Differences

This shows you the differences between two versions of the page.

Link to this comparison view

installing_and_configuring_apache_with_php_and_mysql_on_debian_jessie_en [2019/08/08 15:23] (current)
Line 1: Line 1:
 +====== Installing and Configuring Apache with PHP and MySQL on Debian Jessie ======
 +
 +Let's update the repositories and upgrade the system
 +<sxh bash>
 +aptitude update && aptitude dist-upgrade -y
 +</sxh>
 +
 +Now let's install the Apache, <nowiki>MySQL</nowiki> and PHP
 +<sxh bash>
 +aptitude install mysql-server mysql-client apache2 php5 php5-mysql php5-imap php5-gd php5-mcrypt \
 + php5-json php5-xmlrpc php5-dev php5-common libapache2-mod-php5 php-pear php5-intl php5-curl -y
 +</sxh>
 +
 +** Note:** Needs to set up the <nowiki>MySQL</nowiki> root password
 +
 +Now let's disable de default virtual host
 +<sxh bash>
 +a2dissite 000-default.conf
 +</sxh>
 +
 +Now let's disable the cgi support 
 +<sxh bash>
 +a2disconf serve-cgi-bin.conf
 +</sxh>
 +
 +Now let's disable the other-vhosts access file
 +<sxh bash>
 +a2disconf other-vhosts-access-log.conf
 +</sxh>
 +
 +Now let's create a new virtual host
 +<sxh apache>
 +vim /etc/apache2/sites-available/www.douglasqsantos.com.br.conf
 +#/etc/apache2/sites-available/www.douglasqsantos.com.br
 +<VirtualHost *:80>
 +        ServerAdmin webmaster@douglasqsantos.com.br
 +        ServerName www.douglasqsantos.com.br
 +        DocumentRoot "/var/www/www.douglasqsantos.com.br"
 +     <Directory "/var/www/www.douglasqsantos.com.br">
 +        Options -Indexes +FollowSymLinks
 +        AllowOverride None
 +        Require all granted
 +     </Directory>
 +     <IfModule mod_php5.c>
 +        AddType application/x-httpd-php .php
 +        php_flag expose_php Off
 +        php_flag allow_url_fopen Off
 +        php_flag allow_url_include Off
 +        php_flag magic_quotes_gpc Off
 +        php_flag register_globals Off
 +        php_flag disable_functions show_source
 +        php_flag disable_functions system
 +        php_flag disable_functions shell_exec
 +        php_flag disable_functions passthru
 +        php_flag disable_functions exec
 +        php_flag disable_functions popen
 +        php_flag disable_functions proc_open
 +        php_flag disable_functions symlink
 +     </IfModule>
 +        LogLevel warn
 +        CustomLog ${APACHE_LOG_DIR}/www.douglasqsantos.com.br-access.log combined
 +        ErrorLog ${APACHE_LOG_DIR}/www.douglasqsantos.com.br-error.log
 +        ServerSignature Off
 +        ## Enable the follow line to enable apache work with CGI
 +        #Include conf-available/serve-cgi-bin.conf
 +</VirtualHost>
 +</sxh>
 +
 +Now we need to enable the new virtual host
 +<sxh bash>
 +a2ensite www.douglasqsantos.com.br.conf
 +</sxh>
 +
 +Now let's create the document root
 +<sxh bash>
 +mkdir -p /var/www/www.douglasqsantos.com.br
 +</sxh>
 +
 +Now we need to create the index file like this
 +<sxh bash>
 +echo "<?php phpinfo(); ?>" > /var/www/www.douglasqsantos.com.br/index.php
 +</sxh>
 +
 +Now we need to change the permissions
 +<sxh bash>
 +chown -R www-data:www-data /var/www/www.douglasqsantos.com.br
 +</sxh>
 +
 +Now we need to restart the Apache Server
 +<sxh bash>
 +/etc/init.d/apache2 restart
 +</sxh>
 +
 +Now let's run a test accessing http://ip_server
 +
 +====== Configuring HTTPS ======
 +
 +Let's create the directory to store the certificate files
 +
 +<sxh bash>
 +mkdir -p /etc/ssl/apache
 +</sxh>
 +
 +Now let's access the directory
 +<sxh bash>
 +cd /etc/ssl/apache
 +</sxh>
 +
 +Now we need to create the certificate key file
 +<sxh bash>
 +openssl genrsa -des3 -out server.key 1024
 +Generating RSA private key, 1024 bit long modulus
 +....................++++++
 +...........++++++
 +e is 65537 (0x10001)
 +Enter pass phrase for server.key: password
 +Verifying - Enter pass phrase for server.key: password
 +</sxh>
 +
 +Now we need to create the certificate sign request
 +<sxh bash>
 +openssl req -new -key server.key -out server.csr
 +Enter pass phrase for server.key: password
 +You are about to be asked to enter information that will be incorporated
 +into your certificate request.
 +What you are about to enter is what is called a Distinguished Name or a DN.
 +There are quite a few fields but you can leave some blank
 +For some fields there will be a default value,
 +If you enter '.', the field will be left blank.
 +-----
 +Country Name (2 letter code) [AU]:BR
 +State or Province Name (full name) [Some-State]:Parana
 +Locality Name (eg, city) []:Curitiba
 +Organization Name (eg, company) [Internet Widgits Pty Ltd]:Douglas
 +Organizational Unit Name (eg, section) []:Douglas
 +Common Name (eg, YOUR name) []:www.douglasqsantos.com.br
 +Email Address []:douglas.q.santos@gmail.com
 + 
 +Please enter the following 'extra' attributes
 +to be sent with your certificate request
 +A challenge password []:
 +An optional company name []:Douglas
 +</sxh>
 +
 +Now let's sign our certificate file
 +<sxh bash>
 +openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
 +Signature ok
 +subject=/C=BR/ST=Parana/L=Curitiba/O=Douglas/OU=Douglas/CN=www.douglasqsantos.com.br/emailAddress=douglas.q.santos@gmail.com
 +Getting Private key
 +Enter pass phrase for server.key: password
 +</sxh>
 +
 +Now we need to change the certificate's files permission
 +<sxh bash>
 +chmod 0400 server.*
 +cp server.key server.key.orig
 +</sxh>
 +
 +Now we need to remove the password from the certificate, otherwise every time the apache server start we will need to put the password
 +<sxh bash>
 +openssl rsa -in server.key.orig -out server.key
 +Enter pass phrase for server.key.orig: password
 +writing RSA key
 +</sxh>
 +
 +Let's change the permission of certificate files
 +<sxh bash>
 +chmod 0400 /etc/ssl/apache/
 +</sxh>
 +
 +Now we need to configure the <nowiki>VirtualHost</nowiki>
 +<sxh apache>
 +vim /etc/apache2/sites-available/www.douglasqsantos.com.br.conf
 +#/etc/apache2/sites-available/www.douglasqsantos.com.br
 +<VirtualHost *:443>
 +        ServerAdmin webmaster@douglasqsantos.com.br
 +        ServerName www.douglasqsantos.com.br
 +        DocumentRoot "/var/www/www.douglasqsantos.com.br"
 +     <Directory "/var/www/www.douglasqsantos.com.br">
 +        Options -Indexes +FollowSymLinks
 +        AllowOverride None
 +        Require all granted
 +     </Directory>
 +     <IfModule mod_php5.c>
 +        AddType application/x-httpd-php .php
 +        php_flag expose_php Off
 +        php_flag allow_url_fopen Off
 +        php_flag allow_url_include Off
 +        php_flag magic_quotes_gpc Off
 +        php_flag register_globals Off
 +        php_flag disable_functions show_source
 +        php_flag disable_functions system
 +        php_flag disable_functions shell_exec
 +        php_flag disable_functions passthru
 +        php_flag disable_functions exec
 +        php_flag disable_functions popen
 +        php_flag disable_functions proc_open
 +        php_flag disable_functions symlink
 +     </IfModule>
 +        LogLevel warn
 +        CustomLog ${APACHE_LOG_DIR}/www.douglasqsantos.com.br-access.log combined
 +        ErrorLog ${APACHE_LOG_DIR}/www.douglasqsantos.com.br-error.log
 +        ServerSignature Off
 +        ## Enable the follow line to enable apache work with CGI
 +        #Include conf-available/serve-cgi-bin.conf
 +        ## Enabling the SSL
 +        SSLEngine on
 +        SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
 +        SSLCertificateFile "/etc/ssl/apache/server.crt"
 +        SSLCertificateKeyFile "/etc/ssl/apache/server.key"
 +    <FilesMatch "\.(cgi|shtml|phtml|php)$">
 +        SSLOptions +StdEnvVars
 +    </FilesMatch>
 +        BrowserMatch ".*MSIE.*" \
 +        nokeepalive ssl-unclean-shutdown \
 +        downgrade-1.0 force-response-1.0
 +</VirtualHost>
 +</sxh>
 +
 +Now we need to enable the ssl modules
 +<sxh bash>
 +a2enmod ssl
 +</sxh>
 +
 +Now let's restart the apache server
 +<sxh bash>
 +/etc/init.d/apache2 restart
 +</sxh>
 +
 +Now we can run a test accessing https://ip_server
 +
 +====== References ======
 +  - http://httpd.apache.org/docs/2.4/en/
 +  - http://httpd.apache.org/docs/2.4/en/mod/
 +  - http://httpd.apache.org/docs/2.4/en/mod/core.html
 +  - http://httpd.apache.org/docs/2.4/en/ssl/
 +  - http://httpd.apache.org/docs/2.4/en/howto/auth.html
 +  - http://httpd.apache.org/docs/2.4/en/mod/mod_authz_core.html#require
  
Print/export
QR Code
QR Code installing_and_configuring_apache_with_php_and_mysql_on_debian_jessie_en (generated for current page)