LAMP Server Installation Guide on CentOS 6

From Acenet Knowledgebase
Jump to: navigation, search

If you've ever installed a LAMP server on CentOS 5, you may notice that the following steps are nearly identical. Some of the package names and yum groups have changed between CentOS 5 and CentOS 6. The following steps will show you how to install a LAMP server on CentOS 6.

Throughout this guide, our server's hostname is vps.example.com and resolves to the IP address 169.254.1.2.

Update your System

Connect to your server via SSH as the root user. If you're not sure how to do this, please see our guide on connecting to your server via SSH using PuTTY. We recommend ensuring your system is up to date before installing Apache, PHP, and MySQL. This can easily be done with yum.

yum update

If your server's kernel was updated during the yum update, reboot your server for the kernel change to take effect.

Install the Apache Web Server

Install the "Web Server" group using yum

yum groupinstall "Web Server"

This will install the httpd package and all of its related dependencies. Unlike CentOS 5, this group will not install PHP. We'll do this ourselves later in this guide.

Configure chkconfig to start Apache on boot

chkconfig httpd on

The web server is now installed and will automatically start on boot, but requires some configuration.

Configure Apache

Open the Apache configuration file with your favorite text editor. We'll use nano in this example.

nano /etc/httpd/conf/httpd.conf

ServerName

Let's first change the ServerName directive. If your hostname has a properly resolving DNS entry, you can use your server's hostname. Otherwise, you can use the IP address for your server.

ServerName 169.254.1.2:80

DocumentRoot

The DocumentRoot directive defines where Apache will serve documents. By default, this path is set to /var/www/html. If you prefer to have your documents served from a different directory, you can adjust this as desired.

Listen

The Listen directive defines which IP addresses and ports Apache will bind to. The default value *:80 will cause Apache to bind to all IP addresses which is often unnecessary. Unless you know you need a certain IP to be bound to port 80 for Apache, it will usually suffice to list only your server's main IP.

Listen 169.254.1.2:80

Restart Apache

Anytime the Apache configuration file is modified, the Apache service needs to be restarted for the changes to take effect. Let's restart Apache:

/etc/init.d/httpd restart

Set ownership of the DocumentRoot

For additional safety, let's set the user and group ownership of /var/www/html/ to the apache user. This will prevent PHP scripts from being executed as root and performing potentially harmful actions.

chown apache.apache /var/www/html

Apache can be customized far beyond the few directives we've covered here. However, these few changes are all that's required to get a working installation. We can now upload our HTML files to /var/www/html/ and visit our site in a web browser.

Install PHP 5.3

With httpd installed you have everything you need to serve HTML files from your server. Webmasters will generally want the ability to run dynamic content from the their server. We're going to install PHP for this purpose. At the time of this writing, PHP 5.3.3 is installed using the php package. The exact version may be different in the future.

Install the PHP 5.3.x package

yum install php

Restart Apache

/etc/init.d/httpd restart

That's it. PHP 5.3 is now installed on your system. PHP files will now be handled by the PHP interpreter. Of course, there are a wide range of modules to install and configuration values to tweak your PHP install. With just the simple steps listed above, your server is now able to serve PHP files.

Install MySQL

MySQL is a service that allows you to store dynamic content in a database. Most modern scripts like Wordpress and Joomla require a database service for storing content. Let's install MySQL.

At the time of this writing this guide will install MySQL 5.1.66.

Install the MySQL Database group via yum

yum groupinstall "MySQL Database server"

Start the MySQL service

service mysqld start

Configure chkconfig to start MySQL on boot

chkconfig mysqld on

Secure your new MySQL service with mysql_secure_installation

mysql_secure_installation

This will prompt you to answer several questions about your MySQL service.

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Set the MySQL root password

Since we just installed the MySQL service, there is no MySQL root password. As the message indicates, simply press ENTER at the following prompt.

Enter current password for root (enter for none):
 OK, successfully used password, moving on...

You'll next be prompted to configure a new MySQL root password. At the prompt, enter "Y" and then provide a secure password for the root MySQL user. Remember that secure passwords should contain a mix of letters and numbers and should not be words contained within a dictionary.

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
 Set root password? [Y/n] Y
New password:
Re-enter new password:
 Password updated successfully!
Reloading privilege tables..
 ... Success!

Remove the anonymous MySQL user

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Disable remote logins for the MySQL root user

We'll now disable remote logins for the root user. This will prevent brute force attacks against the root MySQL user's password. If you don't plan to have outside servers connect to your database, you could take this one step further and block MySQL's port 3306 in your firewall. This is beyond the scope of this guide.

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
 ... Success!

Remove the the 'test' databaes from MySQL

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reload the privileges table

Reloading the privilege tables will ensure that all changes made so far
 will take effect immediately.

 Reload privilege tables now? [Y/n] Y
 ... Success!

 Cleaning up...

We're finished securing MySQL

All done!  If you've completed all of the above steps, your MySQL
 installation should now be secure.

 Thanks for using MySQL!

Install MySQL support for PHP

With MySQL securely installed, we'll now want to install PHP support for connecting to MySQL databases. This can be done with yum as well.

yum install php-mysql

Congratulations, you've just installed your first LAMP server! A multitude of scripts can now be run from your server including Joomla, Wordpress, and many more.