LAMP server installation (PHP7 & CentOs7)

I changed my blog server recently. Thus, I write this one about some basic points of server setup. This passage is suitable for CentOs 7.2 with latest PHP 7.

1, Install Apache and Mariadb

yum install httpd -y
yum install mariadb mariadb-server -y

2, Install php 7

The default yum source of many cloud server doesn’t contain php 7. So we should install some yum sources first.

#Source from webtatic
rpm -Uvh
rpm -Uvh

Now install PHP 7

yum install php70w php70w-opcache php70w-mysql php70w-pdo php70w-xml php70w-mbstring php70w-mcrypt php70w-gd -y

3, Ports setup

Only port 22 is opened by default in CentOs 7 (If I got it right). As a server, Http port(80), Https port(443) and MySql port(3306) are necessary. Other ports shall be opened base on service provided by the server.

Stop firewall

systemctl stop firewalld
systemctl mask firewalld

Install and setup iptable

yum install iptables-services
/sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 443 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 3306 -j ACCEPT
service iptables save

Start iptable

systemctl enable iptables
systemctl enable ip6tables
systemctl start iptables
systemctl start ip6tables

Check the ports opened

netstat -ntlp

At this time, we can only see port 22, but that’s not a problem as apache and mysql are not working yet.

If use the auto update and intallation function of wordpress, vsftpd is also nessary. Vsftpd us port 21, so I’m gonna list the action below, too.

# intall vsftpd
yum install vsftpd
# open port 21
/sbin/iptables -I INPUT -p tcp --dport 21 -j ACCEPT
service iptables save
systemctl restart iptables
# start vsftpd
systemctl enable vsftpd
systemctl start vsftpd

4、Setup apache and mariadb

First, apache

systemctl enable httpd.service
systemctl start httpd.service

Try enter the IP address of server in browser. If an apache welcome page is shown, that means apache is working.

Second, mariadb

systemctl enable mariadb.service
systemctl start mariadb

This will request you to reset password. Current password is empty, so just type enter.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorization.

New password: password
Re-enter new password: password
Password updated successfully!
Reloading privilege tables..
 ... Success!

Say yes to all the rest options.

Finally, test php

vi /var/www/html/info.php

Add codes below

<?php phpinfo(); ?>

Now goto http://your_server_IP_address/info.php and check if php infomation is shown.

5、Install and setup ssl

I have a passage about. However, it’s in Chinese. I will translate it some other day.

I will just talk about the basics here

yum install mod_ssl openssl

# Generate private key 
openssl genrsa -out ca.key 2048 

# Generate CSR 
openssl req -new -key ca.key -out ca.csr

Some personal information will be needed. Finish those information and open that csr file and cope the code to certificate provider. Certificate provider will reture certificate to you. I used wosign service and I got two file named 1_root_bundle.crt and They are both useful. And of cause the key file created just now is needed as well.

Copy those three files to /etc/pki/tls/certs/. We wil use them later.

Others may refer to another passage I wrote. (It in Chinese)

6, Multiple domain names setup

Add a new file name vhost.conf in apache setting floder (/etc/httpd/conf.d/). Write as code below.

<VirtualHost *:80>
 DocumentRoot /var/www/wordpress
 ServerAlias wordpress
 ErrorLog "/var/log/httpd/wordpress-error.log"
 CustomLog "/var/log/httpd/wordpress.log" common

<VirtualHost *:443>
 DocumentRoot "/var/www/wordpress/"
 ServerAlias wordpress
 ErrorLog "/var/log/httpd/wordpress-error.log"
 TransferLog "/var/log/httpd/access_wordpress_log"
 CustomLog "/var/log/httpd/wordpress.log" \
 "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
 SSLEngine on
 SSLProtocol all -SSLv2
 SSLCertificateFile "/etc/pki/tls/certs/"
 SSLCertificateKeyFile "/etc/pki/tls/certs/stringblog.key"
 SSLCertificateChainFile "/etc/pki/tls/certs/1_root_bundle.crt"

Then http and https domain setting is done. Make a little adjustment for other domains.

Then go to the setup page of domain register and setup a A address to this server. Then restart apache.

service httpd restart

Now enter domain name in browser and the website shall be seen. And of cause it may take some time before DNS servers are updated that you shall see you website through domain name.

This passage simply concluded the basis of server setup. Might be useful reseting up a server.

That’s all.


[1] How To Install Linux, Apache, MySQL, PHP (LAMP) stack On CentOS 7, Mitchell Anicas, Jul 21, 2014

[2] CentOS 7 下 yum 安装 Apache / MariaDB / php7, 小蒋, Feb 23, 2016

[3] 面向初学者的vsftpd安装指南, 北南南北, Aug 26, 2010

[4] Setting up an SSL secured Webserver with CentOS, ChristophGaluschka, Feb 15, 2014

[5] 为WordPress配置SSL(Apache+Linux),  浩 Hao, Apr 16, 2016


Leave a Reply