This post will detail the series of steps that are required to set-up and configure a LAMP server using Ubuntu 10.04 LTS. The server will have all of the normal features that everyone has come to expect.

Specifically, it will have the following features:

  • Locales will be set properly.
  • MySQL will be secured.
  • MySQL Query Caching will be configured.
  • Iptables will be configured (optional).
  • Alternative PHP Cache (APC) will be installed and configured.
  • Web directory permissions will be set.
  • Virtual hosts will be created.

A couple assumptions are made concerning this procedure:

  • Ubuntu Server 10.04 LTS was used as the installation distribution.
  • The only task chosen during the installation process was SSH server.

Initial Server Pre-LAMP Install Configuration

First, the root account should be enabled temporarily. It saves time and eliminates some annoyances. At the end of the procedure, the root account can be disabled and sudo can be used once again for all tasks.

To disable the root account, log into the account that was created during the install process and use the following command, and then enter a new password (choose something secure):

Log out and then log back in as root.

Distributions are always in a constant state of updating. Therefore, the distribution should be updated to include all of the latest packages for performance and security reasons. Perform the following to update the system:

Set the locales to the appropriate setting:

Iptables Configuration (Optional)

Iptables is a software firewall. This server will only be listening on ports 22 (SSH), 80 (http), and 443 (https). This is a fairly small surface area for attack. Therefore, having a software firewall may be considered not needed. However, it is being included here for completeness.

Iptables is installed by default on Ubuntu Server. Therefore, installing it via aptitude is not needed. To begin the configuration process, flush any current rules:

Now add the following rules via the command line:

Save the rules to a file in the etc directory:

Edit the /etc/network/interfaces to include the following:

Depending on the number of packages that may have been updated in the previous section, a reboot may be in order. Additionally, a reboot will ensure that the iptable rules are restored properly. To view the currently active iptable rules, use the following:

Installing Apache

To install the Apache 2 web server, issue the following command:

Activate several commonly used modules:

Initiate an Apache restart to ensure that the modules are active:

If everything is working correctly, the browsing to the server via the IP address should display a page claiming that the server is working.

Installing PHP5

To install PHP5, perform the following command:

To install APC:

Installing MySQL

To install MySQL, issue the following command:

During the install process, a prompt for a root password will be shown. Choose a secure root password.

Secure the MySQL installation using the following and choose the defaults for all of the prompts:

Add the following to the [mysqld] section of the /etc/mysql/my.cnf file:

Restart Apache and MySQL to ensure that all of the configuration changes are active: