LAMP
A LAMP stack is a particular bundle of software packages commonly used for hosting web content. The bundle consists of Linux, Apache, MySQL, and PHP.
When web developers talk about a “LAMP” stack, they are referring to a commonly used platform for web applications. The acronym usually refers to a Linux-based operating system, the Apache web server, the MySQL database server, and the PHP programing language. It is common to substitute other programing languages like Python, Perl, and even Ruby for PHP, but PHP is often a crucial part of the stack.
https://www.linode.com/docs/web-servers/lamp/lamp-on-centos-7/
Before You Begin
-
Ensure that you have followed the Getting Started and Securing Your Server guides, and the Linode’s hostname is set.
To check your hostname, run:
hostname hostname -fThe first command should show your short hostname, and the second should show your fully qualified domain name (FQDN).
-
Update your system:
sudo yum update
Install Nginx
To add the CentOS 7 EPEL repository, open terminal and use the following command:
sudo yum install epel-release
Now that the Nginx repository is installed on your server, install Nginx using the following yum command:
sudo yum install nginx
Afterwards, your web server is installed.
Once it is installed, you can start Nginx on your VPS:
sudo systemctl start nginx
Before continuing, you will want to do is enable Nginx to start on boot. Use the following command to do so:
sudo systemctl enable nginx
Install MySQL(MariaDB)
-
Install the MariaDB-server package:
sudo yum install mariadb-server -
Set MariaDB to start at boot and start the daemon for the first time:
sudo systemctl enable mariadb.service sudo systemctl start mariadb.service -
Run
mysql_secure_installationto secure MariaDB. You will be given the option to change the MariaDB root password, remove anonymous user accounts, disable root logins outside of localhost, and remove test databases and reload privileges. It is recommended that you answer yes to these options:sudo mysql_secure_installation
Install PHP
PHP is the component of our setup that will process code to display dynamic content. It can run scripts, connect to our MySQL databases to get information, and hand the processed content over to our web server to display.
We can once again leverage the yum system to install our components. We’re going to include the php-mysql and php-fpm packages as well:
sudo yum install php php-mysql php-fpm
We now have our PHP components installed, but we need to make a slight configuration change to make our setup more secure.
Open the main php-fpm configuration file with root privileges:
sudo vi /etc/php.ini
What we are looking for in this file is the parameter that sets cgi.fix_pathinfo. This will be commented out with a semi-colon (;) and set to “1” by default.
This is an extremely insecure setting because it tells PHP to attempt to execute the closest file it can find if a PHP file does not match exactly. This basically would allow users to craft PHP requests in a way that would allow them to execute scripts that they shouldn’t be allowed to execute.
We will change both of these conditions by uncommenting the line and setting it to “0” like this:
/etc/php.ini excerpt
cgi.fix_pathinfo=0
Save and close the file when you are finished.
Next, open the php-fpm configuration file www.conf:
sudo vi /etc/php-fpm.d/www.conf
Find the line that specifies the listen parameter, and change it so it looks like the following:
/etc/php-php.d/www.conf — 1 of 3
listen = /var/run/php-fpm/php-fpm.sock
Next, find the lines that set the listen.owner and listen.group and uncomment them. They should look like this:
/etc/php-php.d/www.conf — 2 of 3
listen.owner = nobody
listen.group = nobody
Lastly, find the lines that set the user and group and change their values from “apache” to “nginx”:
/etc/php-php.d/www.conf — 3 of 3
user = nginx
group = nginx
Then save and quit.
Now, we just need to start our PHP processor by typing:
sudo systemctl start php-fpm
This will implement the change that we made.
Next, enable php-fpm to start on boot:
sudo systemctl enable php-fpm
Configure Nginx to Process PHP Pages
Now, we have all of the required components installed. The only configuration change we still need to do is tell Nginx to use our PHP processor for dynamic content.
We do this on the server block level (server blocks are similar to Apache’s virtual hosts). Open the default Nginx server block configuration file by typing:
sudo vi /etc/nginx/conf.d/default.conf
Currently, with the comments removed, the Nginx default server block looks like this:
/etc/nginx/conf.d/default.conf — original
server {
listen 80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
We need to make some changes to this file for our site.
- First, we need to add an index.php option as the first value of our index directive to allow PHP index files to be served when a directory is requested
- We also need to modify the server_name directive to point to our server’s domain name or public IP address
- The actual configuration file includes some commented out lines that define error processing routines. We will uncomment those to include that functionality
- For the actual PHP processing, we will need to uncomment a portion of another section. We will also need to add a try_files directive to make sure Nginx doesn’t pass bad requests to our PHP processor
The changes that you need to make are in red in the text below. If you prefer, you may just copy and paste everything, then replace the value of server_name with the appropriate domain name or IP address:
/etc/nginx/conf.d/default.conf — updated
server {
listen 80;
server_name server_domain_name_or_IP;
# note that these lines are originally from the "location /" block
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
When you’ve made the above changes, you can save and close the file.
Restart Nginx to make the necessary changes:
sudo systemctl restart nginx
Test PHP Processing on your Web Server
In order to test that our system is configured properly for PHP, we can create a very basic PHP script.
We will call this script info.php. In order for Apache to find the file and serve it correctly, it must be saved to a very specific directory, which is called the “web root”.
In CentOS 7, this directory is located at /usr/share/nginx/html/. We can create the file at that location by typing:
sudo vi /usr/share/nginx/html/info.php
This will open a blank file. We want to put the following text, which is valid PHP code, inside the file:
Test PHP Script
<?php phpinfo(); ?>
When you are finished, save and close the file.
Now we can test whether our web server can correctly display content generated by a PHP script. To try this out, we just have to visit this page in our web browser.
f this was successful, then your PHP is working as expected.
You probably want to remove this file after this test because it could actually give information about your server to unauthorized users. To do this, you can type this:
sudo rm /usr/share/nginx/html/info.php
You can always recreate this page if you need to access the information again later.
Xiao Wenbin
Natural Language Processing Engineer
My research interests include machine learning, information retrieval and natural language processing.