Difference between revisions of "Configuring a LAMPP server for PHP development/Linux desktop"

Under Construction

This article or section is in the process of an expansion or major restructuring. You are welcome to assist in its construction by editing it as well. If this article or section has not been edited in several days, please remove this template.
This article was last edited by Enav (talk| contribs) 11 years ago. (Purge)

Introduction[edit]

This article provides detailed instructions for configuring a LAMPP server, not only for Joomla! it also should work fine for PHP development in general.

Theses instructions should work fine on any Debian based distribution such as Debian, Ubuntu, LinuxMint, Xubuntu, Kbuntu and others.

Installation[edit]

NOTE: You need a stable Internet connection for this tutorial, if you previously tried to install the LAMP stack and failed for any reason visit this page and follow the instruction here to delete any server configuration and start from scratch "How to remove the LAMP stack"

The installation of a LAMPP server on Linux is extremely easy, just follow this instructions:

• Open a terminal and type:

sudo apt-get install apache2 php5-mysql libapache2-mod-php5 mysql-server phpmyadmin php5-curl

• Say yes [Y] when the package manager ask you download and install the packages, this step will take some time depending on your connection speed
• At some point the installer will ask you for the MySQL root password use any password you like, but for this example we are going to use "myadmin"
• The installer will ask for "the web server that should be automatically configured to run phpmyadmin", press [spacebar] to choose "apache2" and press [enter], NOTE: make sure the selection is marked with and asterisk [*]
• The installer will ask for "Configure database for phpmyadmin with dbconfig-common", choose "<yes>" and press [enter]
• The installer will ask for "password of the database's administrative user", use any password you like, but for this example we are going to use "myadmin"
• The installer will ask for "mysql application password for phpmyadmin", use any password you like, but for this example we are going to use "myadmin"
• If no errors have being displayed then the installation is finish

1st test for Apache[edit]

• Open your web browser and type in the address bar "localhost" and press [enter]
• Normally Apache display a test page with some text like this:

It works!
This is the default web page for this server.
The web server software is running but no content has been added, yet.

1st test for PHP server[edit]

To test if PHP server is working lets create a quick test file using the command line

• Open a terminal and type

echo "<?php phpinfo(); ?>" | sudo tee /var/www/test.php 

• Open your web browser and type in the address bar "localhost/test.php" and press [enter]
• The next thing you should see in your browser is a really long page displaying information about the PHP server, if not then something went wrong
• Now that we know the PHP server is working fine we don't need that test file anymore, type the following command in your terminal to delete the file

sudo rm /var/www/test.php

1st test for phpMyAdmin[edit]

• Open your web browser and type in the address bar "localhost/phpmyadmin" and press [enter]
• The next thing you should see is the phpMyadmin login page, if not then something went wrong, most likely you skip or not marked the option "apache2" at the question "web server that should be automatically configured to run phpmyadmin", to fix this problem just purge the installation and start over again the installation steps
• Login to phpmyadmin with the following credentials
  • username = root
  • password = myadmin
• You should be able to login normally and have no error messages at all

Understanding the folder structure[edit]

There are several folders and files that the LAMP server uses to store the configurations of the LAMP services and to store the files of your hosted websites

Apache default web site folder[edit]

Location: "/var/www/"

Description: by default the Apache server enables a test website and store the website files in that location, so every time you visit the page http://localhost, the browser display the page located at "/var/www/"

With your file browser navigate to "/var/www/" there should be a file called "index.html", change the content of the file for whatever you want and refresh the web page to see the changes.

Apache web sites configuration files[edit]

Location: "/etc/apache2/sites-available/"

Description: You can host multiples sites in the same server, this folder a configuration file for each site.

Apache configuration file[edit]

Location: "/etc/apache2/apache2.conf" Location: "/etc/apache2/envvars"

Description: This files contains very important information about the Apache service.

Apache ports configuration file[edit]

Location: "/etc/apache2/ports.conf"

Description: This files configure what port will Apache server listen to for http requests, by default http request are assigned to the port 80 but you can modify or add more ports.

Apache log files[edit]

Location: "/var/log/apache2/"

Description: That folder contain several files to keep track of several events on your Apache web server, such as errors in the services, errors in code of your site, failed authentication attempts and more, this is a good place to look at when something is not working file or you suspect some is trying to breach your server security

Configuration[edit]

Enabling mod_rewrite[edit]

The mod_rewrite module uses a rule-based rewriting engine, based on a PCRE regular-expression parser, to rewrite requested URLs on the fly. By default, mod_rewrite maps a URL to a filesystem path. However, it can also be used to redirect one URL to another URL, or to invoke an internal proxy fetch.

for more information visit http://httpd.apache.org/docs/current/mod/mod_rewrite.html

• open a terminal and type

sudo a2enmod rewrite

• now that the rewrite module is enabled we need to restart apache

sudo service apache2 restart

• done

Deploying a new site folder structure[edit]

By default the web server is hosting the files in the location "/var/www" but for security reason and for the sake of avoid ownership problems we are going to use another place to host our web site files

Lets create a new folder to store the web files and the log files of the site

• open a terminal and type

mkdir /home/youruser/lamp/
mkdir /home/youruser/lamp/public_html/
mkdir /home/youruser/lamp/logs/

NOTE: You can place your new site folders on any location you desire, this is just an example, replace "youruser" with your actual Linux username

To store the web site files we are going to use the folder "plublic_html" and for our log files we are going to use the folder "logs"

Creating the new site[edit]

To create and enable a new site in your server follow this steps:

NOTE: gedit is a common Linux editor but you can use any other alternative you like such as geany, nano, vim, pico, etc...

• open a terminal an type

sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/mydevsite

NOTE: "mydevsite" is the name of the new site used in this example, you can use any other name you like

• Open the site configuration

sudo gedit /etc/apache2/sites-available/mydevsite

• The content of that file should be something like this

<VirtualHost *:80>
	ServerAdmin webmaster@localhost

	DocumentRoot /var/www
	<Directory />
		Options FollowSymLinks
		AllowOverride None
	</Directory>
	<Directory /var/www/>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
	</Directory>

	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride None
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	</Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog ${APACHE_LOG_DIR}/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

</VirtualHost>

• Make some modifications to make it looks like this, or simply copy and paste it

<VirtualHost *:80>
	ServerAdmin webmaster@localhost

	DocumentRoot /home/youruser/lamp/public_html
	<Directory />
		Options FollowSymLinks
		AllowOverride All
	</Directory>
	<Directory /home/youruser/lamp/public_html>
		Options Indexes FollowSymLinks MultiViews
		AllowOverride All
		Order allow,deny
		allow from all
	</Directory>

	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	<Directory "/usr/lib/cgi-bin">
		AllowOverride All
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	</Directory>

	ErrorLog /home/youruser/lamp/logs/error.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog /home/youruser/lamp/logs/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride All
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

</VirtualHost>

NOTE: Replace "youruser" with your current user name

• Save changes
• Now we need to enable the site, in a terminal type

sudo a2ensite mydevsite

• Lets disable the default site, we don't need it anymore

sudo a2dissite default

• Restart Apache to complete the process, in a terminal type

sudo service apache2 restart

• To test out our new site lets create a quick test file, in a terminal type

echo "<?php echo 'Hello world, today is is: '.date('Y/m/d'); ?>" | tee /home/youruser/lamp/public_html/today.php 

NOTE: Replace "yourname" with your current user name

• Open your browser an navigate to "localhost/today.php"
• If everything is working ok you should see something like this

Hello world, today is is: 2012/05/05

Enabling additional ports[edit]

Note: If you have no plans to show your local site to another person over Internet just skip this section.

With the last configuration you should be able to access your page and access it from another computer connected to your LAN, if your computer is connected to Internet and also have assigned a Public IP you can access your site using that IP from any web browser, but for some reason some ISPs does not allow HTTP traffic (HTTP = port 80) over dynamic IPs, to solve this you just need to configure Apache to reply requests from a different port, in this case we are going to use the port number 8080 which is easy to remember.

If you are using a router to connect to Internet you should have to configure a port forwarding setting on your router to let other people see your local site, Google "how to do port forwarding" on your current router model. If you don't now what is the difference between a Static IP, Dynamic IP, Private IP and a Public IP we recommend you to do a Wikipedia reading about these topics.

• Open a terminal and type:

sudo gedit /etc/apache2/ports.conf

• Find the line "listen 80" and insert this line underneath

Listen 8080

• Save changes

• Open your new site configuration

sudo gedit /etc/apache2/sites-available/mydevsite

• Find this directive "<VirtualHost *:80>" and make the following modification

 <VirtualHost *:80 *:8080> 

• Save changes

• Restart Apache to complete the process, in a terminal type

sudo service apache2 restart

• To test your new configuration try to access your site from another computer over Internet, just type your IP in the browser's address bar and press enter, if the request fails try the new alternative port like this xxx.xxx.xxx.xxx:8080

Preventing ownership problems[edit]

By default in some Linux installations the Apache server runs under the user "www-data" and group "www-data", to be able to edit and delete the files at our webroot we have to add our user to the "www-data" group and changes some files and folder permissions, so both the server and you can works with the same folder and files with no problems.

To get more information about the Unix file systems and file permissions read this article.

Adding yourself to the Apache group[edit]

For this example let's pretend your username is called "youruser", to add yourself to the same Apache's user group follow this steps:

• open a terminal and type

sudo usermod -a -G enav www-data

That was easy, but now we have to make sure all the file at our webroot have the correct file and folder permission so we can have write permission.

• on your terminal locate yourself at your local server webroot, i.e.:

cd ../home/youruser/lamp/public_html/

• run this command to change the permissions of all the files so the owner and the group can have write permission

find . -type f -exec chmod 664 {} \;

• run this other command to change the permissions of all the folders so the owner and the group can have write permission

find . -type d -exec chmod 775 {} \;

What those commands does is to find any file and folder recursively and change the permissions. At this point you should be able to work with the same files and folders that your server have under the webroot with no problems, but note that this file permissions are OK for a development server only not for a production server, in production server the permission of folder should be "755" and the permission of files should be "644", in other words in a production server only the server user should have read and write access anything else only read access this means folders = 755 and files 644.

Common problems and confusions[edit]

After you apply the configurations above you could experiment some few file permissions errors after doing some operations with Joomla, for example Joomla uses the Apache user to create new files and folders, by default Joomla creates these new files and folders using a secure permission mask which is folders = 755 and files 677, this is OK and expected for a production server it but will bring us problems in our local development server because our editor will not be able to edit those folders or files, to solve this we just have to give write permission to the group of those files and folder again just like we did before, follow these steps:

• open a terminal and locate yourself at the root of your Joomla site with problems, i.e.:

cd ../home/youruser/lamp/public_html/site1/

• run this tow commands to fix any permission problem automatically

find . -type f -exec chmod 664 {} \;
find . -type d -exec chmod 775 {} \;

Other configurations[edit]

• open a terminal and type

 sudo gedit /etc/php5/apache2/php.ini 

• Find the line

output_buffering =

• Set the value to "= Off"

• Find the line

post_max_size =

• Set the value to "= 20M"

• Find the line

upload_max_filesize =

• Set the value to "= 20M"

• Save changes

• Type in your terminal

sudo service apache2 restart

Enforcing security[edit]

Since your computer is now running web services, this services are listening for requests and will reply to anyone who have the correct IP and port, in other words other people in your LAN and Internet can access your local site without your permission or they can even try to crack/hack your workstation. To prevent this you just need to install a firewall and "deny" by default any external incoming requests to your computer.

For Linux users there is a nice and simple firewall called "Uncomplicated Firewall" to install the user interface and manage the firewall from your desktop just follow these steps

• open a terminal and type:

 sudo apt-get install gufw 

Note: you can also install the application from the software center

• Open the application when the installation finishes

• Press the "unlock" button and type your administrative password

• Make sure "status = On" and "Incoming = Deny" leave the rest in their default values

• To test your firewall just try to connect to your local site from a local computer on your LAN or a remote computer over Internet when the firewall status is "Status = On", your shouldn't be able to connect whatsoever

• Now "temporally" change the status of your firewall to "Status = Off" and try to connect again, people should be able to see your local site just fine, remember to set "Status = On" after this test

Note: In this tutorial we are denying any incoming external requests to any port, as a side note you can also Deny all incoming requests and manually allow incoming requests to few specific ports if you wish, but that kind of settings are up to you, since a PC workstation is not a server is ok to deny all incoming traffic by default