This tutorial shows how to install an Apache web server on CentOS 7 server with PHP (mod_php) and MySQL database. The acronym LAMP is short for Linux, Apache, MySQL, PHP.
This tutorial shows the installation of the latest PHP version 7.2 on CentOS 7.5
1 Preliminary Note
In this tutorial, I use the hostname kvm1.prado.lt with the IP 22.214.171.124. These settings might differ for you, so you have to replace them where appropriate.
I will add the EPEL repo here to install latest phpMyAdmin as follows:
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY* yum -y install epel-release
To edit files on the shell, I’ll install the nano editor. If you prefer vi for file editing, then skip this step.
yum update yum -y install nano
2 Installing MySQL / MariaDB
MariaDB is a MySQL fork of the original MySQL developer Monty Widenius. MariaDB is compatible with MySQL and I’ve chosen to use MariaDB here instead of MySQL. Run this command to install MariaDB with yum:
yum -y install mariadb-server mariadb
Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:
systemctl start mariadb.service systemctl enable mariadb.service
Set passwords for the MySQL root account:
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation. Set root password? [Y/n] y New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] y ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] n ... skipping. By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] y ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!
3 Installing Apache
CentOS 7 ships with Apache 2.4. The latest Apache version that existed when writing this tutorial is 2.4.6. Apache is directly available as a CentOS 7 package, therefore we can install it like this:
yum -y install httpd
Now configure your system to start Apache at boot time…
systemctl start httpd.service systemctl enable httpd.service
To be able to access the web server from outside, we have to open the HTTP (80) and HTTPS (443) ports in the firewall. The default firewall on CentOS is firewalld which can be configured with the firewall-cmd command.
firewall-cmd --permanent --zone=public --add-service=http firewall-cmd --permanent --zone=public --add-service=https firewall-cmd --reload
Now direct your browser to the IP address of your server, in my case http://126.96.36.199, and you should see the Apache placeholder page.
4 Installing PHP
The PHP version that ships with CentOS as default is quite old (PHP 5.4.16). Therefore I will show you in this chapter some options to install newer PHP versions like PHP 7.2 from Remi repository.
Add the Remi CentOS repository.
rpm -Uvh http://rpms.remirepo.net/enterprise/remi-release-7.rpm
Install yum-utils as we need the yum-config-manager utility.
yum -y install yum-utils
and run yum update
Now you have to chose which PHP version you want to use on the server.
5. Install PHP 7.2
If you want to use PHP 7.2 instead, use:
yum-config-manager --enable remi-php72 yum -y install php php-opcache
In this example, I’ll use PHP 7.2.
We must restart Apache to apply the changes:
systemctl restart httpd.service
6 Testing PHP / getting details about your PHP Installation
The document root of the default website is /var/www/html. We will create a small PHP file (php.php) in that directory and call it in a browser to test the PHP installation. The file will display lots of useful details about our PHP installation, such as the installed PHP version.
Now we call that file in a browser (e.g. http://188.8.131.52/php.php):
As you see, PHP 7.2 is working, and it’s working through the Apache 2.0 Handler, as shown in the Server API line. If you scroll further down, you will see all modules that are already enabled in PHP. MySQL is not listed there which means we don’t have MySQL support in PHP yet.
7 Getting MySQL Support In PHP
To get MySQL support in PHP, we can install the php-mysqlnd package. It’s a good idea to install some other PHP modules as well as you might need them for your applications. You can search for available PHP5 modules like this:
yum search php
Pick the ones you need and install them like this:
yum -y install php-mysqlnd php-pdo
In the next step I will install some common PHP modules that are required by CMS Systems like WordPress, Magento:
yum -y install php-gd php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-soap curl curl-devel
Now restart Apache web server:
systemctl restart httpd.service
Now reload http://184.108.40.206/php.php in your browser and scroll down to the modules section again. You should now find lots of new modules like curl etc there.
If you don’t need the php info output anymore, then delete that file for security reasons.
8 phpMyAdmin installation
phpMyAdmin is a web interface through which you can manage your MySQL databases.
phpMyAdmin can now be installed as follows:
yum -y install phpMyAdmin
Now we configure phpMyAdmin. We change the Apache configuration so that phpMyAdmin allows connections not just from localhost (by commenting out the <RequireAny> stanza and adding the ‘Require all granted’ line):
# phpMyAdmin - Web based MySQL browser written in php # # Allows only localhost by default # # But allowing phpMyAdmin to anyone other than localhost should be considered # dangerous unless properly secured by SSL Alias /phpMyAdmin /usr/share/phpMyAdmin Alias /phpmyadmin /usr/share/phpMyAdmin AddDefaultCharset UTF-8 # Apache 2.4 # # Require ip 127.0.0.1 # Require ip ::1 # Require all granted # Apache 2.2 Order Deny,Allow Deny from All Allow from 127.0.0.1 Allow from ::1 # Apache 2.4 # # Require ip 127.0.0.1 # Require ip ::1 # Require all granted # Apache 2.2 Order Deny,Allow Deny from All Allow from 127.0.0.1 Allow from ::1 # These directories do not require access over HTTP - taken from the original # phpMyAdmin upstream tarball # Order Deny,Allow Deny from All Allow from None Order Deny,Allow Deny from All Allow from None Order Deny,Allow Deny from All Allow from None # This configuration prevents mod_security at phpMyAdmin directories from # filtering SQL etc. This may break your mod_security implementation. # # # # SecRuleInheritance Off # #
Next, we change the authentication in phpMyAdmin from cookie to http:
[...] $cfg['Servers'][$i]['auth_type'] = 'http'; // Authentication method (config, http or cookie based)? [...]
systemctl restart httpd.service
Afterwards, you can access phpMyAdmin under http://220.127.116.11/phpmyadmin/.