Install and configure LAMP (Linux Apache MySql Php 5.4) stack with multiple virtual hosts on CentOS 7

There are many control panels that can correctly set up a “generic” LAMP system on any Linux distribution. Other payouts are compatible even on other platforms such as Windows platforms.

Many of the commands in this guide can only be aggregated into one, but I preferred to divide them to help identify any errors. This guide has been tested step by step. This guide assumes that you have installed a centos 7 system with the configured network.

If you have sudo installed put the word “sudo” before the commands.

Configure the firewall

First of all you must be sure that your net accept the request on a certain ports. If you have a router or a most complex network i advise you to read a post about the network theory or a post to configure the virtual servers on a router to routing the traffic to certain ports. Here i assume that you have a public address in a server available on internet. So, you should write this commands on your prompt.

firewall-cmd --permanent --zone=public --add-port=80/tcp
firewall-cmd --permanent --zone=public --add-port=443/tcp
firewall-cmd --runtime-to-permanent
firewall-cmd --reload

Install Apache2

We opened the ports to accept the tcp connections on default apache port http (80) and https (443). Now, we have to install apache2 like simple web server writing this commands on your prompt:

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum -y install epel-release
yum -y install httpd

Start and Enable Apache2

After installing Apache, you must start and enable the service with this commands

systemctl start httpd
systemctl enable httpd

If you put the ip address of server on a browser you should see the wellcome apache test page.

Configure the virtual hosts

To configure virtual hosts on CentOS you should deactivate the selinux or you receive an error. To temporary deactivate avoiding to reboot the system you can write

setenforce 0
echo 0 > /sys/fs/selinux/enforce

To make sure that this make permanent after next reboot you shoud edit the /etc/sysconfig/selinux and make sure that SELINUX=disabled as shown in this example:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.

Now we just have to create the virtual host configuration file and place it in the /etc/httpd/conf.d/ folder. In this article we will use, for example, the example.com domain. You will need to replace the example.com domain name with your domain name.

So, you have to create the configuration file /etc/httpd/conf.d/example.com.conf and you need to put this:

<VirtualHost *:80>
ServerName www.example.com
DocumentRoot /var/www/example.com
ServerAlias example.com
ErrorLog /var/log/httpd/www.example.com.error.log
CustomLog /var/log/httpd/www.example.com.requests.log combined
<Directory /var/www/example.com>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>

And you have to create the destination folder and the logs folder if it does not already exist:

mkdir -p /var/www/example.com
mkdir -p /var/log/httpd

At this point you need to restart your apache server

apachectl restart

If your domain points to the server correctly, you should see the welcome screen.

Considerations: I read a lot of article about the configuration of virtual hosts for CentOS that recommend you to create a specific folder containing the available site files and a folder containing the enabled site files. This method is used in debian-based distributions and it allows you to disable and enable a site by simply acting on symbolic links. But this is an article about CentOS, so we will follow CentOS and RedHat-based distributions way.

Install and configure Certbot (letsencrypt) for https support (optional and recomended)

Whether the site is dynamic or transmitting sensitive information is a good idea to encrypt the data flow. Once, the certificates for sites were very expensive but there is now a way to get them free. You must be sure that your DNS point to your server.

The first thing you have to do is the installation of apache modules for ssl

yum -y install mod_ssl
yum -y install openssl

And install the certbot program

yum -y install python-certbot-apache

To work, https must have valid certificates, so let’s start creating our first self signed certificate

mkdir -p /etc/ssl/private
chmod 700 /etc/ssl/private
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt

For this time, you can leave blank all answers and you have to wait the end of the certificate. Since certbot checks if the Apache configuration is correct, we need to add the virtual host for the https protocol at the end of file /etc/httpd/conf.d/example.com.conf

<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
ServerName www.example.com
DocumentRoot /var/www/example.com
ServerAlias example.com
ErrorLog /var/log/httpd/www.example.com.error.ssl.log
CustomLog /var/log/httpd/www.example.com.requests.ssl.log combined
<Directory /var/www/example.com>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>

Now we can create the certificate with certbot. Remember that if you have services like cloudflare, you must pause temporary the service.

apachectl stop
certbot certonly --standalone -d example.com -d www.example.com
apachectl start

Now your domain should also be viewable from https://www.example.com . If you want that users will be automatically redirect to https you can modify your http virtual host /etc/httpd/conf.d/example.com.conf file adding the line Redirect “/” “https://www.example.com/”

<VirtualHost *:80>
ServerName www.example.com
DocumentRoot /var/www/example.com
ServerAlias example.com
Redirect "/" "https://www.example.com/"

ErrorLog /var/log/httpd/www.example.com.error.log
CustomLog /var/log/httpd/www.example.com.requests.log combined
<Directory /var/www/example.com>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>

If you use services like cloudflare or other kind of service like it. And if you use other methods to redirect you do not have to use this option or you’ll have an infinite loop of redirects that will make a mistake in your browser.

Install MariaDB (for MySql)

To install the mysql server MariaDB you need to write this command

yum -y install mariadb-server mariadb

So you have to start and enable the server

systemctl start mariadb
systemctl enable mariadb

Now mariadb is installed but you should make the installation safe because the database now has users and set ups to help developers work. To do this you simply write the command

mysql_secure_installation

You have to choose the recommended settings and you have to add a password to your mysql root account.

Considerations: CenOS chose to use the MariaDB for the MySql server as well. However, I must tell you that this could be a problem when importing data from another mysql community release server. If you do not know the differences and issues, I suggest you read an article about how to migrate data from a mysql community release server to a mysql mariadb server or vice versa, an article about how to migrate data from a mysql mariadb server to a mysql community release server.

Install PHP and Modules for most common CMS

To use mysql, apache needs an intermediate program that in our case is php. To install php with mysql support and the most used modules from the most popular cms type these commands

yum -y install php
yum -y install php-opcache
yum -y install php-common
yum -y install php-fpm
yum -y install php-pear
yum -y install php-mysql
yum -y install php-cli
yum -y install php-gd
yum -y install php-odbc
yum -y install php-xml
yum -y install php-xmlrpc
yum -y install php-mbstring
yum -y install php-snmp
yum -y install php-soap
yum -y install php-mcrypt

If you need to install other modules you can search them with the command

yum search php-

You can also filter the results with the grep command. If, for example, I want to look for modules related to pecl, I just need to write

yum search php- | grep pecl

Considerations: CentOS is a stable and conservative system. The packages you can install with traditional repos are tested. To install the latest versions, you should import other repos. If you do not have the need to install the latest php versions, I advise you to respect CentOS’s choice. If you need to install php version 7, I suggest you read an article about Install and configure LAMP (Linux Apache MySql Php 7) stack with multiple virtual hosts on CentOS 7.

# DISCLAIMER (you never know): If you do not know exactly what you are doing, you should try it on a test server to avoid damaging, total or partial disruption and/or damages! I’m not responsible for anything, this is a guide that lends itself to continuous improvements with your help.

Leave a Reply

%d bloggers like this: