Install and setup an apache web server with mysql on Ubuntu
Install Lamp server from iso distrib Ubuntu 12.04
By default the address of your local webserver is localhost or 127.0.0.1 if you want to use an IP, you can type it as the address and reach your document root. If you have created a dir under the DR called test (as in /var/www/test/), navigate to the content of this folder simply by going to http://localhost/test/ or http://127.0.0.1/test/ in your web browser. In a nutshell every web address is relative to the DR.
Type the following command :
# sudo tasksel install lamp-server
Apache2 Performance parameters
Open file http.conf file as shown under /etc/apache2/ below
Apache2 Permissions
www-data is a user/group set created specifically for web servers. It should be listed in /etc/passwd as a user, and can be configured to run as another user in /etc/apache2/apache2.conf.
Basically, it’s just a user with stripped permissions so if someone managed to find a security hole in one of your web applications they wouldn’t be able to do much. Without a lower-user like www-data set, apache2 would run as root, which would be a Bad Thing® since it would be able to do anything and everything to your system.
www-data or daemon :
What version of ubuntu are you using?
httpd.conf shouldn’t be in use. It should be /etc/apache2/envvars
Code: # envvars - default environment variables for apache2ctl # Since there is no sane way to get the parsed apache2 config in scripts, some # settings are defined via environment variables and then used in apache2ctl, # /etc/init.d/apache2, /etc/logrotate.d/apache2, etc. export APACHE_RUN_USER=www-data export APACHE_RUN_GROUP=www-data export APACHE_PID_FILE=/var/run/apache2.pid
And yes, www-data is system user, created by apache.
How are you checking users? are you just issuing ‘users’ from the command line?
If you are you will only see real users there, not www-data because apache is a daemon running under the user www-data
you can
#cat /etc/shadow
and that is a grimmy way if listing all valid users.
Apache2 /var/www/site1 Permissions
Method 1
sudo chown -R yourname:www-data site1
then
sudo chmod -R g+s site1
First command changes owner and group Second command adds s attribute which will keep new files and directories within site1 having the same group permissions
Method 2
If you are the only developer, why not just make the owner of /var/www/ you?
$ sudo chown -R mike /var/www/
and set permissions to 755 for directories and 644 for files.
After this you would want to do this to set the right permissions for your files and directories.
to change all the directories to 755:
find /var/www -type d -exec chmod 755 {} \;
to change all the files to 644:
find /var/www -type f -exec chmod 644 {} \;
Method 3
you@yourbox:~$ sudo -i [sudo] password for you: [password] root@yourbox:~# cd /var/www root@yourbox: /var/www# mkdir site1 root@yourbox: /var/www# chown you:www-data site1 root@yourbox: /var/www# chmod 0750 site1 root@yourbox: /var/www# logout you@yourbox:~$ ln -s /var/www/site1 /home/you/site1 you@yourbox:~$ exit
Method 4
- Create a new group (www-pub) and add the users to that group
groupadd www-pub
usermod -a -G www-pub usera
## must use -a to append to existing group- s
usermod -a -G www-pub userb
groups usera
## display groups for user - Change the ownership of everything under /var/www to root:www-pub
chown -R root:www-pub /var/www
## -R for recursive- Change the permissions of all the folders to 2775
chmod 2775 /var/www
## 2=set group id, 7=rwx for owner (root), 7=rwx for group (www-pub), 5=rx for world (including apache www-data user) Set group ID (SETGID) bit (2) causes the group (www-pub) to be copied to all new files/folders created in that folder. Other options are SETUID (4) to copy the user id, and STICKY (1) which I think lets only the owner delete files.There’s a -R recursive option, but that won’t discriminate between files and folders, so you have to use find, like so:find /var/www -type d -exec chmod 2775 {} +
- Change all the files to 0664
find /var/www -type f -exec chmod 0664 {} +
- Change the umask for your users to 0002 The umask controls the default file creation permissions, 0002 means files will have 664 and directories 775. Setting this (by editing the
umask
line at the bottom of/etc/profile
in my case) means files created by one user will be writable by other users in the www-group without needing tochmod
them. - Possible addition – set cache/upload dirs that need to be written to by the webserver to www-data:www-data and 775
Test all this by creating a file and directory and verifying the owner, group and permissions with ls -l
Create a new user who will be a webmaster
sudo adduser <login>
Create a webadmin group
sudo addgroup www-admin
Then Add users to the group
sudo adduser <login> www-admin
Permissions on existing files
sudo chown -R root:www-admin /var/www sudo chmod -R 0664 /var/www
Permissions on existing folders
cd /var/www sudo find . -type d -exec chmod 2775 {} \;
Admin web Umask for same site
Change file of concerned users (Admins)
nano /home/<login>/.profile
umask 002
Special permissions for folders where web server must write :
…for example /wp-content/uploads for WordPress
sudo chown -R www-data:www-admin /var/www/wp-content/uploads sudo chmod -R 775 /var/www/wp-content/uploads
Method 6 : Set Web Directory User and Permissions
Now that you have everything installed and configured you’ll need to set up some file permissions to allow Apache to read from, and you to write to, the web directory. This will be accomplished by changing the owner of the web directory, adding the Apache user and your user to this group and setting the guid bit forcing all new files/folders to have the same group permissions.
Create a new group:
$ sudo addgroup webdev
Change the group of your web directory:
$ sudo chgrp -R webdev /var/www/ $ sudo chmod -R g+rw /var/www/
Set the guid bit on all folders in your web directory:
$ sudo find /var/www -type d -exec chmod +s {} \;
Add Apache to the webdev group:
$ sudo usermod -a -G webdev www-data
Add your user to the webdev group:
$ sudo usermod -a -G webdev <user_name>
Usual WordPress Permissions for LAMP (Ubuntu)
find -type d -exec chmod 755 {} \; find -type f -exec chmod 664 {} \; chmod 770 -R wp-content/uploads chmod 770 -R w-content/upgrade chmod 750 wp-content/plugins
Running several name-based web sites on a single IP address
In apache you have to create a new file under “/etc/apache2/sites-available”. There you can create a new vhost file. Give them a name you want.
Add ip to etc/hosts file
and copy/uddate web files to /var/www/
Put you vhost information in this file something like this:
After that you have to enable the vhost.
a2ensite example.com
With this command you create a symlink from “sites-available” to “sites-enabled”
then reload you webserver
/etc/init.d/apache2 reload
and it should work.
How to check which apache modules are enabled/installed ?
On Ubuntu use:
apache2ctl -M
Enabling sites and apache mods
Virtual hosts are added a little differently in Ubuntu with Apache2.
“sites-enabled” and “sites-available” will be the keywords if you need to search out that information.
# a2ensite monsite.com
# a2enmode zzz
disabling sites and apache mods
# a2dissite monsite.com
# a2dismode zzz
Create the WordPress Database and User
After we unzip the wordpress files, they will be in a directory called wordpress in the home directory.
Now we need to switch gears for a moment and create a new MySQL directory for wordpress.
Go ahead and log into the MySQL Shell:
mysql -u root -p
Login using your MySQL root password, and then we need to create a wordpress database, a user in that database, and give that user a new password. Keep in mind that all MySQL commands must end with semi-colon.
First, let’s make the database (I’m calling mine wordpress for simplicity’s sake; feel free to give it whatever name you choose):
CREATE DATABASE wordpress; Query OK, 1 row affected (0.00 sec)
Then we need to create the new user. You can replace the database, name, and password, with whatever you prefer:
CREATE USER wordpressuser@localhost; Query OK, 0 rows affected (0.00 sec)
Set the password for your new user:
SET PASSWORD FOR wordpressuser@localhost= PASSWORD("password"); Query OK, 0 rows affected (0.00 sec)
Finish up by granting all privileges to the new user. Without this command, the wordpress installer will not be able to start up:
GRANT ALL PRIVILEGES ON wordpress.* TO wordpressuser@localhost IDENTIFIED BY 'password'; Query OK, 0 rows affected (0.00 sec)
Then refresh MySQL:
FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec)
Exit out of the MySQL shell:
exit
Cheers,