Installation of the Webserver Apache2, MySQL Server, PHP and Phpmyadmin
In the following I’ll describe the setup of apache2, php, phpmyadmin and a mysql database server. It is intended to use on your localhost for tests or on a Virtual Private Server (VPS), if you want to offer these services and Websites publicly. For testing purposes you can install them on your home network, but configure your server carefully, if you open ports to public access. In Debian the default for mysql is mariadb-server, in Ubuntu it’s mysql-server. References for mysql are MariaDB Basics and MariaDB Documentation. An alternative to the Apache webserver is NGINX, especially for high traffic. I do not go into details for it.
Installing the Webserver Apache2 can be done in Linux with the so-called LAMP stack (Linux, Apache, MySQL, PHPMYADMIN). To get started follow the instructions of Debian with the Link https://wiki.debian.org/LaMp. Alternatively see Ubuntu pages, Webservices on that or other related pages. After installation check whether it’s already started with the command “sudo systemctl status apache2“. When inactive enter the command “sudo systemctl start apache2” at a terminal prompt and check it again. Use your browser pointing to address “http://your_domain” to see the welcome page of apache. Finally enable apache2 to be active immediately after booting by
sudo systemctl enable apache2.service
HTTPS with a Certificate: When you want to publish your Website, you need an ip address and a domain from your internet provider. For a secure shell with https you also need a valid certificate. You can get without charge a LetsEncrypt certificate provided your site has a ipv4 address and a domain known at DNS’.
A LetsEncrypt certificate is installed as described under the Link Get a certicate. For the certificate installation open (only temporarily) also port 80 in your firewall. To get a LetsEncrypt certificate use the following commands (there are two minus signs before the option apache):
sudo apt update
sudo apt install certbot python3-certbot-apache
sudo certbot –apache
sudo a2dissite 000-default.conf
sudo a2ensite 000-default-le-ssl.conf (generated by certbot)
sudo systemctl restart apache2
sudo systemctl status certbot.timer (to check it)
Add your Server-IP and your according domain in /etc/hosts. Afterwards, you should only allow https connections, i.e. allow Port 443, deny Port 80 (the HTTP Port) in the firewall. If you like, you can use as an example my Apache Config Files for setting up with https and LetsEncrypt certificate. Here is the download of the file my-ssl.conf in the directory /etc/apache2/sites-available (Permissions: root:root rw-r–r–). Disable the available apache sites so far by the command “sudo a2dissite“, which shows you the currently enabled site and choose to disable it (probably 000-default-le-ssl.conf). Subsequently enable the new one with “sudo a2ensite my-ssl.conf” (if it has that name and you have updated the domain and certificate location). Also enter the commands sudo a2enmod headers and sudo a2enmod rewrite, if not yet enabled. If you have phpmyadmin installed and configured it with the file phpmyadmin.conf, set a symbolic link to it in /etc/apache2/conf-available (or copy it into that directory) and enter the command sudo a2enconf phpmyadmin.conf. You can test the configuration with sudo apachectl configtest. If you want to leave port 80 open, then use a redirect in /etc/apache2/conf-available like this and enable it with sudo a2enconf redirect.conf.
Finally sudo systemctl restart apache2. Then a symbolic link to my-ssl.conf in the directory /apache2/sites-enabled is created. For access from the internet open the ports 80 and 443 in your firewall. Check it and test the webserver.
If everything is correct, you can access your Website now with your ip or domain name in the internet, as soon as the domain is published at DNS servers.
Checking Successful Installation of MySQL:
When you login for the first time use simply sudo mysql, followed by mysql>ALTER USER ‘root’@’localhost’ IDENTIFIED BY ‘choose_password’;.
Afterwards mysql>exit and login then with sudo mysql -u root -p”your_chosen_password”. You should see the MySQL prompt:
mysql>
. Here you can run mysql queries, create tables etc.
Enter a strong password (strong, 16-24 characters, no \, no apostroph) which you choose for that step. The reason is that your database can be attacked by https://your_domain/phpmyadmin/, if your domain and phpmyadmin are accessible .
How to create a superuser in MySQL?
Follow the steps to create a new user in MySQL and make it a super user with root-like access to the databases.
1. First, you have to log in with the root user, which possesses the priviledge to create a user.
Type the following command to create a new user with a chosen (of course strong, 15-16 characters, no \, no apostrophe) password:
CREATE USER ‘username’@’localhost’ IDENTIFIED BY ‘the_password’;
At this point, the new user has no permission over the databases. The next thing to do is to grant privileges to the new user. There are several privileges a user can have:
ALL PRIVILEGES – a full root access to the databases. If no database is specified, it has global access across the system.
CREATE – create new tables or databases
DROP – delete tables or databases
DELETE – delete rows from tables
INSERT – insert rows into tables
SELECT – use the SELECT command to read through databases
UPDATE – update table rows
GRANT OPTION – grant or remove other users’ privileges
2. Make the user a superuser
To make this new user a superuser, we have to provide the user with full root access to everything in the database, which means
GRANT ALL PRIVILEGES ON *.* TO ‘user_name’@’localhost’ WITH GRANT OPTION;
The new user now has the root-like permission.
3. Then create another account for the same new username and grant full root access:
CREATE USER ‘username’@’%’ IDENTIFIED BY ‘the_password’;
GRANT ALL PRIVILEGES ON *.* TO ‘username’@’%’ WITH GRANT OPTION;
Both ‘username’@’localhost’ and ‘username’@’%’ are superuser accounts with full privileges to do anything.
The ‘username’@’localhost’ account can be used only when connecting from the local host. The ‘username’@’%’ account uses the ‘%’ wildcard for the host part, so it can be used to connect from any host.
4. To double check the privileges given to the new user, run the command:
SHOW GRANTS FOR username;
5. Finally, when everything is settled, reload all the privileges:
FLUSH PRIVILEGES;
All the changes will take effect immediately. Exit and login again as your new superuser and delete now unnecessary users, especially the root user.
Create a Database
CREATE DATABASE db0001;
Alternatively, if installed, type “http://your_domain/phpmyadmin/” in the browser address bar and login with a username and password of your privileged user as created before. Create a Database, let’s say “db0001” and keep the default settings. You can create tables in that database, use sql queries etc. If you do not want to use phpmyadmin, because it can be a target for hackers — therefore I advice against it — you should not install it and use simply sql queries in the mysql shell to handle your databases. If you really want to install and configure phpmyadmin, use the commands
sudo apt install phpmyadmin
sudo ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf-available/phpmyadmin.conf
sudo a2enconf phpmyadmin.conf
sudo systemctl restart apache2
You can temporarily disable phpmyadmin, if not used, by sudo a2disconf phpmyadmin.conf and sudo systemctl restart apache2, enable it again with sudo a2enconf phpmyadmin.conf and restart apache2. Analogously you could disable/enable your ftp server temporarily by typing: sudo systemctl stop vsftpd/restart vsftpd.
I will not go further into details at that point, but leave the topic assuming you have created a single database db0001 . This database can be used for a single website with the help of the program WordPress. WordPress websites are based on so-called Themes, which are downloadable after WordPress installation as well as a bunch of plugins for that. All contents of a WordPress site are stored in a database. Many themes create reponsive websites, which are suitably scaled depending on the viewport of a visitor (Notebook or Handy or Tablet for example). As next topic on my pages here I’ll indicate how a WordPress Website is set up (like the one you see).