Install and setup an apache web server with mysql on Ubuntu

Install Lamp server from iso distrib Ubuntu 12.04

By default the address of your local webserver is localhost or 127.0.0.1 if you want to use an IP, you can type it as the address and reach your document root. If you have created a dir under the DR called test (as in /var/www/test/), navigate to the content of this folder simply by going to http://localhost/test/ or http://127.0.0.1/test/ in your web browser. In a nutshell every web address is relative to the DR.
Type the following command :

# sudo tasksel install lamp-server


Apache2 Performance parameters

Open file http.conf file as shown under /etc/apache2/ below

apache1

apache2



Apache2 Permissions

www-data is a user/group set created specifically for web servers. It should be listed in /etc/passwd as a user, and can be configured to run as another user in /etc/apache2/apache2.conf.
Basically, it’s just a user with stripped permissions so if someone managed to find a security hole in one of your web applications they wouldn’t be able to do much. Without a lower-user like www-data set, apache2 would run as root, which would be a Bad Thing® since it would be able to do anything and everything to your system.

www-data or daemon :
What version of ubuntu are you using?
httpd.conf shouldn’t be in use. It should be /etc/apache2/envvars

Code:
# envvars - default environment variables for apache2ctl

# Since there is no sane way to get the parsed apache2 config in scripts, some
# settings are defined via environment variables and then used in apache2ctl,
# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data
export APACHE_PID_FILE=/var/run/apache2.pid

And yes, www-data is system user, created by apache.
How are you checking users? are you just issuing ‘users’ from the command line?
If you are you will only see real users there, not www-data because apache is a daemon running under the user www-data
you can

 #cat /etc/shadow

and that is a grimmy way if listing all valid users.


Apache2 /var/www/site1 Permissions

Method 1

sudo chown -R yourname:www-data site1

then

sudo chmod -R g+s site1

First command changes owner and group Second command adds s attribute which will keep new files and directories within site1 having the same group permissions


Method 2
If you are the only developer, why not just make the owner of /var/www/ you?

$ sudo chown -R mike /var/www/

and set permissions to 755 for directories and 644 for files.
After this you would want to do this to set the right permissions for your files and directories.
to change all the directories to 755:

find /var/www -type d -exec chmod 755 {} \;

to change all the files to 644:

find /var/www -type f -exec chmod 644 {} \;

Method 3

you@yourbox:~$ sudo -i
[sudo] password for you: [password]
root@yourbox:~# cd /var/www
root@yourbox: /var/www# mkdir site1
root@yourbox: /var/www# chown you:www-data site1
root@yourbox: /var/www# chmod 0750 site1
root@yourbox: /var/www# logout
you@yourbox:~$ ln -s /var/www/site1 /home/you/site1
you@yourbox:~$ exit

Method 4

  • Create a new group (www-pub) and add the users to that group
  • groupadd www-pubusermod -a -G www-pub usera ## must use -a to append to existing group
  • susermod -a -G www-pub userbgroups usera ## display groups for user
  • Change the ownership of everything under /var/www to root:www-pub
  • chown -R root:www-pub /var/www ## -R for recursive
  • Change the permissions of all the folders to 2775
  • chmod 2775 /var/www ## 2=set group id, 7=rwx for owner (root), 7=rwx for group (www-pub), 5=rx for world (including apache www-data user) Set group ID (SETGID) bit (2) causes the group (www-pub) to be copied to all new files/folders created in that folder. Other options are SETUID (4) to copy the user id, and STICKY (1) which I think lets only the owner delete files.There’s a -R recursive option, but that won’t discriminate between files and folders, so you have to use find, like so:
  • find /var/www -type d -exec chmod 2775 {} +
  • Change all the files to 0664
  • find /var/www -type f -exec chmod 0664 {} +
  • Change the umask for your users to 0002 The umask controls the default file creation permissions, 0002 means files will have 664 and directories 775. Setting this (by editing the umask line at the bottom of /etc/profile in my case) means files created by one user will be writable by other users in the www-group without needing to chmod them.
  • Possible addition – set cache/upload dirs that need to be written to by the webserver to www-data:www-data and 775

Test all this by creating a file and directory and verifying the owner, group and permissions with ls -l


 Create a new user who will be a webmaster

sudo adduser <login>

Create a webadmin group

sudo addgroup www-admin

Then Add users to the group

sudo adduser <login> www-admin

Permissions on existing files

sudo chown -R root:www-admin /var/www
sudo chmod -R 0664 /var/www

Permissions on existing folders

cd /var/www
sudo find . -type d -exec chmod 2775 {} \;

Admin web Umask for same site

Change file of concerned users (Admins)

nano /home/<login>/.profile
umask 002

Special permissions for folders where web server must write :

…for example /wp-content/uploads for WordPress

sudo chown -R www-data:www-admin /var/www/wp-content/uploads
sudo chmod -R 775 /var/www/wp-content/uploads

Method 6 : Set Web Directory User and Permissions

Now that you have everything installed and configured you’ll need to set up some file permissions to allow Apache to read from, and you to write to, the web directory. This will be accomplished by changing the owner of the web directory, adding the Apache user and your user to this group and setting the guid bit forcing all new files/folders to have the same group permissions.

Create a new group:

$ sudo addgroup webdev

Change the group of your web directory:

$ sudo chgrp -R webdev /var/www/
$ sudo chmod -R g+rw /var/www/

Set the guid bit on all folders in your web directory:

$ sudo find /var/www -type d -exec chmod +s {} \;

Add Apache to the webdev group:

$ sudo usermod -a -G webdev www-data

Add your user to the webdev group:

$ sudo usermod -a -G webdev <user_name>

Usual WordPress Permissions for LAMP (Ubuntu)

find -type d -exec chmod 755 {} \;
find -type f -exec chmod 664 {} \;
chmod 770 -R wp-content/uploads
chmod 770 -R w-content/upgrade
chmod 750 wp-content/plugins

Running several name-based web sites on a single IP address

In apache you have to create a new file under “/etc/apache2/sites-available”. There you can create a new vhost file. Give them a name you want.
apache9

Add ip to etc/hosts file

apache8

and copy/uddate web files to /var/www/

apache6

Put you vhost information in this file something like this:
apache4

After that you have to enable the vhost.

a2ensite example.com

With this command you create a symlink from “sites-available” to “sites-enabled”
then reload you webserver

/etc/init.d/apache2 reload

and it should work.


How to check which apache modules are enabled/installed ?
On Ubuntu use:

apache2ctl -M

Enabling sites and apache mods

Virtual hosts are added a little differently in Ubuntu with Apache2.
“sites-enabled” and “sites-available” will be the keywords if you need to search out that information.

# a2ensite monsite.com
# a2enmode zzz

disabling sites and apache mods

# a2dissite monsite.com
# a2dismode zzz

Create the WordPress Database and User


After we unzip the wordpress files, they will be in a directory called wordpress in the home directory.

Now we need to switch gears for a moment and create a new MySQL directory for wordpress.

Go ahead and log into the MySQL Shell:

mysql -u root -p

Login using your MySQL root password, and then we need to create a wordpress database, a user in that database, and give that user a new password. Keep in mind that all MySQL commands must end with semi-colon.

First, let’s make the database (I’m calling mine wordpress for simplicity’s sake; feel free to give it whatever name you choose):

CREATE DATABASE wordpress;
Query OK, 1 row affected (0.00 sec)

Then we need to create the new user. You can replace the database, name, and password, with whatever you prefer:

CREATE USER wordpressuser@localhost;
Query OK, 0 rows affected (0.00 sec)

Set the password for your new user:

SET PASSWORD FOR wordpressuser@localhost= PASSWORD("password");
Query OK, 0 rows affected (0.00 sec)

Finish up by granting all privileges to the new user. Without this command, the wordpress installer will not be able to start up:

GRANT ALL PRIVILEGES ON wordpress.* TO wordpressuser@localhost IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.00 sec)

Then refresh MySQL:

FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

Exit out of the MySQL shell:

exit

Cheers,

extradrmtech

Since 20 years I work on Database Architecture and data migration protocols. I am also a consultant in Web content management solutions. I am an experienced web-developer with over 10 years developing PHP/MySQL, C#, VB.Net applications ranging from simple web sites to extensive web-based business applications. When not writing code, I like to dance salsa and swing and have fun with my little family.

You may also like...