Difference between revisions of "Configuring a LAMPP server for PHP development/Linux desktop"
From Joomla! Documentation
< Configuring a LAMPP server for PHP development
(→Apache Web Sites Configuration Files: Added the missing word, "contains.") |
m (copyediting) |
||
(3 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | {{ | + | {{copyedit}} |
− | |||
− | |||
− | |||
− | |||
This article provides detailed instructions for configuring a LAMPP server, not only for Joomla! it also should work fine for PHP development in general. | This article provides detailed instructions for configuring a LAMPP server, not only for Joomla! it also should work fine for PHP development in general. | ||
Line 17: | Line 13: | ||
*Open a terminal and type: | *Open a terminal and type: | ||
− | < | + | <pre>sudo apt-get install apache2 php5-mysql libapache2-mod-php5 mysql-server phpmyadmin php5-curl</pre> |
*Say yes [Y] when the package manager ask you download and install the packages. This step will take some time depending on your connection speed. | *Say yes [Y] when the package manager ask you download and install the packages. This step will take some time depending on your connection speed. | ||
Line 28: | Line 24: | ||
=== Apache Installation Test === | === Apache Installation Test === | ||
− | |||
*Open your web browser and type in the address bar "localhost" and press [enter] | *Open your web browser and type in the address bar "localhost" and press [enter] | ||
*Normally Apache display a test page with some text like this: | *Normally Apache display a test page with some text like this: | ||
Line 37: | Line 32: | ||
=== PHP Installation Test === | === PHP Installation Test === | ||
− | |||
To test if PHP server is working lets create a quick test file using the command line. | To test if PHP server is working lets create a quick test file using the command line. | ||
*Open a terminal and type | *Open a terminal and type | ||
− | < | + | <pre>echo "<?php phpinfo(); ?>" | sudo tee /var/www/test.php </pre> |
*Open your web browser and type in the address bar "localhost/test.php" and press [enter] | *Open your web browser and type in the address bar "localhost/test.php" and press [enter] | ||
Line 48: | Line 42: | ||
*Once the PHP server is working fine we don't need that test file anymore, so type the following command in your terminal to delete the file: | *Once the PHP server is working fine we don't need that test file anymore, so type the following command in your terminal to delete the file: | ||
− | < | + | <pre>sudo rm /var/www/test.php</pre> |
=== phpMyAdmin Installation Test === | === phpMyAdmin Installation Test === | ||
− | |||
*Open your web browser and type in the address bar "localhost/phpmyadmin" and press [enter]. | *Open your web browser and type in the address bar "localhost/phpmyadmin" and press [enter]. | ||
*The next thing you should see is the phpMyadmin login page. If not then most likely you skipped or did not mark the option "apache2" at the question "web server that should be automatically configured to run phpmyadmin". To fix this problem just purge the installation and start over again. | *The next thing you should see is the phpMyadmin login page. If not then most likely you skipped or did not mark the option "apache2" at the question "web server that should be automatically configured to run phpmyadmin". To fix this problem just purge the installation and start over again. | ||
Line 60: | Line 53: | ||
== Understanding the Folder Structure == | == Understanding the Folder Structure == | ||
− | |||
There are several folders and files that the LAMP server uses to store the configurations of the LAMP services and to store the files of your hosted websites. | There are several folders and files that the LAMP server uses to store the configurations of the LAMP services and to store the files of your hosted websites. | ||
=== Apache Default Web Site Folder === | === Apache Default Web Site Folder === | ||
− | |||
Location: "/var/www/" | Location: "/var/www/" | ||
Line 77: | Line 68: | ||
=== Apache Configuration Files === | === Apache Configuration Files === | ||
− | |||
Location: "/etc/apache2/apache2.conf" | Location: "/etc/apache2/apache2.conf" | ||
Location: "/etc/apache2/envvars" | Location: "/etc/apache2/envvars" | ||
Line 84: | Line 74: | ||
=== Apache Ports Configuration File === | === Apache Ports Configuration File === | ||
− | |||
Location: "/etc/apache2/ports.conf" | Location: "/etc/apache2/ports.conf" | ||
− | Description: This file configures what port the Apache server will listen to for http requests. | + | Description: This file configures what port the Apache server will listen to for http requests. By default, http requests are assigned to port 80 but you can modify or add more ports. |
=== Apache Log Files === | === Apache Log Files === | ||
− | |||
Location: "/var/log/apache2/" | Location: "/var/log/apache2/" | ||
− | Description: This folder contains several files to keep track of events on your Apache | + | Description: This folder contains several files to keep track of events on your Apache Web server, such as errors in the services, errors in code of your site and failed authentication attempts. This is a good place to look at when something is not working or you suspect someone is trying to breach your server security. |
− | |||
== Configuration == | == Configuration == | ||
− | |||
=== Enabling mod_rewrite === | === Enabling mod_rewrite === | ||
− | |||
The mod_rewrite module uses a rule-based rewriting engine, based on a PCRE regular-expression parser to rewrite requested URLs on the fly. By default, mod_rewrite maps a URL to a filesystem path. However, it can also be used to redirect one URL to another URL, or to invoke an internal proxy fetch. | The mod_rewrite module uses a rule-based rewriting engine, based on a PCRE regular-expression parser to rewrite requested URLs on the fly. By default, mod_rewrite maps a URL to a filesystem path. However, it can also be used to redirect one URL to another URL, or to invoke an internal proxy fetch. | ||
Line 106: | Line 91: | ||
* Open a terminal and type: | * Open a terminal and type: | ||
− | < | + | <pre>sudo a2enmod rewrite</pre> |
* Now that the rewrite module is enabled, we need to restart apache. | * Now that the rewrite module is enabled, we need to restart apache. | ||
− | < | + | <pre>sudo service apache2 restart</pre> |
* done | * done | ||
Line 120: | Line 105: | ||
Open a terminal and type: | Open a terminal and type: | ||
− | < | + | <pre> |
mkdir /home/youruser/lamp/ | mkdir /home/youruser/lamp/ | ||
mkdir /home/youruser/lamp/public_html/ | mkdir /home/youruser/lamp/public_html/ | ||
mkdir /home/youruser/lamp/logs/ | mkdir /home/youruser/lamp/logs/ | ||
− | </ | + | </pre> |
'''NOTE:''' You can place your new site folders at any location you desire; this is just an example. Replace "youruser" with an actual Linux username. | '''NOTE:''' You can place your new site folders at any location you desire; this is just an example. Replace "youruser" with an actual Linux username. | ||
Line 131: | Line 116: | ||
=== Creating the New Site === | === Creating the New Site === | ||
− | |||
To create and enable a new site in your server follow these steps: | To create and enable a new site in your server follow these steps: | ||
Line 138: | Line 122: | ||
*Open a terminal an type: | *Open a terminal an type: | ||
− | < | + | <pre>sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/mydevsite</pre> |
'''NOTE:''' "mydevsite" is the name of the new site used in this example. You can use any other name you like. | '''NOTE:''' "mydevsite" is the name of the new site used in this example. You can use any other name you like. | ||
Line 144: | Line 128: | ||
*Open the site configuration | *Open the site configuration | ||
− | < | + | <pre>sudo gedit /etc/apache2/sites-available/mydevsite</pre> |
*The content of that file should be something like this: | *The content of that file should be something like this: | ||
− | < | + | <pre> |
<VirtualHost *:80> | <VirtualHost *:80> | ||
ServerAdmin webmaster@localhost | ServerAdmin webmaster@localhost | ||
Line 190: | Line 174: | ||
</VirtualHost> | </VirtualHost> | ||
− | </ | + | </pre> |
*Make some modifications to make it looks like this, or simply copy and paste it | *Make some modifications to make it looks like this, or simply copy and paste it | ||
− | < | + | <pre> |
<VirtualHost *:80> | <VirtualHost *:80> | ||
ServerAdmin webmaster@localhost | ServerAdmin webmaster@localhost | ||
Line 236: | Line 220: | ||
</VirtualHost> | </VirtualHost> | ||
− | </ | + | </pre> |
'''NOTE:''' Replace "youruser" with your current user name. | '''NOTE:''' Replace "youruser" with your current user name. | ||
*Save your changes. | *Save your changes. | ||
− | *Now we need to enable the site. | + | *Now we need to enable the site. In a terminal type: |
− | < | + | <pre>sudo a2ensite mydevsite</pre> |
*Lets disable the default site, since we don't need it anymore. | *Lets disable the default site, since we don't need it anymore. | ||
− | < | + | <pre>sudo a2dissite default</pre> |
− | *Restart Apache to complete the process. | + | *Restart Apache to complete the process. In a terminal type: |
− | < | + | <pre>sudo service apache2 restart</pre> |
− | *To test out our new site, lets create a quick test file. | + | *To test out our new site, lets create a quick test file. In a terminal type: |
− | < | + | <pre>echo "<?php echo 'Hello world, today is is: '.date('Y/m/d'); ?>" | tee /home/youruser/lamp/public_html/today.php </pre> |
'''NOTE:''' Replace "yourname" with your current user name. | '''NOTE:''' Replace "yourname" with your current user name. | ||
Line 262: | Line 246: | ||
*If everything is working ok you should see something like this: | *If everything is working ok you should see something like this: | ||
− | < | + | <pre>Hello world, today is is: 2012/05/05</pre> |
=== Enabling Additional Ports === | === Enabling Additional Ports === | ||
− | |||
Note: If you have no plans to show your local site to another person over the Internet just skip this section. | Note: If you have no plans to show your local site to another person over the Internet just skip this section. | ||
− | With the last configuration you should be able to access your page and access it from another computer connected to your LAN. If your computer is connected to Internet and also has an assigned Public IP you can access your site using that IP from any web browser, but for some reason some ISPs does not allow HTTP traffic (HTTP = port 80) over dynamic IPs. | + | With the last configuration you should be able to access your page and access it from another computer connected to your LAN. If your computer is connected to Internet and also has an assigned Public IP you can access your site using that IP from any web browser, but for some reason some ISPs does not allow HTTP traffic (HTTP = port 80) over dynamic IPs. To solve this you just need to configure Apache to reply requests from a different port. In this case we are going to use the port number 8080 which is easy to remember. |
− | If you are using a router to connect to Internet you should have to configure a port forwarding setting on your router to let other people see your local site. | + | If you are using a router to connect to Internet you should have to configure a port forwarding setting on your router to let other people see your local site. Google "how to do port forwarding" on your current router model. If you don't know the difference between a Static IP, Dynamic IP, Private IP and a Public IP, we recommend you to do a Wikipedia reading about these topics. |
*Open a terminal and type: | *Open a terminal and type: | ||
− | < | + | <pre>sudo gedit /etc/apache2/ports.conf</pre> |
*Find the line "listen 80" and insert this line underneath: | *Find the line "listen 80" and insert this line underneath: | ||
− | < | + | <pre>Listen 8080</pre> |
*Save changes. | *Save changes. | ||
Line 284: | Line 267: | ||
*Open your new site configuration. | *Open your new site configuration. | ||
− | < | + | <pre>sudo gedit /etc/apache2/sites-available/mydevsite</pre> |
*Find this directive "<VirtualHost *:80>" and make the following modification. | *Find this directive "<VirtualHost *:80>" and make the following modification. | ||
− | < | + | <pre> <VirtualHost *:80 *:8080> </pre> |
*Save changes. | *Save changes. | ||
− | *Restart Apache to complete the process. | + | *Restart Apache to complete the process. In a terminal type: |
− | < | + | <pre>sudo service apache2 restart</pre> |
− | *To test your new configuration, try to access your site from another computer over Internet. | + | *To test your new configuration, try to access your site from another computer over Internet. Just type your IP in the browser's address bar and press enter. If the request fails, try the new alternative port like this: xxx.xxx.xxx.xxx:8080 |
=== Preventing Ownership and Permissions Problems === | === Preventing Ownership and Permissions Problems === | ||
− | |||
On Linux machines, file permissions are an important thing. Linux uses a mechanism to control what users can do and cannot do about folders, files and even the execution of applications. This mechanism consists of parameters, the ownership and the permissions. | On Linux machines, file permissions are an important thing. Linux uses a mechanism to control what users can do and cannot do about folders, files and even the execution of applications. This mechanism consists of parameters, the ownership and the permissions. | ||
==== Files and Folders Ownership ==== | ==== Files and Folders Ownership ==== | ||
− | |||
Ownership have two parameters: The owner and group. | Ownership have two parameters: The owner and group. | ||
− | The "owner" is who owns the file or folder and is represented by a "user name". | + | The "owner" is who owns the file or folder and is represented by a "user name". In Linux persons, applications and services use usernames. On most Linux distributions, the Apache service runs under the user name "www-data". |
− | The "group" is used to associate users into an logical group. | + | The "group" is used to associate users into an logical group. This figure is useful when an administrator needs to grant or deny permissions to several users with one single command and not user by user. |
==== Files and Folders Permissions ==== | ==== Files and Folders Permissions ==== | ||
− | |||
The permissions have three parameters that represent file and folder permissions for the owner, the group and others. These number range from 0 to 7, and mean the following: | The permissions have three parameters that represent file and folder permissions for the owner, the group and others. These number range from 0 to 7, and mean the following: | ||
Line 319: | Line 299: | ||
* 0 = no permissions at all | * 0 = no permissions at all | ||
− | Note: "Others" represents everybody. | + | Note: "Others" represents everybody. This parameter is used to grant permission to everyone no matter the user or the group they belong to. This parameter should be set with care under certain situations. Granting incorrect permissions to sensitive files and folders can cause security problems. |
For example if we got a file with permissions like this "644", it means (owner=read+write)(group=read)(others=read). | For example if we got a file with permissions like this "644", it means (owner=read+write)(group=read)(others=read). | ||
Line 326: | Line 306: | ||
==== Adding Yourself to the Apache Group and Modifying Permissions ==== | ==== Adding Yourself to the Apache Group and Modifying Permissions ==== | ||
− | |||
For this example, your username will be "youruser". On most Linux distributions, the Apache service runs on the user "www-data" and the group "www-data". We need to include our user "youruser" in the "www-data" group to be able to set permissions to the Web server files and have no problems when we have to edit them. | For this example, your username will be "youruser". On most Linux distributions, the Apache service runs on the user "www-data" and the group "www-data". We need to include our user "youruser" in the "www-data" group to be able to set permissions to the Web server files and have no problems when we have to edit them. | ||
*To add "youruser" to the Apache group, open a terminal and type: | *To add "youruser" to the Apache group, open a terminal and type: | ||
− | < | + | <pre>sudo adduser youruser www-data</pre> |
*Now we need to change the owner and group of all our Web server files to owner "www-data" and group "www-data". | *Now we need to change the owner and group of all our Web server files to owner "www-data" and group "www-data". | ||
− | < | + | <pre>sudo chown -R www-data:www-data /home/youruser/lamp/public_html</pre> |
*Finally we have to set the correct folder permission so both Apache and our user can edit the files with no problems. On a terminal type: | *Finally we have to set the correct folder permission so both Apache and our user can edit the files with no problems. On a terminal type: | ||
− | < | + | <pre>sudo chmod -R 775 /home/youruser/lamp/public_htm</pre> |
==== Common Problems and Confusions ==== | ==== Common Problems and Confusions ==== | ||
+ | When Joomla creates files on extension installations or any other operation, it uses the default mask 755 for folders and 644 for files. These permissions are correct and secure for production servers but it will give us problems on our local server because our editor will not be able to edit those files and folders. To fix these problems, simply run again these two commands: | ||
− | + | <pre>sudo chmod -R 775 /home/youruser/lamp/public_htm</pre> | |
− | + | In the case you manually move files from your personal folders to the server web folder "public_html" those new files most likely will be owned by your username. This can cause problems if the server needs to modify or delete information. To prevent this problem, every time you move or copy information to your server web folder you have to set the correct owner and group permissions for all those new files. Open a terminal and run this command: | |
− | + | <pre>sudo chown -R www-data:www-data /home/youruser/lamp/public_html</pre> | |
− | |||
− | < | ||
Note: If your server has too many files, these commands could be slow but you can always set a more specific path to apply permission in less files. | Note: If your server has too many files, these commands could be slow but you can always set a more specific path to apply permission in less files. | ||
=== Other Configurations === | === Other Configurations === | ||
− | |||
*Open a terminal and type: | *Open a terminal and type: | ||
− | < | + | <pre> sudo gedit /etc/php5/apache2/php.ini </pre> |
*Find the line: | *Find the line: | ||
− | < | + | <pre>output_buffering =</pre> |
*Set the value to "= Off". | *Set the value to "= Off". | ||
Line 367: | Line 344: | ||
*Find the line: | *Find the line: | ||
− | < | + | <pre>post_max_size =</pre> |
*Set the value to "= 20M". | *Set the value to "= 20M". | ||
Line 373: | Line 350: | ||
*Find the line: | *Find the line: | ||
− | < | + | <pre>upload_max_filesize =</pre> |
*Set the value to "= 20M". | *Set the value to "= 20M". | ||
Line 381: | Line 358: | ||
*Type in your terminal: | *Type in your terminal: | ||
− | < | + | <pre>sudo service apache2 restart</pre> |
=== Enforcing Security === | === Enforcing Security === | ||
Line 390: | Line 367: | ||
*Open a terminal and type: | *Open a terminal and type: | ||
− | < | + | <pre>sudo apt-get install gufw</pre> |
Note: You can also install the application from the Software Manager. | Note: You can also install the application from the Software Manager. |
Revision as of 09:31, 16 October 2014
This article has been tagged and requires copy editing for grammar, style, cohesion, tone, or spelling. Please help maintain and improve our documentation by editing it.
This article provides detailed instructions for configuring a LAMPP server, not only for Joomla! it also should work fine for PHP development in general.
Theses instructions should work fine on any Debian based distribution such as Debian, Ubuntu, LinuxMint, Xubuntu, Kbuntu and others.
NOTE:To complement the security of your computer install a firewall to block external incoming traffic to your web service, you may also have to change some directives on your site configuration file to only serve request to the localhost address.
Installation[edit]
NOTE: You need a stable Internet connection for this tutorial, if you previously tried to install the LAMP stack and failed for any reason visit this page and follow the instruction here to delete any server configuration and start from scratch "How to remove the LAMP stack"
The installation of a LAMPP server on Linux is extremely easy. Just follow these instructions:
- Open a terminal and type:
sudo apt-get install apache2 php5-mysql libapache2-mod-php5 mysql-server phpmyadmin php5-curl
- Say yes [Y] when the package manager ask you download and install the packages. This step will take some time depending on your connection speed.
- At some point the installer will ask you for the MySQL root password. Use any password you like. For this example we are going to use "myadmin".
- The installer will ask for "the web server that should be automatically configured to run phpmyadmin". Press [spacebar] to choose "apache2" and press [enter]. NOTE: make sure the selection is marked with and asterisk [*].
- The installer will ask for "Configure database for phpmyadmin with dbconfig-common". Choose "<yes>" and press [enter].
- The installer will ask for "password of the database's administrative user". Use any password you like, but for this example we are going to use "myadmin".
- The installer will ask for "mysql application password for phpmyadmin". Use any password you like, but for this example we are going to use "myadmin".
- If no errors have being displayed then the installation is finished.
Apache Installation Test[edit]
- Open your web browser and type in the address bar "localhost" and press [enter]
- Normally Apache display a test page with some text like this:
It works! This is the default web page for this server. The web server software is running but no content has been added, yet.
PHP Installation Test[edit]
To test if PHP server is working lets create a quick test file using the command line.
- Open a terminal and type
echo "<?php phpinfo(); ?>" | sudo tee /var/www/test.php
- Open your web browser and type in the address bar "localhost/test.php" and press [enter]
- The next thing you should see in your browser is a really long page displaying information about the PHP server, if not, the installation was not successful.
- Once the PHP server is working fine we don't need that test file anymore, so type the following command in your terminal to delete the file:
sudo rm /var/www/test.php
phpMyAdmin Installation Test[edit]
- Open your web browser and type in the address bar "localhost/phpmyadmin" and press [enter].
- The next thing you should see is the phpMyadmin login page. If not then most likely you skipped or did not mark the option "apache2" at the question "web server that should be automatically configured to run phpmyadmin". To fix this problem just purge the installation and start over again.
- Login to phpmyadmin with the following credentials
- username = root
- password = myadmin
- You should be able to login normally and have no error messages at all.
Understanding the Folder Structure[edit]
There are several folders and files that the LAMP server uses to store the configurations of the LAMP services and to store the files of your hosted websites.
Apache Default Web Site Folder[edit]
Location: "/var/www/"
Description: by default the Apache server enables a test website and store the website files in that location. So every time you visit the page http://localhost, the browser displays the page located at "/var/www/".
With your file browser navigate to "/var/www/". There should be a file called "index.html". Change the content of the file for whatever you want and refresh the web page to see the changes.
Apache Web Sites Configuration Files[edit]
Location: /etc/apache2/sites-available/
Description: You can host multiples sites in the same server. This folder contains a configuration file for each site.
Apache Configuration Files[edit]
Location: "/etc/apache2/apache2.conf" Location: "/etc/apache2/envvars"
Description: These files contain very important information about the Apache service.
Apache Ports Configuration File[edit]
Location: "/etc/apache2/ports.conf"
Description: This file configures what port the Apache server will listen to for http requests. By default, http requests are assigned to port 80 but you can modify or add more ports.
Apache Log Files[edit]
Location: "/var/log/apache2/"
Description: This folder contains several files to keep track of events on your Apache Web server, such as errors in the services, errors in code of your site and failed authentication attempts. This is a good place to look at when something is not working or you suspect someone is trying to breach your server security.
Configuration[edit]
Enabling mod_rewrite[edit]
The mod_rewrite module uses a rule-based rewriting engine, based on a PCRE regular-expression parser to rewrite requested URLs on the fly. By default, mod_rewrite maps a URL to a filesystem path. However, it can also be used to redirect one URL to another URL, or to invoke an internal proxy fetch.
For more information, visit http://httpd.apache.org/docs/current/mod/mod_rewrite.html
- Open a terminal and type:
sudo a2enmod rewrite
- Now that the rewrite module is enabled, we need to restart apache.
sudo service apache2 restart
- done
Deploying a New Site Folder Structure[edit]
By default the Web server is hosting the files in the location "/var/www", but for security reasons and to avoid ownership problems, we are going to use another place to host our Website files.
Let's create a new folder to store the Web files and the log files of the site.
Open a terminal and type:
mkdir /home/youruser/lamp/ mkdir /home/youruser/lamp/public_html/ mkdir /home/youruser/lamp/logs/
NOTE: You can place your new site folders at any location you desire; this is just an example. Replace "youruser" with an actual Linux username.
To store the Web site files we are going to use the folder "public_html". For our log files, we are going to use the folder "logs".
Creating the New Site[edit]
To create and enable a new site in your server follow these steps:
NOTE: gedit is a common Linux editor but you can use any other alternative you like such as geany, nano, vim, pico, etc...
- Open a terminal an type:
sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/mydevsite
NOTE: "mydevsite" is the name of the new site used in this example. You can use any other name you like.
- Open the site configuration
sudo gedit /etc/apache2/sites-available/mydevsite
- The content of that file should be something like this:
<VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> </VirtualHost>
- Make some modifications to make it looks like this, or simply copy and paste it
<VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /home/youruser/lamp/public_html <Directory /> Options FollowSymLinks AllowOverride All </Directory> <Directory /home/youruser/lamp/public_html> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride All Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /home/youruser/lamp/logs/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /home/youruser/lamp/logs/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride All Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> </VirtualHost>
NOTE: Replace "youruser" with your current user name.
- Save your changes.
- Now we need to enable the site. In a terminal type:
sudo a2ensite mydevsite
- Lets disable the default site, since we don't need it anymore.
sudo a2dissite default
- Restart Apache to complete the process. In a terminal type:
sudo service apache2 restart
- To test out our new site, lets create a quick test file. In a terminal type:
echo "<?php echo 'Hello world, today is is: '.date('Y/m/d'); ?>" | tee /home/youruser/lamp/public_html/today.php
NOTE: Replace "yourname" with your current user name.
- Open your browser an navigate to "localhost/today.php".
- If everything is working ok you should see something like this:
Hello world, today is is: 2012/05/05
Enabling Additional Ports[edit]
Note: If you have no plans to show your local site to another person over the Internet just skip this section.
With the last configuration you should be able to access your page and access it from another computer connected to your LAN. If your computer is connected to Internet and also has an assigned Public IP you can access your site using that IP from any web browser, but for some reason some ISPs does not allow HTTP traffic (HTTP = port 80) over dynamic IPs. To solve this you just need to configure Apache to reply requests from a different port. In this case we are going to use the port number 8080 which is easy to remember.
If you are using a router to connect to Internet you should have to configure a port forwarding setting on your router to let other people see your local site. Google "how to do port forwarding" on your current router model. If you don't know the difference between a Static IP, Dynamic IP, Private IP and a Public IP, we recommend you to do a Wikipedia reading about these topics.
- Open a terminal and type:
sudo gedit /etc/apache2/ports.conf
- Find the line "listen 80" and insert this line underneath:
Listen 8080
- Save changes.
- Open your new site configuration.
sudo gedit /etc/apache2/sites-available/mydevsite
- Find this directive "<VirtualHost *:80>" and make the following modification.
<VirtualHost *:80 *:8080>
- Save changes.
- Restart Apache to complete the process. In a terminal type:
sudo service apache2 restart
- To test your new configuration, try to access your site from another computer over Internet. Just type your IP in the browser's address bar and press enter. If the request fails, try the new alternative port like this: xxx.xxx.xxx.xxx:8080
Preventing Ownership and Permissions Problems[edit]
On Linux machines, file permissions are an important thing. Linux uses a mechanism to control what users can do and cannot do about folders, files and even the execution of applications. This mechanism consists of parameters, the ownership and the permissions.
Files and Folders Ownership[edit]
Ownership have two parameters: The owner and group.
The "owner" is who owns the file or folder and is represented by a "user name". In Linux persons, applications and services use usernames. On most Linux distributions, the Apache service runs under the user name "www-data".
The "group" is used to associate users into an logical group. This figure is useful when an administrator needs to grant or deny permissions to several users with one single command and not user by user.
Files and Folders Permissions[edit]
The permissions have three parameters that represent file and folder permissions for the owner, the group and others. These number range from 0 to 7, and mean the following:
- 4 = permission to read
- 2 = permission to write
- 1 = permission to execute
- 0 = no permissions at all
Note: "Others" represents everybody. This parameter is used to grant permission to everyone no matter the user or the group they belong to. This parameter should be set with care under certain situations. Granting incorrect permissions to sensitive files and folders can cause security problems.
For example if we got a file with permissions like this "644", it means (owner=read+write)(group=read)(others=read).
To get more information about the Linux file systems and file permissions read this article.
Adding Yourself to the Apache Group and Modifying Permissions[edit]
For this example, your username will be "youruser". On most Linux distributions, the Apache service runs on the user "www-data" and the group "www-data". We need to include our user "youruser" in the "www-data" group to be able to set permissions to the Web server files and have no problems when we have to edit them.
- To add "youruser" to the Apache group, open a terminal and type:
sudo adduser youruser www-data
- Now we need to change the owner and group of all our Web server files to owner "www-data" and group "www-data".
sudo chown -R www-data:www-data /home/youruser/lamp/public_html
- Finally we have to set the correct folder permission so both Apache and our user can edit the files with no problems. On a terminal type:
sudo chmod -R 775 /home/youruser/lamp/public_htm
Common Problems and Confusions[edit]
When Joomla creates files on extension installations or any other operation, it uses the default mask 755 for folders and 644 for files. These permissions are correct and secure for production servers but it will give us problems on our local server because our editor will not be able to edit those files and folders. To fix these problems, simply run again these two commands:
sudo chmod -R 775 /home/youruser/lamp/public_htm
In the case you manually move files from your personal folders to the server web folder "public_html" those new files most likely will be owned by your username. This can cause problems if the server needs to modify or delete information. To prevent this problem, every time you move or copy information to your server web folder you have to set the correct owner and group permissions for all those new files. Open a terminal and run this command:
sudo chown -R www-data:www-data /home/youruser/lamp/public_html
Note: If your server has too many files, these commands could be slow but you can always set a more specific path to apply permission in less files.
Other Configurations[edit]
- Open a terminal and type:
sudo gedit /etc/php5/apache2/php.ini
- Find the line:
output_buffering =
- Set the value to "= Off".
- Find the line:
post_max_size =
- Set the value to "= 20M".
- Find the line:
upload_max_filesize =
- Set the value to "= 20M".
- Save changes.
- Type in your terminal:
sudo service apache2 restart
Enforcing Security[edit]
Since your computer is now running Web services, these services are listening for requests and will reply to anyone who has the correct IP and port. In other words, other people in your LAN and Internet can access your local site without your permission or they can even try to crack/hack your workstation. To prevent this, you need to install a firewall and "deny" by default any external incoming requests to your computer.
For Linux users there is a nice and simple firewall called "Uncomplicated Firewall". To install the user interface and manage the firewall from your desktop, just follow these steps:
- Open a terminal and type:
sudo apt-get install gufw
Note: You can also install the application from the Software Manager.
- Open the application. When the installation finishes, press the "unlock" button and type your administrative password.
- Set "Status = On" and "Incoming = Deny". Leave the rest in their default values.
- To test your firewall, just try to connect to your local site from a local computer on your LAN or a remote computer over the Internet. When the firewall status is "Status = On", you shouldn't be able to connect at all.
- Now temporarily change the status of your firewall to "Status = Off" and try to connect again. People should be able to see your local site just fine. Remember to set "Status = On" after this test.
Note: In this tutorial we are denying any incoming external requests to any port. As a side note, you can also Deny all incoming requests and manually allow incoming requests to few specific ports if you wish, but those kinds of settings are up to you. Since a PC workstation is not a server, it is okay to deny all incoming traffic by default.