Use YUM to retrieve and install the Apache HTTP server and additional components. After that, start the web-server and put it on startup:
yum install httpd httpd-devel service httpd start chkconfig httpd on
Next step is securing Apache. Edit the config /etc/httpd/conf/httpd.conf and set:
ServerSignature Off ServerTokens Prod
First line tells Apache to not display the server version on generated pages. The second one makes the web-server to return only "Apache" in the header response.
Now you ready to Install the PHP module for Apache. The following lines download and install the common PHP with some modules:
yum install php-common php-gd php-mcrypt php-pear php-pecl-memcache php-mhash \ php-mysql php-xml
Next step is securing PHP. Open PHP config file /etc/php.ini and set:
safe_mode = Off register_globals = Off expose_php = Off allow_url_fopen = Off log_errors = On error_log = /var/log/phperror.log display_errors = Off
The above lines will implement some PHP security recommendations.
As you see, above all PHP errors will be stored in file /var/log/phperror.log. The following lines creates it and set the permissions:
touch /var/log/phperror.log chmod 666 /var/log/phperror.log
Restart webserver to load PHP module:
service httpd restart
At this point Apache is ready to serve. The PHP could be tested. Create a file named /var/www/html/1.php with the following contents:
<?php phpinfo(); ?>
Then point your browser to http://x.x.x.x/1.php and check the output.
Next, install MySQL with required packages, start it and put the database server to startup:
yum install mysql mysql-server mysql-devel service mysqld start chkconfig mysqld on
Once MySQL is installed, secure it. First step is changing MySQL root password:
mysql> USE mysql; mysql> UPDATE user SET Password=PASSWORD('pa$$w0rd') WHERE user='root';
Next, drop test database:
mysql> drop database test; mysql> DELETE FROM user WHERE user = ''; mysql> FLUSH PRIVILEGES;
For security reasons it's ofted a good ideea to have:
local-infile=0 bind-address=127.0.0.1
in MySQL config file /etc/my.cnf
The first line make MySQL to listen for TCP/IP connections only locally on the loop-back interface. Next line prevents against unauthorized reading from local files.
It is time to restart MySQL to make changes to work:
service mysql restart
Once LAMP is functional, phpMyAdmin can be installed:
yum install phpmyadmin
Configure Apache to allow acces to phpMyAdmin. Open /etc/httpd/conf.d/phpmyadmin.conf and uncomment the line:
# Deny from all
The configuration file needs a secret pass-phrase to be entered. Open the phpMyAdmin config file /usr/share/phpmyadmin/config.inc.php and enter a pass-phrase:
$cfg['blowfish_secret'] = 'p@$$w0rd'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
Restart the Apache webserver to be able to acces phpMyAdmin:
service httpd restart
To test phpMyAdmin you should point your browser to http://x.x.x.x/phpmyadmin
Note: If you want to add a virtual host www.domain.tld to the Apache – follow the below steps.
First of all create directories and set correct permissions:
mkdir -p /home/domain.tld/{public_html,logs} chown -R apache:apache /home/domain.tld
Open Apache config /etc/httpd/conf/httpd.conf and alter NameVirtualHost directive:
NameVirtualHost ip.address:80
After that add the following VirtualHost container and paste it at the end of the config file:
<VirtualHost ip.address:80> ServerAdmin webmaster@domain.tld ServerName www.domain.tld ServerAlias domain.tld DocumentRoot /home/domain.tld/public_html <Directory /> Options -Indexes FollowSymLinks AllowOverride None Order allow,deny allow from all </Directory> ErrorLog /home/domain.tld/logs/domain.tld-error_log CustomLog /home/domain.tld/logs/domain.tld-access_log common </VirtualHost>
Test if the config syntax is OK and restart Apache:
httpd -t httpd -D DUMP_VHOSTS service httpd restart