loader
Prerequisites

Before beginning:

  1. Launch an AL2023 instance on Amazon EC2 with a public DNS.
  2. Allow SSH (port 22), HTTP (port 80), and HTTPS (port 443) in your security group.
Step 1: Prepare Your LAMP Server

 

1. Connect to Your Instance

Use an SSH client (like PuTTY) to connect to your EC2 instance.

2. Update Software

Run the following command to ensure all packages are up to date:

sudo dnf upgrade -y
3. Install Apache and PHP

Install Apache and the latest PHP version (8.1) with this command:

sudo dnf install -y httpd wget php-fpm php-mysqli php-json php php-devel
4. Install MariaDB

Install MariaDB, the database server:

sudo dnf install mariadb105-server
5. Start Apache

Start the Apache web server:

sudo systemctl start httpd

Enable Apache to start on boot:

sudo systemctl enable httpd
6. Check HTTP Port Access

Make sure your security group allows inbound HTTP (port 80) traffic. Update rules in the EC2 console if necessary.

Step 2: Set Up File Permissions

To manage files in Apache’s root directory (/var/www/html):

  1. Add the ec2-user to the apache group:

sudo usermod -a -G apache ec2-user

2. Log out and log back in to apply the changes:

exit

3. Verify group membership:

groups

You should see apache listed.

4. Change ownership and permissions of /var/www:

sudo chown -R ec2-user:apache /var/www
sudo chmod 2775 /var/www && find /var/www -type d -exec sudo chmod 2775 {} \;
find /var/www -type f -exec sudo chmod 0664 {} \;
Step 3: Test Your Web Server
  1. Open your instance’s public DNS in a browser. If the /var/www/html directory is empty, you should see Apache’s test page: “It works!”

  2. Add a test PHP file to verify PHP functionality:

echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php

3. Open the file in your browser:

http://<your-public-DNS>/phpinfo.php

You should see a PHP information page.

If you’ve set up a LAMP (Linux, Apache, MySQL, PHP) stack on Amazon Linux 2023, you’ll need to know how to manage it efficiently. In this guide, we’ll cover common commands for restarting services, editing configuration files, troubleshooting, and more.

1. Managing Apache (httpd) Service

Apache is the web server in your LAMP stack. Here’s how to control it:

Start, Stop, or Restart Apache
# Start Apache  
sudo systemctl start httpd  

# Stop Apache  
sudo systemctl stop httpd  

# Restart Apache (use after configuration changes)  
sudo systemctl restart httpd  

# Reload Apache (without downtime)  
sudo systemctl reload httpd  

# Check Apache status  
sudo systemctl status httpd  
Enable Apache to Start on Boot
sudo systemctl enable httpd  

2. Editing Configuration Files

Locate and Edit php.ini

The PHP configuration file (php.ini) is critical for PHP settings. Use:

# Find the location of php.ini (PHP 8.1 example)  
php --ini | grep "Loaded Configuration File"  

# Edit the file with nano/vim  
sudo nano /etc/php-8.1/php.ini  
Edit Apache Configuration

Apache’s main configuration file:

sudo nano /etc/httpd/conf/httpd.conf  

For virtual hosts:

sudo nano /etc/httpd/conf.d/your-site.conf  
Edit the Hosts File

Temporarily map domains for testing:

sudo nano /etc/hosts  

3. Checking PHP Information

Create a phpinfo.php file to verify PHP is working:

echo "<?php phpinfo(); ?>" | sudo tee /var/www/html/phpinfo.php  

Access it via http://your-server-ip/phpinfo.php. Remove the file afterward for security:

sudo rm /var/www/html/phpinfo.php  

4. Checking Logs for Debugging

Apache Logs
  • Access logs: /var/log/httpd/access_log

  • Error logs: /var/log/httpd/error_log

Tail logs in real-time:

sudo tail -f /var/log/httpd/error_log  
Updating Packages

Keep your system and LAMP stack updated:

sudo dnf update  
File Permissions

Fix permissions for web directories:

sudo chown -R apache:apache /var/www/html  
sudo chmod -R 755 /var/www/html  
Common PHP-Related Commands

Check PHP version:

php -v  

Securing your website with an SSL certificate is essential for establishing a secure connection and encrypting data between users and your server. Here, we’ll guide you through the process of installing a Let’s Encrypt SSL certificate on an Amazon Linux 2023 server running Apache, and we’ll configure virtual hosts for handling multiple domains.

Before You Start

Make sure you have the following prerequisites ready:

  • An Amazon Linux 2023 server with root or sudo privileges.
  • registered domain name with access to its DNS records for association with your server’s public IP.
  • Comfortable familiarity with Linux terminal commands.
  • Understanding of Apache server management for SSL setup.
  • Basic knowledge about SSL certificates and their role in securing data.
Preparing the Amazon Linux Environment

Begin by ensuring your Amazon Linux 2023 environment is up-to-date:

sudo dnf update -y
Installing Apache and mod_ssl

Apache is a widely-used web server, and mod_ssl is an Apache module that facilitates SSL encryption.

To install Apache and mod_ssl on Amazon Linux 2023:

sudo dnf install httpd mod_ssl

Configure Apache to start on boot:

sudo systemctl start httpd
sudo systemctl enable httpd

Check if Apache is running:

sudo systemctl status httpd

Alternatively, enter your server’s IP address in a browser to see the Apache test page.

Configuring Virtual Host

Edit the virtual host configuration file:

sudo vi /etc/httpd/conf.d/vhost.conf

Add the following content, replacing echomediacloud.com with your domain:

<VirtualHost *:80>
    ServerName echomedicacloud.com
    ServerAlias www.echomedicacloud.com
    DocumentRoot /var/www/html
    ServerAdmin info@echomedicacloud.com
    <Directory /var/www/html>
        AllowOverride All
    </Directory>
</VirtualHost>

Save and exit the editor.

Acquiring the SSL Certificate

We’ll use Let’s Encrypt to obtain a free SSL certificate.

Installing Certbot
sudo dnf install python3 augeas-libs

sudo python3 -m venv /opt/certbot/
sudo /opt/certbot/bin/pip install --upgrade pip

sudo /opt/certbot/bin/pip install certbot certbot-apache
sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot
Obtaining the SSL Certificate

Run Certbot and follow the instructions:

sudo certbot --apache

Be sure to enter your email and agree to the terms. For better security, select the option to enforce HTTPS access.

Confirming SSL Installation

Restart Apache to apply changes:

sudo systemctl restart httpd
Verify SSL by visiting https://yourdomain.com and checking the certificate status:
sudo certbot certificates
Setting Up Automatic Certificate Renewal

Since Let’s Encrypt certificates are valid for 90 days, regular renewal is necessary.

Test the renewal process:

sudo certbot renew --dry-run