Thursday, May 8, 2014

Home » , , , » LAMP Server setup in CentOS 6

LAMP Server setup in CentOS 6

By 4 comments

In this article we will discuss how to setup a LAMP (Linux OS, Apache web server, MySql database,
LAMP Server Setup
PHP) server in CentOS 6 with PhpMyAdmin for graphical administration of MySql.
1. Apache installation and configuration:

For creating a web-server we need to first install and configure Apache web-server. Following are the specification for apache web-server:
  •        Packages required: httpd
  •       Available in default CentOS repository: Yes
  •        Additional module required: mod_ssl ( If you want a ssl enabled website)
  •        Default location for apache configuration file:   /etc/httpd/conf/httpd.conf
  • .      Default DocumentRoot: /var/www/html

Installation commands for httpd and mod_ssl:


root@alokranjan:~# yum install httpd -y

root@alokranjan:~# yum install mod_ssl
  





After installation has done we need to start the httpd service and add this service at start-up.

root@alokranjan:~# service httpd start

root@alokranjan:~# chkconfig httpd on






2. Mysql server installation and configuration:

For creating a database we will install and configure MySql. Following are the specification for MySql:
  • Packages required: mysql-server 
  • Available in default CentOS repository: Yes
  • Any Specific module need to compile during mysql installation: phpmyadmin (for graphical interface)
  • Available in default CentOS repository: Yes



root@alokranjan:~# yum install mysql-server -y






This command will installed the mysql-server, to create necessary directory structure and some   management system tables we need to execute mysql_install_db command.

root@alokranjan:~# mysql_install_db





To change default settings for Mysql, we need to execute mysql_secure_installation command. This will ask to change defaults values including changing root password which is very important as per security concerns.

root@alokranjan:~# mysql_secure_installation




If this will not successfully change the root password and will ask for old root password, we have to change the password by entering into the safe mode of mysql as below:

[root@alokranjan ~]# service mysqld stop
Stopping mysqld:                                           [  OK  ]
[root@alokranjan ~]# mysqld_safe --skip-grant-tables &
[1] 8915
[root@alokranjan ~]# 131209 04:49:27 mysqld_safe Logging to '/var/log/mysqld.log'.
131209 04:49:27 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
mysql -u root

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.1.71 Source distribution
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> update user set password=PASSWORD("alokranjan") where User='root';
Query OK, 3 rows affected (0.01 sec)
Rows matched: 3  Changed: 3  Warnings: 0
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> quit
Bye
[root@alokranjan ~]# service mysqld stop
131209 04:50:55 mysqld_safe mysqld from pid file /var/run/mysqld/mysqld.pid ended
Stopping mysqld:                                           [  OK  ]
[1]+  Done                    mysqld_safe --skip-grant-tables
[root@alokranjan ~]# service mysqld start

Starting mysqld:                                           [  OK  ]
[root@alokranjan ~]#

Again run the mysql_secure_installation command to reset the default values:
[root@alokranjan ~]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorization.
You already have a root password set, so you can safely answer 'n'.
Change the root password? [Y/n] n
 ... skipping.
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
Production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n
 ... skipping.

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
... Success!
By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
 ... Success!
Cleaning up...
All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!























































After installation has done we need to start the mysqld service and add this service at startup.

[root@alokranjan ~]# service mysqld start

[root@alokranjan ~]# chkconfig mysqld on




3. PHP installation and configuration:

  PHP is required for back-end programming. Following are the specification for PHP:

  • Package required: php, php-mysql 
  • Version: PHP5
  • Dependencies for PHP package: php-cli , php-common and php-pdo.

Using the following yum command we can install the required php package:

[root@alokranjan ~]# yum install php php-mysql -y


4.PhpMyAdmin installation and configuration:

  • Package required: phpmyadmin
  • Dependencies: libmcrypt-2.5.8-9.el6.i686.rpm, php-gd-5.3.3-26.el6.i686.rpm, php-mbstring-5.3.3-26.el6.i686.rpm,php-mcrypt-5.3.3-1.el6.i686.rpm, php-php-gettext-1.0.11-3.el6.noarch.rpm, phpMyAdmin-3.5.8.2-1.el6.noarch.rpm
  • Available in default CentOS repository: No
  • External repository: EPEL
  • Default configuration file location: /etc/httpd/conf.d/phpMyAdmin.conf, /etc/phpMyAdmin/config.inc.php
We need to first setup EPEL repository from where we can download and install the required packages for phpmyadmin.

[root@alokranjan ~]# wget http://epel.mirror.net.in/epel/6/i386/epel-release-6-8.noarch.rpm

[root@alokranjan] rpm –ivh epel-release-6-8.noarch.rpm





Now we can install the phpmyadmin package from EPEL repository as below:

[root@alokranjan ~]# yum install phpmyadmin -y


ForceSSL and auth_type are important config options. SSL should be ON and auth_type http is better; http auth uses MySQL user/pass combinations to restrict access to user-specific databases.

We need to add the following in the configuration file (/etc/phpMyAdmin/config.inc.php) for ForceSSL:
$cfg['ForceSSL'] = true;
We need to change the loopback IP (127.0.0.1) in the following configuration file with the server’s IP:
/etc/httpd/conf.d/phpMyAdmin.conf

Now we are ready with phpmyadmin to be used and can be opened from any web-browser by providing https://<server-IP>/phpmyadmin

 Where phpmyadmin is the Alias created for the /usr/share/phpmyadmin.

Below is the screenshot for phpmyadmin login page:
Fig1: phpmyadmin login page 
















After providing correct details, it will show the below home page for phpmyadmin:

Fig2. Phpmyadmin home page


Mysql configuration can be changed from https://<serverip>/phpmyadmin/setup

Fig3. Phpmyadmin setup page











This phpMyAdmin panel can’t be accessed from outside. Below is the access denied error message from Apache. If anyone wants to access it from any remote machine then user needs to do tunneling by providing the credentials of the host machine, it makes the phpMyAdmin setup more secure.

Fig4. Forbidden page for phpmyadmin 










This Forbidden message will show the additional server information like: Server OS and Apache version. To disable showing this extra information from Apache server, we have to make the following changes in apache configuration file (/etc/httpd/conf/httpd.conf).

 ServerSignature off



Thank you for reading our article, keep visiting and let us know in case any query or suggestion.



4 comments:

  1. AnonymousMay 8, 2014 at 1:21 PM

    Great article ... its really help me to solve my problem

    ReplyDelete
  2. AnonymousMay 8, 2014 at 3:54 PM

    Hi alok can u help me to recover deleted files.

    thanks in advance

    Mark Nelson

    ReplyDelete
    Replies
    1. Alok RanjanMay 8, 2014 at 6:47 PM

      Very soon we will post some articles to restore deleted files.

      Keep visiting and supporting...

      Thanks.

      Delete
  3. AnonymousMay 9, 2014 at 2:15 PM

    Turn off Server Signature to make it more secure

    ReplyDelete