CentOS and RHEL 7: Install Linux, Apache, MariaDB, PHP (LAMP) Stack

by on June 23, 2014 · 12 comments· LAST UPDATED June 27, 2014

in , , , ,

I am new Red Hat Enterprise Linux version 7 user/sysadmin/developer. This version made the big number change for RHEL 7/CentOS 7. How can I install LAMP (Linux, Apache, MariaDB, PHP) stack on a RHEL version 7 or CentOS Linux version 7 using CLI or over ssh based session?

Tutorial details
DifficultyEasy (rss)
Root privilegesYes
RequirementsCentOS/RHEL v7.x
Estimated completion time20m
RHEL 7 has been released and CentOS Linux 7 is on its way with many notable changes. This guide explains how to install LAMP server.

More about LAMP

LAMP is nothing but a software bundle or a platform consisting of Linux operating system, Apache web-server, MySQL database server and PHP (or Perl/Python)scripting language. The LAMP stack is used for building heavy-duty dynamic web sites entirely out of free and open-source software. In this tutorial, I'm going to explain how to Linux, Apache, MySQL/MariaDB (drop in replacement for MySQL), PHP (LAMP) stack On CentOS 7 or RHEL 7.

Assumptions

  • I'm assuming that you've installed basic RHEL 7 or CentOS 7 server. Open the Terminal app and type the following command as root user.
  • You must be familiar with the yum command
  • You must know your Server's IP address. Use the following command to find your server's ip address for eth0 interface:

    ifconfig eth0
    OR
    ip a show eth0
    OR
    ip addr list eth0 | awk '/inet /{sub(/\/[0-9]+/,"",$2); print $2}'
    OR
    ifconfig eth0 | awk '/inet /{print $2}'
    10.41.143.156
  • I'm going to use IP address 10.41.143.156 for testing purpose. Feel free to replace this IP address with your actual private or public IP address.

Enough talk, let's set up LAMP stack.

Step #1: Install Apache on a CentOS 7 / RHEL 7 server

Type the following yum command to install Apache web-server:
sudo yum install httpd
Sample outputs:

Loaded plugins: amazon-id, rhui-lb
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-17.el7 will be installed
--> Processing Dependency: httpd-tools = 2.4.6-17.el7 for package: httpd-2.4.6-17.el7.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-17.el7.x86_64
--> Running transaction check
---> Package httpd-tools.x86_64 0:2.4.6-17.el7 will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
--> Finished Dependency Resolution
 
Dependencies Resolved
 
======================================================================================================
 Package            Arch          Version               Repository                               Size
======================================================================================================
Installing:
 httpd              x86_64        2.4.6-17.el7          rhui-REGION-rhel-server-releases        1.2 M
Installing for dependencies:
 httpd-tools        x86_64        2.4.6-17.el7          rhui-REGION-rhel-server-releases         77 k
 mailcap            noarch        2.1.41-2.el7          rhui-REGION-rhel-server-releases         31 k
 
Transaction Summary
======================================================================================================
Install  1 Package (+2 Dependent packages)
 
Total download size: 1.3 M
Installed size: 3.9 M
Is this ok [y/d/N]: y
Downloading packages:
(1/3): httpd-tools-2.4.6-17.el7.x86_64.rpm                                     |  77 kB  00:00:00
(2/3): httpd-2.4.6-17.el7.x86_64.rpm                                           | 1.2 MB  00:00:00
(3/3): mailcap-2.1.41-2.el7.noarch.rpm                                         |  31 kB  00:00:00
------------------------------------------------------------------------------------------------------
Total                                                                 2.0 MB/s | 1.3 MB  00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : httpd-tools-2.4.6-17.el7.x86_64                                                    1/3
  Installing : mailcap-2.1.41-2.el7.noarch                                                        2/3
  Installing : httpd-2.4.6-17.el7.x86_64                                                          3/3
  Verifying  : mailcap-2.1.41-2.el7.noarch                                                        1/3
  Verifying  : httpd-tools-2.4.6-17.el7.x86_64                                                    2/3
  Verifying  : httpd-2.4.6-17.el7.x86_64                                                          3/3
 
Installed:
  httpd.x86_64 0:2.4.6-17.el7
 
Dependency Installed:
  httpd-tools.x86_64 0:2.4.6-17.el7                   mailcap.noarch 0:2.1.41-2.el7
 
Complete!
 

Enable the httpd service at boot time

To make sure the httpd service start automatically at the boot time, enter:
sudo systemctl enable httpd.service
Sample outputs:

ln -s '/usr/lib/systemd/system/httpd.service' '/etc/systemd/system/multi-user.target.wants/httpd.service'

The following command will disable the httpd service at the boot time:
sudo systemctl disable httpd.service
Sample outputs:

rm '/etc/systemd/system/multi-user.target.wants/httpd.service'

Start the httpd service on a CentOS/RHEL v7.x

sudo systemctl start httpd.service
At this stage, you can point your web-browser to your server's IP address such as http://10.41.143.156). The following page should display on screen:

Fig.01: Check if Apache is Running on CentOS/RHEL 7 server

Fig.01: Check if Apache is Running on CentOS/RHEL 7 server

Stop the httpd service on a CentOS/RHEL v7.x

sudo systemctl stop httpd.service

Restart the httpd service on a CentOS/RHEL v7.x

sudo systemctl restart httpd.service

Finding the httpd service status on a CentOS/RHEL v7.x

To verify that the httpd service is running, enter:
systemctl is-active httpd.service
Sample outputs:

active

Gracefully restart the httpd service on a CentOS/RHEL v7.x

sudo apachectl graceful

Test httpd/Apache configuration file for errors on a CentOS/RHEL v7.x

sudo apachectl configtest
Sample outputs:

Syntax OK

httpd service default configuration

  1. Default config file: /etc/httpd/conf/httpd.conf
  2. Configuration files which load modules : /etc/httpd/conf.modules.d/ directory (e.g. PHP)
  3. Select MPMs (Processing Model) as loadable modules [worker, prefork (default)] and event: /etc/httpd/conf.modules.d/00-mpm.conf
  4. Default ports: 80 and 443 (SSL)
  5. Default log files: /var/log/httpd/{access_log,error_log}

Step #2: Install MariaDB on a CentOS 7 / RHEL 7 server

MariaDB An enhanced, drop-in replacement for MySQL server. RHEL/CentOS v7.x shifts from MySQL to MariaDB for its database management system needs. Type the following yum command to install MariaDB server:
sudo yum install mariadb-server mariadb
To start mariadb, type:
sudo systemctl start mariadb.service
To make sure the mariadb service start automatically at the boot time, enter:
sudo systemctl enable mariadb.service
Sample outputs:

ln -s '/usr/lib/systemd/system/mariadb.service' '/etc/systemd/system/multi-user.target.wants/mariadb.service'

To stop/restart and disable mariadb service use the following commands:

sudo systemctl stop mariadb.service #<-- Stop mariadb server
sudo systemctl restart mariadb.service #<-- Restart mariadb server
sudo systemctl disable mariadb.service #<-- Disable mariadb server
sudo systemctl is-active mariadb.service   #<-- Is mariadb server running?

Securing MariaDB

Type the following command:
sudo /usr/bin/mysql_secure_installation
Sample outputs:

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): PRESS-ENTER-KEY
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] Y
New password: YOUR-NEW-PASSWORD-HERE
Re-enter new password: YOUR-NEW-PASSWORD-HERE
Password updated successfully!
Reloading privilege tables..
 ... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y
 ... Success!
Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
 ... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
 ... Success!
Cleaning up...
All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!

Test MariaDB installation

Type the following command
mysql -u root -p
Sample outputs:

Fig.02: Mariadb test connection on a CentOS / RHEL Linux v7.x

Fig.02: Mariadb test connection on a CentOS / RHEL Linux v7.x

Step #3: Install PHP on a CentOS/RHEL v7.x

To install PHP and modules such as gd/msyql type the following yum command:
sudo yum install php php-mysql php-gd php-pear
You must restart the httpd (Apache) service, enter:
sudo systemctl restart httpd.service
To search all other php modules, type:
sudo yum search php-
Sample outputs:

php-cli.x86_64 : Command-line interface for PHP
php-common.x86_64 : Common files for PHP
php-gd.x86_64 : A module for PHP applications for using the gd graphics library
php-ldap.x86_64 : A module for PHP applications that use LDAP
php-mysql.x86_64 : A module for PHP applications that use MySQL databases
php-odbc.x86_64 : A module for PHP applications that use ODBC databases
php-pdo.x86_64 : A database access abstraction module for PHP applications
php-pear.noarch : PHP Extension and Application Repository framework
php-pecl-memcache.x86_64 : Extension to work with the Memcached caching daemon
php-pgsql.x86_64 : A PostgreSQL database module for PHP
php-process.x86_64 : Modules for PHP script using system process interfaces
php-recode.x86_64 : A module for PHP applications for using the recode library
php-soap.x86_64 : A module for PHP applications that use the SOAP protocol
php-xml.x86_64 : A module for PHP applications which use XML
php-xmlrpc.x86_64 : A module for PHP applications which use the XML-RPC protocol

To find more info about a module type:
sudo yum info php-pgsql
To install php module called php-pgsql type:
sudo yum install php-pgsql

Test PHP on your server

Create a file called /var/www/html/test.php as follows:
sudo vi /var/www/html/test.php
Append the following code:

 
<?php
   phpinfo(INFO_GENERAL);
?>
 

Save and close the file. Point your web-browser to your server's IP address such as http://10.41.143.156/test.php (feel free to replace the 10.41.143.156 with your actual IP address):

http://10.41.143.156/test.php

Sample outputs:

Fig.03: Test Apache+PHP with phpinfo() On a CentOS/RHEL v7.x server

Fig.03: Test Apache+PHP with phpinfo() On a CentOS/RHEL v7.x server

In next part, I will cover the following topics (rss feed for RHEL7 or rss for CentOS7 tutorials):

  1. Apache configuration
  2. Virtual hosting
  3. Apache security
  4. mod_ssl
  5. Perl
  6. Firewall configuration
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 12 comments… read them below or add one }

1 CraigC June 26, 2014 at 8:52 am

Nice tutorial thanks!

Under “Test PHP on your server” there is an inconsistency between file names. test.php and info.php

Reply

2 Nix Craft June 27, 2014 at 7:29 am

Thanks for the heads up!

Reply

3 Zeon1137 July 10, 2014 at 8:22 pm

Excellent Tutorial, just booted up a RHEL 7 instance on AWS, for testing and wasn’t sure about the steps. Looking forward for the next part.

Thanks for sharing!

Reply

4 Robin July 14, 2014 at 1:03 pm

Hi,

thank’s for the great tutorial. Do you have an idea why I do not have the service. I got the error that there is no service with this name. I tried it under CentOS 7

Kind regards

Robin

Reply

5 Murdok July 14, 2014 at 3:04 pm

Here are a few notes I made after going through this guide on things you may want to do afterwords. If you’re curious about what some of it does please look it up, especially disabling SELinux and FirewallD (should only be done if non production environments):

Update CentOS:
yum update

Enable Apache and MySQL on boot:

systemctl enable httpd.service
systemctl enable mariadb.service

Disable SELinux:
setenforce 0
nano /etc/selinux/config

Secure MySQL:
mysql_secure_installation

Login to MySQL:
mysql -u root -p

Create MySQL User:
CREATE USER username
–> IDENTIFIED BY ‘password’;

Create MySQL Database:
CREATE DATABASE databasename;

Add User to Database:
grant all privileges on mydb.* to myuser@’%’ identified by ‘mypasswd’;
grant all privileges on mydb.* to myuser@localhost identified by ‘mypasswd’;

Disable FirewallD:
systemctl disable firewalld
systemctl stop firewalld

Restart MySQL & Apache
systemctl restart httpd.service
systemctl restart mariadb.service

Check Release Information:
cat /etc/*release

Reply

6 Rand August 11, 2014 at 6:46 pm

Thanks for the tips. I was having a hell of a time with the new CentOS 7 and any kind of apache OR nginx for a testing setup.

Your advice about firewalld exactly did the trick. Now I’ll read up on firewalld, and figure out that beast now!

Reply

7 codebauss September 19, 2014 at 1:32 pm

Disabling firewalld or selinux should not be done in either production or development as first it suggests bad habits and second it is just not a good practice. If you cannot get it working in development then you should not be pushing it to production.

firewalld if you have not figured it out yet is going to be pretty straight forward. firewall-cmd –permanent –add-service=http; firewall-cmd –add-service=http is the most straightforward way to add access to web server.

[root@server ~]# firewall-cmd –get-services
amanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns ftp high-availability http https imaps ipp ipp-client ipsec kerberos kpasswd ldap ldaps libvirt libvirt-tls mdns mountd ms-wbt mysql nfs ntp openvpn pmcd pmproxy pmwebapi pmwebapis pop3s postgresql proxy-dhcp radius rpc-bind samba samba-client smtp ssh telnet tftp tftp-client transmission-client vnc-server wbem-https
[root@server ~]#

firewalld is dynamic so you will either need to add both the rule using –permanent and without –permanent or after using –permanent only run firewall-cmd –reload

You can use mysql for mariadb and https to ensure you have connectivity via port 443. Another thing to check is if the bind-address setting is right for mariadb. Setting it to 0.0.0.0 is generally the best setting unless you are only doing localhost connectivity. I believe leaving it unset is equivalent to 0.0.0.0 however in my experience there are issues with leaving it unset and remote connectivity.

Reply

8 Dinkar July 20, 2014 at 11:26 pm

If possible, please also suggest way to implement LEMP (Centos, Nignx, MariaDB, PHP)

Reply

9 Srele July 25, 2014 at 8:46 pm

Please help us how to install php-mssql extension on Centos7…
We have Apache and PHP and they work fine, just php_mssql we don’t have and don’t know how to install :(

Reply

10 RapidDave August 1, 2014 at 6:13 pm

Brilliant, Murdok. Disable the security systems to install a web server. Read a book before blindly posting such bad advise. If you can’t get a web server running with SELinux or FirewallD then perhaps Windows is for you.

Reply

11 Murdok August 3, 2014 at 11:04 pm

RapidDave: Not sure why you’re being a hateful asshole but I did note not to do it on a production server and to read up on it. I didn’t want to write a book on using SELinux just in case someone only wanted a simple localhost server for practice . Again avoid disabling it on production servers. I’ll avoid trying to help in comments from now on since my notes were met with unwarranted hostility.

Reply

12 abcd September 8, 2014 at 10:24 am

great tutorial

Reply

Leave a Comment

Tagged as: , ,

Previous Faq:

Next Faq: