Hometutorials
setup lamp stack ubuntu2204

Jump toUpdate content

Setting up a LAMP stack on Ubuntu 22.04 (Jammy Jellyfish)

Reviewed on 28 April 2022Published on 28 April 2022
  • LAMP
  • Ubuntu
  • PHP
  • Apache
  • MySQL
  • Linux

LAMP stack overview

The LAMP stack references a group of software that can be used to serve dynamic web applications and websites. LAMP is an acronym and stands for Linux, Apache, MySQL, and PHP). The concept describes a server environment that consists of a Linux operating system (Ubuntu Jammy Jellyfish 22.04 LTS), an Apache web server, a MySQL (or MariaDB) database server, and the PHP programming language.

Requirements:
  • You have an account and are logged into the Scaleway console
  • You have configured your SSH key
  • You have a Scaleway Instance running on Ubuntu 22.04 (Jammy Jellyfish)
  • You have a FQDN (Fully Qualified Domain Name) pointing to your Instance’s IP address
  • You have sudo privileges or access to the root user

Installing the LAMP stack on an Ubuntu 22.04 Instance

  1. Connect to your Instance via SSH.

  2. Use the apt package manager of Ubuntu to install the required packages. Make sure that the system is up to date and has the latest bug-fixes and updates installed by running the following command:

    apt update && apt -y upgrade
  3. Install the software stack:

    apt install -y ufw apache2 mariadb-server php-fpm php-mysql

Securing the database engine

  1. Launch the configuration wizard to configure the database server:

    mysql_secure_installation
  2. Press Enter when prompted for the current root password for the MariaDB server, as the password is not yet set.

  3. Press Y to switch to unix_socket authentication:

    Switch to unix_socket authentication [Y/n]
  4. Press N to keep your current root password, press Y to change the root password:

    You already have your root account protected, so you can safely answer 'n'.

    Change the root password? [Y/n]
  5. Enter the new password if you decided to change the root password, press Enter, then repeat this step.

  6. Keep the settings proposed by default when prompted by further questions, by pressing Enter each time.

Configuring an Apache virtual host

Apache stores the configuration of virtual hosts configuration files. All available configuration files are located in the /etc/apache2/sites-available/ directory.

  1. Navigate to the relevant directory:

    cd /etc/apache2/sites-available/
  2. Create a new virtual hosts configuration file and name it after the domain name that points to your Instance. Here we call it example.com.conf and put the following content into the file:

    <VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot "/var/www/html/example.com"
    <Directory "/var/www/html/example.com">
    Options FollowSymLinks
    AllowOverride all
    Require all granted
    </Directory>

    <FilesMatch \.php$>
    SetHandler "proxy:unix:/run/php/php8.1-fpm.sock|fcgi://localhost"
    </FilesMatch>

    ErrorLog /var/log/apache2/error.example.com.log
    CustomLog /var/log/apache2/access.example.com.log combined
    </VirtualHost>

    Remember to replace example.com and any other information as necessary as per the overview below:

    Overview:

    • *:80 — Defines the port Apache listens on. Here, it listens on port 80, the default port for HTTP.
    • ServerName — The domain name relating to this Apache virtual host.
    • ServerAlias - An alias name under which the Apache virtual host is reachable.
    • DocumentRoot — Specifies the document root where all files of the website are stored.
    • Directory — Gives directives for a specific directory.
    • ServerName — The domain name relating to this Apache virtual host.
    • ErrorLog — Refers to the error log file of this Apache virtual host.
    • CustomLog — Specifies the access log file of this Apache virtual host.
  3. Save and exit the file.

  4. Activate the new virtual host in Apache:

    a2ensite example.com
  5. Enable the proxy_fcgi module:

    a2enmod proxy_fcgi
  6. Reload the Apache configuration to make the site available.

    systemctl reload apache2

Securing your Instance with a firewall

  1. Enable HTTP, HTTPS and SSH connections in the firewall configuration of the Instance by running the following command:

    ufw allow 'Apache Full'
    ufw allow 'OpenSSH'
  2. Enable ufw:

    ufw enable

    Confirm the activation of the firewall by typing y:

    Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
    Firewall is active and enabled on system startup
  3. Check the status of ufw:

    ufw status

    It will return a list of the allowed services:

     Status: active

    To Action From
    -- ------ ----
    Apache Full ALLOW Anywhere
    OpenSSH ALLOW Anywhere
    Apache Full (v6) ALLOW Anywhere (v6)
    OpenSSH (v6) ALLOW Anywhere (v6)

Testing PHP

  1. Create a test PHP file to test if your LAMP stack is working.

    nano /var/www/html/example.com/phpinfo.php
  2. Put the following content in it:

    <?php
    phpinfo();
    ?>
  3. Save the file and point your web browser to http://example.com/phpinfo.php (replacing example.com with your domain name). When you see an output like the following, it means PHP is set up correctly:

Securing your site with Let’s Encrypt

By default the connection between your computer and the Instance is not encrypted and it is possible to read the communication. To secure the connection you can generate an SSL certificate for free, issued by Let’s Encrypt.

Let’s Encrypt provides a certbot to configure the Apache webserver automatically with Let’s Encrypt.

  1. Install certbot.

    apt install python3-certbot-apache
  2. Run certbot.

    certbot --apache
  3. Answer the prompts.

    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Enter email address (used for urgent renewal and security notices)
    (Enter 'c' to cancel): dscully@scaleway.com

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Please read the Terms of Service at
    https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
    agree in order to register with the ACME server. Do you agree?
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    (Y)es/(N)o: y

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Would you be willing, once your first certificate is successfully issued, to
    share your email address with the Electronic Frontier Foundation, a founding
    partner of the Let's Encrypt project and the non-profit organization that
    develops Certbot? We'd like to send you email about our work encrypting the web,
    EFF news, campaigns, and ways to support digital freedom.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    (Y)es/(N)o: n
    Account registered.

    Which names would you like to activate HTTPS for?
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    1: example.com
    2: www.example.com
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Select the appropriate numbers separated by commas and/or spaces, or leave input
    blank to select all options shown (Enter 'c' to cancel):

    Requesting a certificate for example.com and www.example.com

    Successfully received certificate.
    Certificate is saved at: /etc/letsencrypt/live/example.com/fullchain.pem
    Key is saved at: /etc/letsencrypt/live/example.com/privkey.pem
    This certificate expires on 2022-07-27.
    These files will be updated when the certificate renews.
    Certbot has set up a scheduled task to automatically renew this certificate in the background.

    Deploying certificate
    Successfully deployed certificate for example.com to /etc/apache2/sites-available/example.com-le-ssl.conf
    Successfully deployed certificate for www.example.com to /etc/apache2/sites-available/example.com-le-ssl.conf
    Congratulations! You have successfully enabled HTTPS on https://example.com and https://www.example.com

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    If you like Certbot, please consider supporting our work by:
    * Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
    * Donating to EFF: https://eff.org/donate-le
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  4. Reload the Apache configuration.

    systemctl reload apache2
  5. Access your site with https: https://example.com/.