Home

ID | EN

How to Create a Web Server

Time: 9/8/2021
By Setiawan Jodi

Table of contents

I will give 2 ways, for LAMP (Linux, Apache, MySQL, PHP) and LEMP (Linux, Nginx, MySQL, PHP). Comes with an FTP server for uploading files to /var/www/

Warning

All these commands require root privileges. Log in to root account with

sudo -i

Please be careful when using root account

LAMP

Installing the required software

apt update && apt upgrade && apt install apache2 mysql-server php libapache2-mod-php php-mysql && apt install php-curl php-gd php-json php-mbstring php-xml php-zip php-bz2 php-intl php-ldap php-imap php-bcmath php-gmp php-memcached php-imagick

This command will update our linux system and install apache, mysql, php and frequently used php extensions

Apache Configuration

By default Apache can process php files. the configuration below will only make Apache read the file .htaccess

Open nano and edit the apache configuration file

nano /etc/apache2/apache2.conf

Search section <directory /var/www/>. And replace AllowOverride None to AllowOverride All

## Before <Directory /var/www/> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory> ## After <Directory /var/www/> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory>

After that save changes, and restart Apache

service apache2 restart

MySQL Configuration

Run the command below

mysql_secure_installation

When finished, create a new user

CREATE USER 'contoh'@'localhost' IDENTIFIED BY 'password';

Then make the user able to access the entire database

GRANT ALL PRIVILEGES ON *.* TO 'contoh'@'localhost';

And finish with

FLUSH PRIVILEGES;

LEMP

Installing the required software

apt update && apt upgrade && apt install nginx mysql-server php-fpm php-mysql && apt install php-curl php-gd php-json php-mbstring php-xml php-zip php-bz2 php-intl php-ldap php-imap php-bcmath php-gmp php-memcached php-imagick

This command will update our linux system and install nginx, mysql, php and frequently used php extensions

Nginx Configuration

By default Nginx cannot process php files. To activate it you have to change some configuration.

Open nano and edit the Nginx configuration file

nano /etc/nginx/sites-available/default

Change some config in index

# Before index index.html index.htm index.nginx-debian.html; # After index index.php index.html index.htm;

Change some config in location ~ \.php$

## Before #location ~ \.php$ { # include snippets/fastcgi-php.conf; # # With php-fpm (or other unix sockets): # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; #} ## After location ~ \.php$ { include snippets/fastcgi-php.conf; # With php-fpm (or other unix sockets): fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; }

MySQL Configuration

Run the command below

mysql_secure_installation

When you're done, create a new user. By the way

CREATE USER 'contoh'@'localhost' IDENTIFIED BY 'password';

Then make the user able to access the entire database

GRANT ALL PRIVILEGES ON *.* TO 'contoh'@'localhost';

And finish with

FLUSH PRIVILEGES;

VSFTPD

This command is copied from iSmooth Blog How to Install FTP Server for Apache or Nginx on Ubuntu 20.04. So thank you iSmooth Blog

For the FTP feature we will use VSFTPD. The FTP folder location will be redirected to /var/www/. To install the software can be done with

apt install vsftpd && chgrp -R www-data /var/www/* && find /var/www -type f -exec chmod 664 {} \; && find /var/www -type d -exec chmod 775 {} \; && find /var/www -type d -exec chmod g+s {} \; && chown root:root /var/www && ufw allow 20,21,22,990,40000:50000/tcp

After that we create an FTP account

useradd sftp -d /var/www passwd sftp adduser sftp www-data echo "DenyUsers sftp" >> /etc/ssh/sshd_config systemctl reload sshd

* sftp username can be changed

Back-up the default config file, create a new config file and edit the VSFTPD configuration

mv /etc/vsftpd.conf /etc/vsftpd.conf.txt nano /etc/vsftpd.conf

Enter the configuration below

# FTP listen=NO listen_ipv6=YES anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=YES chroot_local_user=YES secure_chroot_dir=/var/run/vsftpd/empty pam_service_name=vsftpd force_dot_files=YES pasv_min_port=40000 pasv_max_port=50000 allow_writeable_chroot=YES # SSL ssl_enable=YES rsa_cert_file=/etc/ssl/private/vsftpd.pem rsa_private_key_file=/etc/ssl/private/vsftpd.pem allow_anon_ssl=NO force_local_data_ssl=YES force_local_logins_ssl=YES ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO require_ssl_reuse=NO ssl_ciphers=HIGH

Enable SSL over TLS for VSFTPD

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem

Restart VSFTPD

systemctl restart vsftpd

Note

© Setiawan Jodi (s3_j0d1). All Rights Reserved.

Flag Counter