Setting up a web server with Apache, PHP and MariaDB

This page contains some quick notes of how one can setup a web server with Apache, PHP and MariaDB.

Server provider is Hetzner Cloud.

Initial security settings

Add new user

adduser toby

Grant administrator privileges

usermod -aG sudo toby

Don't prompt for sudo password when already logged in

sudo visudo

Add to bottom of the file:

toby     ALL=(ALL) NOPASSWD:ALL

SSH configuration

Add public key to the file authorized_keys in /home/toby/.ssh

Restrict login via SSH to specific IP

Consider restricting SSH login to specific IP addresses.

sudo ufw allow from 1.1.1.1 to any port 22

Disable SSH root login and require SSH keys

sudo nano /etc/ssh/sshd_config

Ensure the following values are set

PasswordAuthentication no
PermitRootLogin no

Execute

sudo systemctl restart sshd 

Configure Apache

sudo add-apt-repository ppa:ondrej/apache2
sudo apt install apache2
sudo ufw allow 'Apache Full'

Test that server is up using http://hostname

Configure PHP

sudo add-apt-repository ppa:ondrej/php
sudo apt-get install -y php7.4

Change DirectoryIndex by moving index.php to the start of the list

sudo nano /etc/apache2/mods-enabled/dir.conf

Configure MariaDB

sudo apt install mariadb-server mariadb-client
sudo mysql_secure_installation
sudo systemctl restart mariadb.service

Settings location: sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf

phpMyAdmin

How To Install and Secure phpMyAdmin on Ubuntu 18.04

HTTPS with Let's Encrypt

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04

Resources