13 KiB
13 KiB
L.A.M.P
1. Apache
ssh into server
sudo apt -y install apache2 apache2-utils
sudo vim /etc/apache2/conf-enabled/security.conf
# line 12 : change
ServerTokens Prod
sudo vim /etc/apache2/mods-enabled/dir.conf
# add file name that it can access only with directory's name
DirectoryIndex index.html index.htm
sudo vim /etc/apache2/apache2.conf
# line 70 : add to specify server name
ServerName www.srv.world
sudo vim /etc/apache2/sites-enabled/000-default.conf
# line 11 : change to webmaster's email
ServerAdmin webmaster@srv.world
sudo systemctl reload apache2
sudo vim /etc/apache2/ports.conf
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf
Listen 80
Listen 81
Listen 82
Listen 83
Listen 84
Listen 85
Listen 86
Listen 87
Listen 88
Listen 89
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
2. PHP
sudo apt update && apt full-upgrade -y
sudo apt install -y apache2 wget git zip unzip
# systemctl enable apache2 && systemctl start apache2# systemctl status apache2
sudo apt install -y php php-cli libapache2-mod-php php-common php-gd php-bcmath php-xml php-json php-zip php-mysql php-imap php-curl php-mbstring php-intl php-pear php-opcache php-soap php-apcu php-redis php-memcache
php -v
http://[ServerIP]
echo "<?php phpinfo(); ?>" > /var/www/html/test.php
3. Database
sudo apt install mariadb-server mariadb-client -y
# systemctl start mariadb && systemctl enable mariadb
# systemctl status mariadb
mysql_secure_installation
mysql -u root -p (transatlantique)
CREATE DATABASE [database_name];
# CREATE DATABASE [database_name] COLLATE utf8mb4_general_ci;
CREATE USER "admin"@"localhost" IDENTIFIED BY "camera-wand-stubborn";
GRANT ALL PRIVILEGES ON [database_name].* TO "admin"@"localhost";
FLUSH PRIVILEGES;
EXIT;
| database | user | password | host | prefix |
|---|---|---|---|---|
| \[database\_name\] | admin | camera-wand-stubborn | localhost | db\_ |
DATA="$(wget https://www.phpmyadmin.net/home_page/version.txt -q -O-)"
URL="$(echo $DATA | cut -d ' ' -f 3)"
VERSION="$(echo $DATA | cut -d ' ' -f 1)"
wget https://files.phpmyadmin.net/phpMyAdmin/${VERSION}/phpMyAdmin-${VERSION}-all-languages.tar.gz
tar xvf phpMyAdmin-${VERSION}-all-languages.tar.gz
mv phpMyAdmin-*/ /usr/share/phpmyadmin
mkdir -p /var/lib/phpmyadmin/tmp
chown -R www-data:www-data /var/lib/phpmyadmin
mkdir /etc/phpmyadmin/
cp /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.php
vim /usr/share/phpmyadmin/config.inc.php
(16gg) > 32 characters
$cfg['blowfish_secret'] = 'WBqsYQwj5EotFPu58WGSFNT4b7PMJoBt';(73gg)
$cfg['TempDir'] = '/var/lib/phpmyadmin/tmp';
vim /etc/apache2/conf-enabled/phpmyadmin.conf
Alias /phpmyadmin /usr/share/phpmyadmin
<Directory /usr/share/phpmyadmin>
Options SymLinksIfOwnerMatch
DirectoryIndex index.php
<IfModule mod_php5.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
php_admin_value mbstring.func_overload 0
</IfModule>
<IfModule mod_php.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
Authorize for setup
<Directory /usr/share/phpmyadmin/setup>
<IfModule mod_authz_core.c>
<IfModule mod_authn_file.c>
AuthType Basic
AuthName "phpMyAdmin Setup"
AuthUserFile /etc/phpmyadmin/htpasswd.setup
</IfModule>
Require valid-user
</IfModule>
</Directory>
Disallow web access to directories that don't need it
<Directory /usr/share/phpmyadmin/templates>
Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/libraries>
Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/setup/lib>
Require all denied
</Directory>
a2enmod rewrite
systemctl restart apache2
http://[ServerIP]/phpmyadmin
First login as [ root | transatlantique ] to save phpmyadmin config
Alternative
5. [instance_name]
wget https://github.com/[sourcefile].zip
unzip [sourcefile].zip -d /var/www/[instance_name]
chown -R www-data: /var/www/[instance_name]
sudo vim /etc/apache2/sites-available/delmar.bzh.conf
<VirtualHost *:80>
ServerName www.delmar.bzh
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/hugo
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:81>
ServerName nsns.delmar.bzh
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/nsns
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:82>
ServerName ugo.delmar.bzh
ServerAdmin ugo@delmar.bzh
DocumentRoot /var/www/wpugo
<Directory /var/www/wpugo>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
DavLockDB /usr/local/apache/var/DavLock
<VirtualHost *:83>
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/baikal/html
ServerName dav.delmar.bzh
RewriteEngine on
RewriteRule /.well-known/carddav /dav.php [R=308,L]
RewriteRule /.well-known/caldav /dav.php [R=308,L]
<Directory "/var/www/baikal/html">
Options None
# If you install cloning git repository, you may need the following
# Options +FollowSymlinks
AllowOverride None
# Configuration for apache-2.4:
Require all granted
# Configuration for apache-2.2:
# Order allow,deny
# Allow from all
</Directory>
Alias /webdav /var/www/webdav
<Directory /var/www/webdav>
DAV On
AuthType Basic
AuthName "webdav"
AuthUserFile /usr/local/apache/var/users.password
Require user admin
</Directory>
<Directory /var/www/webdav/shared>
Options Indexes
AllowOverride none
Order allow,deny
allow from all
DAV On
AuthType Basic
AuthName "webdav"
AuthUserFile /usr/local/apache/var/users.password
<Limit GET POST PROPFIND PUT DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
Require valid-user
</Limit>
</Directory>
<Directory /var/www/webdav/julien>
Options Indexes
AllowOverride none
Order allow,deny
allow from all
DAV on
AuthType Basic
AuthName "webdav"
AuthUserFile /usr/local/apache/var/users.password
<Limit GET POST PROPFIND PUT DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
Require user julien
</Limit>
</Directory>
<Directory /var/www/webdav/eliot>
Options Indexes
AllowOverride none
Order allow,deny
allow from all
DAV on
AuthType Basic
AuthName "webdav"
AuthUserFile /usr/local/apache/var/users.password
<Limit GET POST PROPFIND PUT DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
Require user eliot
</Limit>
</Directory>
<IfModule mod_expires.c>
ExpiresActive Off
</IfModule>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:84>
ServerName julien.delmar.bzh
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/resumes/julien
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:85>
ServerName nds.delmar.bzh
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/nds
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:86>
ServerName shop.delmar.bzh
ServerAdmin admin@delmar.bzh
DocumentRoot /var/www/shop
<Directory /var/www/shop>
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
RewriteEngine on
#Domain: shop.delmar.bzh
RewriteRule . - [E=REWRITEBASE:/]
RewriteRule ^api(?:/(.*))?$ %{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L]
RewriteRule ^upload/.+$ %{ENV:REWRITEBASE}index.php [QSA,L]
# Images
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$1$3 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$1$4 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$1$5 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$1$6 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$1$7 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$1$8 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$8/$1$9 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^c/([\d]+)(\-[\.*\w-]*)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L]
RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$
RewriteRule ^c/([a-zA-Z_-]+)(-[\d]+)?/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L]
# AlphaImageLoader for IE and fancybox
RewriteRule ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ %{ENV:REWRITEBASE}js/jquery/plugins/fancybox/images/$1.$2 [L]
# Dispatcher
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ %{ENV:REWRITEBASE}index.php [NC,L]
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
a2enmod rewrite
a2ensite [instance_name].conf
systemctl restart apache2
# touch /var/www/[instance_name]/.htaccess