ApacheMySQLPHP

Differences between revisions 9 and 64 (spanning 55 versions)
Revision 9 as of 2005-07-31 23:35:00
Size: 2881
Editor: S0106000d88b9f3db
Comment: adding Securing Apache w/ ports.conf info
Revision 64 as of 2006-06-15 22:33:33
Size: 11061
Editor: toronto-HSE-ppp4139631
Comment: noticed there was nothing to tell a user hwo to exit msql console.
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
## page was renamed from ApachePHPMySQL
This is to help people setup and install a [http://en.wikipedia.org/wiki/LAMP LAMP] server in Ubuntu 5.04, including Apache 2, PHP 4, and MySQL 4.1. As of this writing, MYSQL 5.0 and PHP 5 could only be installed by compiling. See the bottom of this document for further info.
||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;">'''Contents'''[[BR]][[TableOfContents]]||
This is to help people setup and install a [http://en.wikipedia.org/wiki/LAMP_%28software_bundle%29 LAMP] ('''L'''inux-'''A'''pache-'''M'''ySQL-'''P'''HP) server in Ubuntu, including Apache 2, PHP 4, and MySQL 4.1, as well as Java support with
Apache Tomcat 5.

With the release of Ubuntu 5.10 (Breezy Badger) in October 2005 PHP5 is now available through the repositories, although PHP5 information has not yet been added here. MYSQL 5.0 can still only be installed by compiling. In Dapper, MYSQL 5.0 now exists as a package. See the bottom of this document for further info. Also in 6.06 (Dapper Drake) you have the option of choosing to install a LAMP setup at the inital Ubuntu installation screen.
Line 8: Line 11:
Also, you should be familiar with RootSudo. Also, you should be familiar with using '''sudo''' - please see RootSudo for details.
Line 11: Line 14:

{{{
$ sudo apt-get install apache2
{{{
$ sudo aptitude install apache2
Line 17: Line 19:

{{{
$ sudo apt-get install php4
}}}

== Installing MYSQL 4.1 ==

{{{
$ sudo apt-get install mysql-server-4.1
$ sudo apt-get install libapache2-mod-auth-mysql
$ sudo apt-get install php4-mysql
}}}

After installing MySQL, you really ought to read [http://dev.mysql.com/doc/mysql/en/default-privileges.html 2.9.3. Securing the Initial MySQL Accounts] from the [http://dev.mysql.com/doc/mysql/en/index.html MySQL Reference Manual].
{{{
$ sudo aptitude install php4
}}}

=== Troubleshooting ===
If apache is not actually parsing the php after you restarted it, install {{{libapache2-mod-php4}}}. It should be installed when you install the {{{php4}}} package, but some users have reported that it wasn't for them. You may also need to actually enable it, by doing {{{sudo a2enmod php4}}}

== Installing PHP 5 ==
{{{
$ sudo aptitude install php5
}}}

== Installing MYSQL (with PHP 4) ==
{{{
$ sudo aptitude install mysql-server
$ sudo aptitude install libapache2-mod-auth-mysql
$ sudo aptitude install php4-mysql
}}}

If you want a powerfull and easy graphical interface:
{{{
$sudo aptitude install phpmyadmin
}}}
'''If you get blowfish_secret error:'''
Choose and set a phrase for cryptography in the file /etc/phpmyadmin/blowfish_secret.inc.php and copy the line (not the php tags) into the file /etc/phpmyadmin/config.inc.php or you will receive an error.


Mysql provides a simple graphical interface that sometimes is not very effective.However you can install:
{{{
$ sudo aptitude install mysql-admin
}}}


== Installing MYSQL (with PHP 5) ==
{{{
$ sudo aptitude install mysql-server
$ sudo aptitude install libapache2-mod-auth-mysql
$ sudo aptitude install php5-mysql
}}}

If you want a powerfull and easy graphical interface:
{{{
$sudo aptitude install phpmyadmin
}}}
'''If you get blowfish_secret error:'''
Choose and set a phrase for cryptography in the file /etc/phpmyadmin/blowfish_secret.inc.php and copy the line (not the php tags) into the file /etc/phpmyadmin/config.inc.php or you will receive an error.


Mysql provides a simple graphical interface that sometimes is not very effective.However you can install:
{{{
$ sudo aptitude install mysql-admin
}}}


=== After installing MySQL ===
Type this for creating standard configuration:
{{{
cd /usr
sudo ./bin/mysql_install_db --user=mysql
}}}

The first for accessing the database by console you need to type:
{{{
sudo mysql -u root
}}}

At the mysql console type:
{{{
mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('yourpassword');
}}}

For creating a new user at mysql prompt type:
{{{mysql> GRANT ALL PRIVILEGES ON *.* TO 'yourusername'@'localhost' IDENTIFIED BY 'yourpassword' WITH GRANT OPTION;
}}}

To exit the mysql prompt type:
{{{
mysql> \q
}}}

''For more information''
You really ought to read [http://dev.mysql.com/doc/mysql/en/default-privileges.html 2.9.3. Securing the Initial MySQL Accounts] from the [http://dev.mysql.com/doc/mysql/en/index.html MySQL Reference Manual].


Line 35: Line 108:
$ sudo gedit /etc/apache2/apache2.conf $ gksudo "gedit /etc/apache2/apache2.conf"
Line 40: Line 113:
Configuration options relating specifically to user websites (accessed through localhost/~username) are in /etc/apache2/mods-enabled/userdir.conf.
Line 43: Line 118:
$ sudo gedit /etc/php4/apache2/php.ini
}}}
$ gksudo "gedit /etc/php4/apache2/php.ini"
}}}
or if you are using php5
{{{
$ gksudo "gedit /etc/php5/apache2/php.ini"
}}}
Line 47: Line 127:
== Run, stop, and restart Apache == == Run, Stop, And Restart Apache ==
Line 60: Line 140:
== Using Apache ==
You can acces apache by typing 127.0.0.1 (by default it will be listening on port 80) in your browser address bar.
By default the directory for apache server pages is /var/www .
Line 64: Line 147:
 $ sudo gedit /var/www/testphp.php  $ gksudo "gedit /var/www/testphp.php"
Line 74: Line 157:
Line 76: Line 158:

{{{
sudo gedit /etc/apache2/ports.conf
password:
{{{
$ gksudo "gedit /etc/apache2/ports.conf"
$ password:
Line 88: Line 169:

== Password-Protect a Directory With .htaccess ==
Create a file called {{{.htaccess}}} in the directory you want to password-protect with the follwing content:
{{{
AuthUserFile /your/path/.htpasswd
AuthName "Authorization Required"
AuthType Basic
require valid-user
}}}
instead of {{{valid-user}}}, you can also add the users you want directly

If you want to password protect just a single file in a folder add the following lines to the {{{.htaccess}}} file:
{{{
<Files "mypage.html">
  Require valid-user
</Files>
}}}

Then create the file {{{/your/path/.htpasswd}}} which contains the users that are allowed to login and their passwords. We do that with the {{{htpasswd}}} command:
{{{
htpasswd -c /path/to/your/.htpasswd user1
}}}
The {{{-c}}} flag is used only when you are creating a new file. After the first time, you will omit the {{{-c}}} flag, when you are adding new users to an already-existing password file. Otherwise you will overwrite the file!!

Nevertheless, you should store the file in as secure a location as possible, with whatever minimum permissions on the file so that the web server itself can read the file.

Finally we need to add the following lines to {{{/etc/apache2/apache2.conf}}}:
{{{
<Directory /your/path>
AllowOverride All
</Directory>
}}}

You have to adjust {{{/your/path/.htpasswd}}}

Restart your webserver:
{{{
sudo /etc/init.d/apache2 restart
}}}

=== Troubleshooting ===
If you can't access your stuff and the dialog keeps popping up, check that you entered the username and password correctly. If it still doesn't work, check the path to your {{{.htpasswd}}} and make sure the path specified in the {{{AuthUserFile directive}}} is correct. Also make sure that both the {{{.htpasswd}}} and {{{.htaccess}}} files are readable by the web server user
{{{chmod 644}}} should do the trick!

=== Example ===
Here is an example on how to prevent users from access the directory, password-protect a specific file and allow userse to view a specific file:
{{{
AuthUserFile /your/path/.htpasswd
AuthName "Authorization Required"
AuthType Basic
Order Allow,Deny
<Files myfile1.html>
 Order Allow,Deny
 require valid-user
</Files>

<Files myfile2.html>
 Order Deny,Allow
</Files>
}}}

== Apache Tomcat 5 ==
Jakarta Tomcat, a Java servlet container is now part of the Apache family under the name of Apache Tomcat. It can be installed in Ubuntu 6.06 (Dapper Drake) following the steps below.

=== Needed before installing Apache Tomcat ===
1. Java virtual machine working
follow this link RestrictedFormats paying attention to download the JDK and not the SDK.

2. Set Java environment variables this way:
{{{
$ export JAVA_HOME="path of your java home"
$ export PATH=$PATH:$JAVA_HOME/bin
}}}

=== Installing Apache Tomcat 5 ===
{{{
$ sudo aptitude install tomcat5 tomcat5-admin tomcat5-webapps
}}}

=== Run, Stop, And Restart Apache Tomcat ===
Use the following command to run Apache Tomcat:
{{{
$ sudo /etc/init.d/tomcat5 start
}}}
To stop it, use :
{{{
$ sudo /etc/init.d/tomcat5 stop
}}}
Finally, to restart it, run :
{{{
$ sudo /etc/init.d/tomcat5 restart
}}}

=== Using Tomcat5 ===
You can find tomcat up and running (if you have followed the previous steps) at the following ip:
{{{ 127.0.0.1:8180
}}}

=== Administering Tomcat5 ===
If you have installed also the admin package as listed before you will be able to enter in the administation window only if you edit the file
{{{
$ /usr/share/tomcat5/conf/tomcat-users.xml
}}}

and add the following lines for creating new users with admin and manager privilegies as described in Tomcat's main page

{{{
  <role rolename="manager"/>
  <role rolename="admin"/>
<user username="YOUR USERNAME " password="YOUR PASSWORD" roles="admin,manager"/>
}}}
Obviously if you want only one kind of role you've to delete the one you are not interested in. Example only admin
{{{
   <role rolename="admin"/>
<user username="YOUR USERNAME " password="YOUR PASSWORD" roles="admin"/>
}}}
=== Installing new servlet or jsp pages in Tomcat5 ===
Using the Tomcat manager included in the installed packages you'll be able to to control your servlet/jsp properly.

1.Enter in your server (by default 127.0.0.1:8180).

2.Enter in the Tomcat manager page (you find the link on the left) typing username and password chosen in the previous step.

3.Search the section ''Deploy'' and in the field ''WAR or Directory URL''
type:
{{{
   file://YOUR SERVLET or JSP PAGE DIRECTORY
}}}
Usually servlet/jsp pages are located in the directory ''/usr/share/tomcat5/webapps''.


== Other Apache Options ==
 * ServerSideIncludes - enable SSI in Apache2
 * LocalhostSubdomain - access your local files as if you had different subdomains
Line 91: Line 306:

 * StrongPasswords is recommended reading!
 * BastilleLinux is also recommended if you're going to be running a live webserver.

This is to help people setup and install a [http://en.wikipedia.org/wiki/LAMP_%28software_bundle%29 LAMP] (Linux-Apache-MySQL-PHP) server in Ubuntu, including Apache 2, PHP 4, and MySQL 4.1, as well as Java support with Apache Tomcat 5.

With the release of Ubuntu 5.10 (Breezy Badger) in October 2005 PHP5 is now available through the repositories, although PHP5 information has not yet been added here. MYSQL 5.0 can still only be installed by compiling. In Dapper, MYSQL 5.0 now exists as a package. See the bottom of this document for further info. Also in 6.06 (Dapper Drake) you have the option of choosing to install a LAMP setup at the inital Ubuntu installation screen.

Check Repositories

The Universe repository needs to be enabled to install Apache. Please see AddingRepositoriesHowto for details.

Also, you should be familiar with using sudo - please see RootSudo for details.

Installing Apache 2

$ sudo aptitude install apache2

Installing PHP 4

$ sudo aptitude install php4

Troubleshooting

If apache is not actually parsing the php after you restarted it, install libapache2-mod-php4. It should be installed when you install the php4 package, but some users have reported that it wasn't for them. You may also need to actually enable it, by doing sudo a2enmod php4

Installing PHP 5

$ sudo aptitude install php5

Installing MYSQL (with PHP 4)

$ sudo aptitude install mysql-server
$ sudo aptitude install libapache2-mod-auth-mysql
$ sudo aptitude install php4-mysql

If you want a powerfull and easy graphical interface:

$sudo aptitude install phpmyadmin

If you get blowfish_secret error: Choose and set a phrase for cryptography in the file /etc/phpmyadmin/blowfish_secret.inc.php and copy the line (not the php tags) into the file /etc/phpmyadmin/config.inc.php or you will receive an error.

Mysql provides a simple graphical interface that sometimes is not very effective.However you can install:

$ sudo aptitude install mysql-admin

Installing MYSQL (with PHP 5)

$ sudo aptitude install mysql-server
$ sudo aptitude install libapache2-mod-auth-mysql
$ sudo aptitude install php5-mysql

If you want a powerfull and easy graphical interface:

$sudo aptitude install phpmyadmin

If you get blowfish_secret error: Choose and set a phrase for cryptography in the file /etc/phpmyadmin/blowfish_secret.inc.php and copy the line (not the php tags) into the file /etc/phpmyadmin/config.inc.php or you will receive an error.

Mysql provides a simple graphical interface that sometimes is not very effective.However you can install:

$ sudo aptitude install mysql-admin

After installing MySQL

Type this for creating standard configuration:

cd /usr
sudo ./bin/mysql_install_db --user=mysql

The first for accessing the database by console you need to type:

sudo mysql -u root

At the mysql console type:

mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('yourpassword');

For creating a new user at mysql prompt type: {{{mysql> GRANT ALL PRIVILEGES ON *.* TO 'yourusername'@'localhost' IDENTIFIED BY 'yourpassword' WITH GRANT OPTION; }}}

To exit the mysql prompt type:

mysql> \q

For more information You really ought to read [http://dev.mysql.com/doc/mysql/en/default-privileges.html 2.9.3. Securing the Initial MySQL Accounts] from the [http://dev.mysql.com/doc/mysql/en/index.html MySQL Reference Manual].

Edit Apache Configuration

You may want your current user to be the PHP pages administrator. To do so, edit the Apache configuration file :

$ gksudo "gedit /etc/apache2/apache2.conf"

Search both the strings starting by "User" and "Group", and change the names by the current username and groupname you are using. Then you'll need to restart Apache. (look at the next chapter concerning apache commands)

Configuration options relating specifically to user websites (accessed through localhost/~username) are in /etc/apache2/mods-enabled/userdir.conf.

Edit PHP Configuration to Work With MYSQL

You may need to edit the PHP configuration file to get PHP and MYSQL talking :

$ gksudo "gedit /etc/php4/apache2/php.ini"

or if you are using php5

$ gksudo "gedit /etc/php5/apache2/php.ini"

Remove the ";" for the line ";extension=mysql.so", and restart Apache as is stated below.

Run, Stop, And Restart Apache

Use the following command to run Apache :

$ sudo /usr/sbin/apache2ctl start

To stop it, use :

$ sudo /usr/sbin/apache2ctl stop

Finally, to restart it, run :

$ sudo /usr/sbin/apache2ctl restart

Using Apache

You can acces apache by typing 127.0.0.1 (by default it will be listening on port 80) in your browser address bar. By default the directory for apache server pages is /var/www .

Status

To check the status of your PHP installation:

 $ gksudo "gedit /var/www/testphp.php"

and insert the following line

 <?php phpinfo(); ?>

View this page on a web browser, at http://yourserveripaddress/testphp.php or http://localhost/testphp.php

Securing Apache

If you just want to run your Apache install as a development server and want to prevent it from listening for incoming connection attempts, this is easy to do.

$ gksudo "gedit /etc/apache2/ports.conf"
$ password:

Change ports.conf so that it contains:

Listen 127.0.0.1:80

Save this file, and restart Apache (see above). Now Apache will serve only to your home domain, http://127.0.0.1 or http://localhost.

Password-Protect a Directory With .htaccess

Create a file called .htaccess in the directory you want to password-protect with the follwing content:

AuthUserFile /your/path/.htpasswd
AuthName "Authorization Required"
AuthType Basic
require valid-user

instead of valid-user, you can also add the users you want directly

If you want to password protect just a single file in a folder add the following lines to the .htaccess file:

<Files "mypage.html">
  Require valid-user
</Files>

Then create the file /your/path/.htpasswd which contains the users that are allowed to login and their passwords. We do that with the htpasswd command:

htpasswd -c /path/to/your/.htpasswd user1

The -c flag is used only when you are creating a new file. After the first time, you will omit the -c flag, when you are adding new users to an already-existing password file. Otherwise you will overwrite the file!!

Nevertheless, you should store the file in as secure a location as possible, with whatever minimum permissions on the file so that the web server itself can read the file.

Finally we need to add the following lines to /etc/apache2/apache2.conf:

<Directory /your/path>
AllowOverride All
</Directory>

You have to adjust /your/path/.htpasswd

Restart your webserver:

sudo /etc/init.d/apache2 restart

Troubleshooting

If you can't access your stuff and the dialog keeps popping up, check that you entered the username and password correctly. If it still doesn't work, check the path to your .htpasswd and make sure the path specified in the AuthUserFile directive is correct. Also make sure that both the .htpasswd and .htaccess files are readable by the web server user chmod 644 should do the trick!

Example

Here is an example on how to prevent users from access the directory, password-protect a specific file and allow userse to view a specific file:

AuthUserFile /your/path/.htpasswd
AuthName "Authorization Required"
AuthType Basic
Order Allow,Deny
<Files myfile1.html>
 Order Allow,Deny
 require valid-user
</Files>

<Files myfile2.html>
 Order Deny,Allow
</Files>

Apache Tomcat 5

Jakarta Tomcat, a Java servlet container is now part of the Apache family under the name of Apache Tomcat. It can be installed in Ubuntu 6.06 (Dapper Drake) following the steps below.

Needed before installing Apache Tomcat

1. Java virtual machine working follow this link RestrictedFormats paying attention to download the JDK and not the SDK.

2. Set Java environment variables this way:

$ export JAVA_HOME="path of your java home"
$ export PATH=$PATH:$JAVA_HOME/bin

Installing Apache Tomcat 5

$ sudo aptitude install tomcat5 tomcat5-admin tomcat5-webapps

Run, Stop, And Restart Apache Tomcat

Use the following command to run Apache Tomcat:

$ sudo /etc/init.d/tomcat5 start

To stop it, use :

$ sudo /etc/init.d/tomcat5 stop

Finally, to restart it, run :

$ sudo /etc/init.d/tomcat5 restart

Using Tomcat5

You can find tomcat up and running (if you have followed the previous steps) at the following ip: {{{ 127.0.0.1:8180 }}}

Administering Tomcat5

If you have installed also the admin package as listed before you will be able to enter in the administation window only if you edit the file

$ /usr/share/tomcat5/conf/tomcat-users.xml

and add the following lines for creating new users with admin and manager privilegies as described in Tomcat's main page

  <role rolename="manager"/>
  <role rolename="admin"/>
<user username="YOUR USERNAME " password="YOUR PASSWORD" roles="admin,manager"/>

Obviously if you want only one kind of role you've to delete the one you are not interested in. Example only admin

   <role rolename="admin"/>
<user username="YOUR USERNAME " password="YOUR PASSWORD" roles="admin"/>

Installing new servlet or jsp pages in Tomcat5

Using the Tomcat manager included in the installed packages you'll be able to to control your servlet/jsp properly.

1.Enter in your server (by default 127.0.0.1:8180).

2.Enter in the Tomcat manager page (you find the link on the left) typing username and password chosen in the previous step.

3.Search the section Deploy and in the field WAR or Directory URL type:

   file://YOUR SERVLET or JSP PAGE DIRECTORY

Usually servlet/jsp pages are located in the directory /usr/share/tomcat5/webapps.

Other Apache Options

Further Information

You can compile PHP5FromSource, as well as MYSQL5FromSource.


CategoryDocumentation

ApacheMySQLPHP (last edited 2008-08-06 16:21:08 by localhost)