included in phpMyAdmin:

$ mysql -u root -p < /home/cloud/www/admin.totaki.com/www/pma/scripts/create-tables.sql

Once we have installed  this, lets create a MySQL user and give it privileges on the database phpmyadmin:

$ mysql -u root -p

Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 104

mysql> CREATE USER ‘pma’@’localhost’ IDENTIFIED BY ‘axK12jMf’ [password for pma user]
Query OK, 0 rows affected (0.03 sec)

mysql> GRANT SELECT, INSERT, DELETE, UPDATE ON `phpmyadmin`.* TO ‘pma’@’localhost’;
mysql> exit

We now have created a user, phpMyAdmin will use this user (pma) to access phpmyadmin database. Now we will create the configuration file based in the example configuration file:

www/admin.totaki.com/www/pma/ $ cp config.sample.inc.php config.inc.php

Now, generate a random key:

pwgen -yns 46 1

And edit config.inc.php file and change the following:

$cfg[‘blowfish_secret’] = ”Generated random key’; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
…..
…..
$i++;

$cfg[‘Servers’][$i][‘verbose’] = ‘My database Server;
$cfg[‘Servers’][$i][‘host’] = ‘localhost’;
$cfg[‘Servers’][$i][‘port’] = ”;
$cfg[‘Servers’][$i][‘socket’] = ”;
$cfg[‘Servers’][$i][‘connect_type’] = ‘tcp’;
$cfg[‘Servers’][$i][‘extension’] = ‘mysqli’;
$cfg[‘Servers’][$i][‘auth_type’] = ‘config’;
$cfg[‘Servers’][$i][‘user’] = ‘root’;
$cfg[‘Servers’][$i][‘password’] = ‘OUR MYSQL ROOT PASSWORD’;
$cfg[‘Servers’][$i][‘controluser’] = ‘pma’;
$cfg[‘Servers’][$i][‘controlpass’] = ‘axK12jMf”;/* Storage database and tables */
$cfg[‘Servers’][$i][‘pmadb’] = ‘phpmyadmin’;
$cfg[‘Servers’][$i][‘bookmarktable’] = ‘pma_bookmark’;
$cfg[‘Servers’][$i][‘relation’] = ‘pma_relation’;
$cfg[‘Servers’][$i][‘table_info’] = ‘pma_table_info’;
$cfg[‘Servers’][$i][‘table_coords’] = ‘pma_table_coords’;
$cfg[‘Servers’][$i][‘pdf_pages’] = ‘pma_pdf_pages’;
$cfg[‘Servers’][$i][‘column_info’] = ‘pma_column_info’;
$cfg[‘Servers’][$i][‘history’] = ‘pma_history’;
$cfg[‘Servers’][$i][‘tracking’] = ‘pma_tracking’;
$cfg[‘Servers’][$i][‘designer_coords’] = ‘pma_designer_coords’;
$cfg[‘Servers’][$i][‘userconfig’] = ‘pma_userconfig’;

….
….
/* Select mysqli if your server has it */
$cfg[‘Servers’][$i][‘extension’] = ‘mysqli’;

Leave a Reply

Your email address will not be published. Required fields are marked *