Difference between revisions of "Apache 2"

(Created page with "Requirements You should have setup a MySQL database before going through this tutorial. I also recommend you to: Setup SSL infrastructure and create a server certificate Se...")
 
 
(70 intermediate revisions by the same user not shown)
Line 1: Line 1:
Requirements
+
[[Category:Linux]]
  
You should have setup a MySQL database before going through this tutorial.
 
  
I also recommend you to:
 
Setup SSL infrastructure and create a server certificate
 
Setup LDAP
 
  
 +
=Requirements=
  
 +
Before going through this tutorial, I recommend you to setup:
 +
* [[MySQL server]]
 +
* [[SSL server]]
 +
* [[LDAP server]]
  
=Installation=
 
  
  
==Apache 2==
 
This will install web server + PHP + Perl + all required libraries.
 
  
Apache2 core
+
=Installation=
<syntaxhighlight lang="bash">
 
apt-get install apache2 apache2-mpm-prefork apache2-utils ssl-cert
 
</syntaxhighlight>
 
  
Additional libraries
 
<syntaxhighlight lang="bash">
 
apt-get install libapache2-mod-fcgid libruby libapache2-mod-ruby
 
</syntaxhighlight>
 
  
Doc
+
==Apache 2==
<syntaxhighlight lang="bash">
 
apt-get install apache2-doc
 
</syntaxhighlight>
 
  
Perl  
+
This will install web server + PHP + Perl + all required libraries.
<syntaxhighlight lang="bash">
 
apt-get install libapache2-mod-perl2 libapache2-mod-perl2-doc
 
</syntaxhighlight>
 
  
 +
===Apache2 core===
  
==PHP 5==
 
Core
 
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
apt-get install libapache2-mod-php5 php5 php5-common
+
apt install apache2 apache2-utils
 +
apt install ssl-cert
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Module PHP5
+
Since Ubuntu 16.04 <code>apache2-mpm-prefork</code> is not required
<syntaxhighlight lang="bash">
 
apt-get install php5-curl php5-dev php5-gd php-pear php5-imagick php5-imap php5-mcrypt
 
apt-get install php5-memcache php5-mhash php5-mysql php5-snmp php5-xmlrpc php5-xcache php5-curl php5-xsl
 
</syntaxhighlight>
 
  
Additional libs
+
===Doc===
<syntaxhighlight lang="bash">
 
apt-get install php5-cli php5-cgi php-pear php-auth php5-mcrypt mcrypt
 
</syntaxhighlight>
 
  
Image Magick
 
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
apt-get install php5-imagick imagemagick
+
apt install apache2-doc
 
</syntaxhighlight>
 
</syntaxhighlight>
  
  
==Firewall==
+
===Perl===
You have to open the following ports:
 
* Port 80 = HTTP
 
* Port 443 = HTTPS
 
  
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
$IPTABLES -A INPUT -p tcp -m state -i eth0 --dport 80 -j ACCEPT
+
apt-get install libapache2-mod-perl2 libapache2-mod-perl2-doc
$IPTABLES -A INPUT -p tcp -m state -i eth0 --dport 443 -j ACCEPT
 
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Restart the firewall
 
<syntaxhighlight lang="bash">
 
/etc/init.d/firewall restart
 
</syntaxhighlight>
 
  
 +
===SNMP===
  
 +
Sometimes you might encounter some SNMP errors on latest Debian based distributions.
  
=PHP 5=
+
In that case you have to install a new package and run it.
  
Edit config file:
 
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
vim /etc/php5/apache2/php.ini
+
apt-get install snmp-mibs-downloader
 +
download-mibs
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Add / uncomment the following lines in Dynamic extensions area (~ line 865)
 
* extension=mysql.so
 
* extension=gd.so
 
  
 +
source: http://www.podciborski.co.uk/miscellaneous/snmp-cannot-find-module/
  
  
=Apache 2 configuration # Multi-threading=
+
==PHP 8==
 +
2021-11: PHP 8 is not included in Ubuntu 20.04 LTS.
  
 +
Source article: http://www.daxiongmao.eu/wiki/index.php?title=Apache_2&action=edit
  
==MPM prefork==
+
===Add PHP 8.0 repository===
This manage processes
 
* Max clients = nb of max simultaneous requests that the server can handle
 
* Server limit = max nb of process that the server can handle
 
* Start servers = nb of process to create on server start
 
* Min / Max spare servers = nb of min / max process listening for incoming request
 
* Max request per child = nb of requests that each process can execute
 
  
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
vim /etc/apache2/apache2.conf
+
apt install software-properties-common
 +
add-apt-repository ppa:ondrej/php
 +
apt update
 
</syntaxhighlight>
 
</syntaxhighlight>
Let default values; put a limit to MaxRequestsPerChild at 100 000
 
  
 +
===Install core packages===
  
==MPM worker==
+
To install the latest version of PHP:
This manage threads.
 
Threads are executed within a specific process.
 
All process’ threads share the same context and global variables.
 
  
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
vim /etc/apache2/apache2.conf
+
# PHP core
 +
apt-get install php
 +
apt-get install php-cli
 +
# Apache2 support
 +
apt install libapache2-mod-php
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Let default values; put a limit to MaxRequestsPerChild at 10 000
 
  
 +
===Modules PHP===
  
 +
<syntaxhighlight lang="bash">
 +
apt-get install php-cgi
 +
#apt-get install php-opcache
 +
apt-get install php-gd
 +
apt-get install php-bz2
 +
apt-get install php-curl
 +
apt-get install php-xmlrpc
 +
apt-get install php-json
 +
apt-get install php-mysql
 +
apt-get install php-imap
 +
apt-get install php-mbstring
 +
# Performances
 +
apt install php-fpm libapache2-mod-fcgid
 +
</syntaxhighlight>
  
=Apache 2 configuration # Virtual host=
+
Enable modules
  
 
==Preparation==
 
Initialize configuration
 
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
cd /etc/apache2/sites-available/
+
sudo a2enmod proxy_fcgi setenvif
cp default myServer
+
sudo a2enconf php8.0-fpm
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Create target directory
+
===Utility===
 +
 
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
mkdir -p /var/www/myServer
+
apt install php-pear
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Prepare the log files
+
===Configuration===
<syntaxhighlight lang="bash">
 
mkdir -p /var/log/apache2/myServer
 
touch /var/log/apache2/myServer/access.log
 
touch /var/log/apache2/myServer/error.log
 
chmod -R 660 /var/log/apache2/myServer/*
 
chown -R www-data:www-data /var/log/apache2/myServer/*
 
</syntaxhighlight>
 
  
 +
Edit '''PHP config''' file:
  
==Configuration==
 
Init configuration
 
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
cp /etc/apache2/sites-available/default /etc/apache2/sites-available/myServer
+
vim /etc/php/8.0/cli/php.ini
 
</syntaxhighlight>
 
</syntaxhighlight>
  
 +
* Let CGI behaves like before: set <code>cgi.fix_pathinfo=1</code>
 +
* Adjust file upload size <code>upload_max_filesize = 32M</code>
 +
* Adjust post size <code>post_max_size = 32M</code>
 +
* Adjust time zone <code>date.timezone = Europe/Paris</code>
 +
* Save path: <code>session.save_path = "/tmp"</code>
  
'''Edit configuration'''
+
===Check PHP version and configuration===
<syntaxhighlight lang="bash">
 
vim /etc/apache2/sites-available/myServer
 
</syntaxhighlight>
 
  
 +
To ensure PHP 8.0 is well-installed just type:
  
To begin the virtual host, write the following lines:
 
→ Adjust the settings to your own configuration
 
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
<VirtualHost 192.168.0.100:80>   → Choose the best options for your needs
+
php -v
<VirtualHost *:80>
+
</syntaxhighlight>
  
ServerName myServer
 
ServerAlias www.myServer *.myServer
 
ServerAdmin webmaster@domain
 
 
# Logs settings
 
LogLevel Warn
 
CustomLog {APACHE_LOG_DIR}/myServer/access.log combined
 
ErrorLog {APACHE_LOG_DIR}/myServer/error.log
 
  
# Root folder properties
+
===Image Magick===
DocumentRoot /var/www/myServer
 
<Directory />
 
Options FollowSymLinks
 
AllowOverride None
 
</Directory>
 
        <Directory /var/www/myServer />
 
Options Indexes FollowSymLinks MultiViews
 
AllowOverride None
 
Order allow,deny
 
allow from all
 
</Directory>
 
  
# Scripts CGI
+
<syntaxhighlight lang="bash">
# [ required for PHP 5 ]
+
apt install php-gd php-imagick imagemagick
ScriptAlias /cgi-bin/ /var/www/cgi-bin
 
<Directory "/var/www/cgi-bin">
 
AllowOverride None
 
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
 
Order allow,deny
 
Allow from all
 
</Directory>
 
 
 
</VirtualHost>
 
 
</syntaxhighlight>
 
</syntaxhighlight>
  
 +
===Configuration===
  
'''Activation of a Virtual Host'''
+
Edit PHP config file:
  
To activate a Virtual Host, just type
 
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
a2ensite  myServer
+
vim /etc/php/8.0/apache2/php.ini
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Then, restart your web server
+
Add / uncomment the following lines in Dynamic extensions area
<syntaxhighlight lang="bash">
+
<syntaxhighlight lang="php">
/etc/init.d/apache2 restart
+
// PHP 8  (~ line 904)
 +
extension=bz2
 +
extension=curl
 +
extension=gd
 +
extension=imap
 +
extension=mysqli
 
</syntaxhighlight>
 
</syntaxhighlight>
  
  
 +
!! Note this is NOT required on Ubuntu 20.04 because these modules are enabled by default !!
  
=Apache 2 configuration # SSL Virtual host=
+
==Firewall==
  
 +
see [[Firewall INPUT filters#Web server]]
  
==Create SSL certificate==
+
Restart the firewall
First of all, you need to create a server certificate.
 
Cf. SSL dedicated document → Create a new server certificate
 
>> TODO : link to SSL page
 
 
 
  
==Enable SSL module==
 
Create symlinks for server certificate
 
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
ln -s /srv/ssl/certs/myServer.cert.pem /etc/apache2/webServer.pem
+
/etc/init.d/firewall restart
ln -s /srv/ssl/private/ myServer.nopass.key /etc/apache2/webServer.key
 
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Activate the SSL module
 
<syntaxhighlight lang="bash">
 
a2enmod ssl
 
</syntaxhighlight>
 
  
  
==Prepare virtual host==
+
==Test your installation==
Create virtual host folder
 
<syntaxhighlight lang="bash">
 
mkdir -p /var/www/myServer-ssl
 
cp /var/www/index.html /var/www/myServer-ssl
 
chown -R www-data:www-data /var/www/myServer-ssl
 
</syntaxhighlight>
 
  
  
==Prepare the log files==
+
Restart the Apache2 server
<syntaxhighlight lang="bash">
 
mkdir -p /var/log/apache2/myServer-ssl
 
touch /var/log/apache2/myServer-ssl/error.log
 
touch /var/log/apache2/myServer-ssl/access.log
 
chmod 660 /var/log/apache2/*
 
chown root:www-data /var/log/apache2/*
 
</syntaxhighlight>
 
 
 
  
==Virtual host declaration==
 
Init configuration
 
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/myServer-ssl
+
service apache2 restart
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Edit configuration
 
<syntaxhighlight lang="bash">
 
vim /etc/apache2/sites-available/myServer-ssl
 
</syntaxhighlight>
 
  
Then, you will need to edit the Virtual Host configuration file:
+
Create a simple PHP script
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
vim /etc/apache2/sites-availables/virtualHostName
+
vim /var/www/html/phpinfo.php
 
</syntaxhighlight>
 
</syntaxhighlight>
  
!! Adjust the settings to your own configuration
+
Put the following:
<syntaxhighlight lang="bash">
+
<syntaxhighlight lang="php">
# Secure web server
+
<?php
<VirtualHost _default_:443>
+
phpinfo();
<VirtualHost 192.168.0.100:443>   → Choose the best options for your needs
+
?>
<VirtualHost *:443>
 
 
 
ServerName myServer
 
ServerAlias www.myServer *.myServer
 
ServerAdmin webmaster@domain
 
 
# Logs settings
 
LogLevel Warn
 
CustomLog {APACHE_LOG_DIR}/myServer-ssl/access.log combined
 
ErrorLog {APACHE_LOG_DIR}/myServer-ssl/error.log
 
 
 
# Root folder properties
 
DocumentRoot /var/www/myServer-ssl
 
 
 
        # Enable SSL
 
        SSLEngine              On
 
        SSLCertificateFile      /etc/apache2/webServer.pem
 
        SSLCertificateKeyFile  /etc/apache2/webServer.key
 
 
 
        # Root directory properties
 
        <Directory /var/www/ssl />
 
            Options Indexes FollowSymLinks MultiViews
 
            AllowOverride None
 
            Order allow,deny
 
            allow from all
 
        </Directory>
 
 
 
        ##########################
 
        # ALIAS AND REDIRECTIONS #
 
        ##########################
 
 
 
</VirtualHost>
 
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Enable site
+
Adjust rights
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
a2ensite myServer-ssl
+
chown www-data:www-data /var/www/html/phpinfo.php
 +
chmod 755 /var/www/html/phpinfo.php
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Restart the web server
 
<syntaxhighlight lang="bash">
 
/etc/init.d/apache2 restart
 
</syntaxhighlight>
 
  
==Accept auto-signed certificate==
+
You can now test your installation by going to 'http://localhost/phpinfo.php' or 'http://myServer/phpinfo.php'. You should see the default page.
Go to https://myServer/certs/
 
Cf SSL document to get installation details
 

Latest revision as of 17:38, 3 November 2021



Requirements

Before going through this tutorial, I recommend you to setup:



Installation

Apache 2

This will install web server + PHP + Perl + all required libraries.

Apache2 core

apt install apache2 apache2-utils 
apt install ssl-cert

Since Ubuntu 16.04 apache2-mpm-prefork is not required

Doc

apt install apache2-doc


Perl

apt-get install libapache2-mod-perl2 libapache2-mod-perl2-doc


SNMP

Sometimes you might encounter some SNMP errors on latest Debian based distributions.

In that case you have to install a new package and run it. 

apt-get install snmp-mibs-downloader
download-mibs


source: http://www.podciborski.co.uk/miscellaneous/snmp-cannot-find-module/


PHP 8

2021-11: PHP 8 is not included in Ubuntu 20.04 LTS.

Source article: http://www.daxiongmao.eu/wiki/index.php?title=Apache_2&action=edit

Add PHP 8.0 repository

apt install software-properties-common
add-apt-repository ppa:ondrej/php
apt update

Install core packages

To install the latest version of PHP: 

# PHP core
apt-get install php
apt-get install php-cli
# Apache2 support
apt install libapache2-mod-php


Modules PHP

apt-get install php-cgi 
#apt-get install php-opcache
apt-get install php-gd 
apt-get install php-bz2 
apt-get install php-curl 
apt-get install php-xmlrpc
apt-get install php-json 
apt-get install php-mysql 
apt-get install php-imap 
apt-get install php-mbstring
# Performances
apt install php-fpm libapache2-mod-fcgid

Enable modules 

sudo a2enmod proxy_fcgi setenvif
sudo a2enconf php8.0-fpm

Utility

apt install php-pear

Configuration

Edit PHP config file: 

vim /etc/php/8.0/cli/php.ini
  • Let CGI behaves like before: set cgi.fix_pathinfo=1
  • Adjust file upload size upload_max_filesize = 32M
  • Adjust post size post_max_size = 32M
  • Adjust time zone date.timezone = Europe/Paris
  • Save path: session.save_path = "/tmp"

Check PHP version and configuration

To ensure PHP 8.0 is well-installed just type: 

php -v


Image Magick

apt install php-gd php-imagick imagemagick

Configuration

Edit PHP config file: 

vim /etc/php/8.0/apache2/php.ini

Add / uncomment the following lines in Dynamic extensions area 

// PHP 8  (~ line 904)
extension=bz2
extension=curl
extension=gd
extension=imap
extension=mysqli


!! Note this is NOT required on Ubuntu 20.04 because these modules are enabled by default !!

Firewall

see Firewall INPUT filters#Web server

Restart the firewall 

/etc/init.d/firewall restart


Test your installation

Restart the Apache2 server 

service apache2 restart


Create a simple PHP script 

vim /var/www/html/phpinfo.php

Put the following: 

<?php
phpinfo();
?>

Adjust rights 

chown www-data:www-data /var/www/html/phpinfo.php
chmod 755 /var/www/html/phpinfo.php


You can now test your installation by going to 'http://localhost/phpinfo.php' or 'http://myServer/phpinfo.php'. You should see the default page.

Retrieved from "http://www.daxiongmao.eu/wiki/index.php?title=Apache_2&oldid=3024"