How to install Apache, PHP and MySQL on Linux: Part 2

This tutorial explains the installation of Apache web server, bundled with PHP and MySQL server on a Linux machine. The tutorial is primarily for SuSE 9.2, 9.3, 10.0 & 10.1, but most of the steps ought to be valid for all Linux-like operating systems.

Apache 2 installation

Prerequisites

Before you begin, it is highly recommended (though not inevitable) to create a system user and user group under which your Apache server will be running.

groupadd www
useradd -g www apache2

What is it good for? All actions performed by Apache (for instance your PHP scripts execution) will be restricted by this user’s privileges. Thus you can explicitly rule which directories your PHP scripts may read or change. Also all files created by Apache (e.g. as a result of executing your PHP scripts) will be owned by this user (apache2 in my case), and affiliated with this user group (www in my case).

Download source

Get the source from http://httpd.apache.org/download.cgi ( httpd-2.2.17.tar.gz ). These instructions are known to work with all 2.x.x Apache versions.

Unpack, configure, compile

Go to the directory with the downloaded file and enter:

tar -xzf httpd-2.2.17.tar.gz
cd httpd-2.2.17
./configure --prefix=/usr/local/apache2 --enable-so --with-included-apr

The configure options deserve a little bit more of detail here. The most important --prefix option specifies the location where Apache is to be installed. Another commonly used option --enable-so turns on the DSO support, i.e. available modules compiled as shared objects can be loaded or unloaded at runtime. Very handy.

To compile some modules statically (they are always loaded, faster execution times), use --enable-module option. To compile a module as a shared object, use --enable-module=shared option.

For all available configuration options and their default values check the Apache documentation or type ./configure --help.

SSL support

To support secure connections, you need to specify --enable-ssl option when you run ./configure. In addition to that, you will also have to configure your httpd.conf file later.

Note: Make sure that openssl is installed on your system before you run ./configure with --enable-ssl. If not, download the latest version from http://www.openssl.org/source/ , unpack, configure, make, make install. You will also need to generate server certificate. Place server.crt and server.key into /etc/ssl/apache2/ directory and make them readable by Apache2.

Configuration example

For example, to compile the mod_rewrite module statically and mod_auth_digest as a DSO, and to enable secure connections, enter:

./configure --prefix=/usr/local/apache2 --enable-so --enable-rewrite --enable-auth-digest=shared --enable-ssl

Tip: If you are upgrading from older Apache version, you may want to copy config.nice from the directory to which the previous version was unpacked (if available) to where you unpacked the new Apache tarball file. Run ./config.nice instead of ./configure. This way all the previously used configure options will be applied to the new installation effortlessly.

Once you configured everything as you like, compile and install the software:

make
make install

Edit httpd.conf

Before you start Apache server, edit the httpd.conf file according to your needs (the file is generously commented).

vi /usr/local/apache2/conf/httpd.conf

I suggest the following changes (some of them may have already been set automatically) at the appropriate places inside httpd.conf (ignore “...“):

ServerRoot "/usr/local/apache2"
...
<IfModule !mpm_netware.c>
  User apache2
  Group www
</IfModule>
...
DocumentRoot "/foo/path_to_your_www_documents_root"
...
<Directory />
  Options FollowSymLinks
  AllowOverride None
</Directory>
...
DirectoryIndex index.php index.html index.htm index.html.var

“apache2″ and “www” are the user and user group I have previously created (see Prerequisites)

Apart from these, later you will probably want to specify detailed options for specific directories, load some DSO modules, setup virtual servers etc.

SSL support

If you wish to enable SSL for secure connections (assuming that you have configured Apache with --enable-ssl option – see above), add the following in the appropriate sections inside httpd.conf (ignore “...“; replace “laffers.net” with your own, and set the actual path to your server certificate and key file):

Listen 80
Listen 443
...
<VirtualHost *:443>
  ServerName laffers.net:443
  SSLEngine on
  SSLCertificateFile /etc/ssl/apache2/server.crt
  SSLCertificateKeyFile /etc/ssl/apache2/server.key
  ErrorLog /usr/local/apache2/logs/error_log_laffers.net
  TransferLog /usr/local/apache2/logs/access_log_laffers.net
  SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  SetEnvIf User-Agent ".*MSIE.*" \
  nokeepalive ssl-unclean-shutdown \
  downgrade-1.0 force-response-1.0
</VirtualHost>

Note: In some newer distributions, httpd.conf is dissected into many additional files located in conf/extra. In that case, you may want to do the SSL settings from above inside the conf/extra/httpd-ssl.conf file. Don’t forget to uncomment “Include conf/extra/httpd-ssl.conf” in the httpd.conf file.

After you installed PHP (next part of this tutorial), few additional changes need to be done to httpd.conf (but they are usually made automatically during PHP installation).

Setup access privileges

Don’t forget to setup Apache access privileges to your www directories:

chown -R apache2:www /foo/path_to_your_www_documents_root
chmod -R 750 /foo/path_to_your_www_documents_root

“apache2″ and “www” are the user and user group I have previously created (see Prerequisites)

Start and stop apache server

After everything is set up, start Apache:

/usr/local/apache2/bin/apachectl start

Similarly, if you wish to stop Apache, type:

/usr/local/apache2/bin/apachectl stop

Automatic startup

It’s a good idea to let your Apache server start automatically after each system reboot. To setup Apache automatic startup, do:

cp /usr/local/apache2/bin/apachectl /etc/init.d
chmod 755 /etc/init.d/apachectl
chkconfig --add apachectl
chkconfig --level 35 apachectl on

Further reading

Tags: ,

4 Responses to “How to install Apache, PHP and MySQL on Linux: Part 2”

  1. Anon says:

    I tried really hard on this line;
    chkconfig –add apachectl

    With CentOS 5.x, and Apache 2, then I found this;

    #
    # Startup script for the Apache Web Server
    #
    # chkconfig: – 85 15
    # description: Apache is a World Wide Web server. It is used to serve
    # HTML files and CGI.
    # processname: httpd
    # pidfile: /usr/local/apache2/logs/httpd.pid
    # config: /usr/local/apache2/conf/httpd.conf
    #

    Once I pasted this between the start of the script, and below #!/bin/bash, it started working!

  2. Felipe Alvarez says:

     Thanks for the chkconfig header lines! Bonus!

  3. [...] –enable-ssl option when you run ./configure. In addition to that, you will also have to configure your httpd.conf file later. Note: Make sure that openssl is installed on your system before you run ./configure [...]

  4. Isak says:

    Can you help please, first time configuration on redhat and getting the errors below, anyone who can help?

    [root@eirteic1 httpd-2.2.21]# ./configure –prefix=/usr/local/apache2 –enable-s                                                                              o –with-included-aprchecking for chosen layout… Apachechecking for working mkdir -p… yeschecking build system type… i686-pc-linux-gnuchecking host system type… i686-pc-linux-gnuchecking target system type… i686-pc-linux-gnu
    Configuring Apache Portable Runtime library …
    configuring package in srclib/apr nowchecking build system type… i686-pc-linux-gnuchecking host system type… i686-pc-linux-gnuchecking target system type… i686-pc-linux-gnuConfiguring APR libraryPlatform: i686-pc-linux-gnuchecking for working mkdir -p… yesAPR Version: 1.4.5checking for chosen layout… aprchecking for gcc… nochecking for cc… nochecking for cl.exe… noconfigure: error: in `/usr/sbin/httpd-2.2.21/srclib/apr’:configure: error: no acceptable C compiler found in $PATHSee `config.log’ for more details.configure failed for srclib/apr[root@eirteic1 httpd-2.2.21]#

Leave a Reply

You must be logged in to post a comment.