A detailed setup on how to install Apache, MariaDB, PHP, minimal Apache2 modules to get everything up and running.
This post also details on how to create a non-SSL Apache configuration file, an SSL Apache SSL configuration file, as well as a Proxy Apache configuration file.
Let’s start by updating the repository data and performing a system update:
[bash]apt-get update
apt-get upgrade[/bash]
Next, install OpenSSH server so we can use another computer (copy and paste)
[bash]apt-get install openssh-server[/bash]
A while back, root SSH logins were disabled by default, so we need to enable it:
[bash]nano /etc/ssh/sshd_config[/bash]
Edit line #32:
[code language=”text” gutter=”true” firstline=”32″ highlight=”32″]PermitRootLogin yes[/code]
Restart the SSH server to reload the new configuration:
[bash]service sshd restart[/bash]
Now install the required software:
[bash]apt-get install net-tools vnstat ntp apache2 php libapache2-mod-php7.0 php-mysql php-mbstring mariadb-server ca-certificates[/bash]
Complete the MariaDB (replacement for MySQL) installation:
[bash]mysql_secure_installation[/bash]
Create directories which will hold website data:
[bash]mkdir -p /var/vhosts/domain-name/www
mkdir -p /var/vhosts/phpmyadmin.domain-name/www[/bash]
Download the desired version of WordPress and phpMyAdmin:
[bash]cd /tmp
wget https://en-ca.wordpress.org/wordpress-4.9.9-en_CA.tar.gz
tar xzf wordpress-4.9.9-en_CA.tar.gz
wget https://files.phpmyadmin.net/phpMyAdmin/4.8.4/phpMyAdmin-4.8.4-english.tar.gz
tar xzf phpMyAdmin-4.8.4-english.tar.gz[/bash]
Copy the extracted files to the directories you created:
[bash]cd /tmp/wordpress
cp * -R /var/vhosts/domain-name/www
cd /tmp/phpMyAdmin-4.8.4-english
cp * -R /var/vhosts/phpmyadmin.domain-name/www[/bash]
Create an Apache website configuration file:
[bash]nano /etc/apache2/sites-available/domain-name.conf[/bash]
Add the following to the config file:
[code language=”text”]<VirtualHost 0.0.0.0:80>
ServerName domain-name
Redirect / https://domain-name/
</VirtualHost>
<VirtualHost *:443>
ServerName domain-name
SSLEngine on
SSLCertificateFile /var/vhosts/domain-name/ssl/domain-name.crt
SSLCertificateKeyFile /var/vhosts/domain-name/ssl/domain-name.key
SSLCertificateChainFile /var/vhosts/domain-name/ssl/ca-cert.crt
DocumentRoot "/var/vhosts/domain-name/www"
<Directory />
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
[/code]
AllowOverride Allinstructs Apache to respect the options in the .htaccess file (included with WordPress). If you don’t enable AllowOverride All you will not be able to use RewriteEngine (unless defined elsewhere).
Create another Apache configuration file (phpMyAdmin does not have an .htaccess file):
[bash]nano /etc/apache2/sites-available/phpmyadmin.domain-name.conf[/bash]
Add the config file content:
[code language=”text”]<VirtualHost 0.0.0.0:443>
ServerName phpmyadmin.domain-name
SSLEngine on
SSLCertificateFile /var/vhosts/domain-name/ssl/domain-name.crt
SSLCertificateKeyFile /var/vhosts/domain-name/ssl/domain-name.key
SSLCertificateChainFile /var/vhosts/domain-name/ssl/ca-cert.crt
DocumentRoot "/var/vhosts/phpmyadmin.domain-name/www"
<Directory />
Require all granted
</Directory>
</VirtualHost>[/code]
Allow access to phpMyAdmin (you cannot login as root as of MySQL v5.7):
[bash]mysql -u root -p[/bash]
Create a user that can use phpMyAdmin (instead of root):
[code language=”text”]CREATE USER ‘phpmyadmin’@’%’ IDENTIFIED BY ‘password’;
GRANT ALL PRIVILEGES ON *.* TO ‘phpmyadmin’@’%’ WITH GRANT OPTION;
quit;[/code]
Create another directory to hold SSL private key, cert, and chain cert:
[bash]mkdir -p /var/vhosts/domain-name/ssl[/bash]
Add your cert data:
[bash]nano /var/vhosts/domain-name/ssl/domain-name.crt
nano /var/vhosts/domain-name/ssl/domain-name.key
nano /var/vhosts/domain-name/ssl/ca-cert.crt[/bash]
Let’s create an Apache site which will serve as a proxy:
[bash]nano /etc/apache2/sites-available/sabnzbdplus.domain-name.conf[/bash]
Add the config file content:
[code language=”text”]<VirtualHost 0.0.0.0:80>
ServerName sabnzbdplus.domain-name
Redirect permanent / https://sabnzbdplus.domain-name/
</VirtualHost>
<VirtualHost *:443>
ServerName sabnzbdplus.domain-name
SSLEngine on
SSLCertificateFile /var/vhosts/domain-name/ssl/domain-name.crt
SSLCertificateKeyFile /var/vhosts/domain-name/ssl/domain-name.key
SSLCertificateChainFile /var/vhosts/domain-name/ssl/ca-cert.crt
ProxyPass / http://192.168.24.42:8080/
ProxyPassReverse / http://192.168.24.42:8080/
</VirtualHost>[/code]
We’ve been downloading and coping data user the user root, Apache runs as “www-data”, so we need to change the owner on the directories and files which hold web data:
[bash]chown -R www-data:www-data /var/vhosts[/bash]
Enable a few Apache modules:
[bash]a2enmod rewrite proxy_http ssl[/bash]
Simply enable the websites you created:
[bash]a2ensite domain-name.conf phpmyadmin.domain-name.conf sabnzbdplus.domain-name.conf[/bash]
Restart Apache to set everything as active:
[bash]systemctl reload apache2[/bash]