Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
deb12:lamp [2024/04/21 08:45] – [Xdebug] Bernard Condraudeb12:lamp [2025/11/25 08:08] (current) – [Xdebug] Bernard Condrau
Line 1: Line 1:
-====== Apache 2.4 and PHP 5/7 ======+====== LAMP on Debian 12 ======
 ===== Apache 2.4 Installation ===== ===== Apache 2.4 Installation =====
   - Install apache 2.4<code>$ sudo apt update   - Install apache 2.4<code>$ sudo apt update
Line 8: Line 8:
   - Create sub folders in ''/var/log/apache2'' if you setup log files for the virtual hosts in sub folders   - Create sub folders in ''/var/log/apache2'' if you setup log files for the virtual hosts in sub folders
   - Install and configure [[deb11:certbot|Let's Encrypt Certbot]]   - Install and configure [[deb11:certbot|Let's Encrypt Certbot]]
 +
 +==== Settings ====
 +  * Harden apache
 +    * change //ServerTokens// and //ServerSignature// in /etc/apache2/conf.d/security.conf
 +    * add //Require all granted// to your web space, possibly exclude black listed ip addresses, and restrict access to phpmyadmin etc. Put a respective conf file into /etc/apache2/conf.d. 
 +  * ''MaxRequestedWorkers'': modify /etc/apache2/mods-available/mdm-prefork.conf and restart apache2<code>$ sudo apache2ctl -V | grep MPM
 +vim /etc/apache2/mods-available/mdm-prefork.conf
 +  MaxRequestedWorkers 400
 +  ServerLimit 400
 +$ sudo service apache2 restart</code>
 +
 +==== Links ====
 +  * [[https://community.letsencrypt.org/t/multiple-servers-one-ip-address-home-setup-issue/64210|Multiple servers one IP address]]
 +  * [[https://stackoverflow.com/questions/2364840/what-is-the-size-limit-of-a-post-request|What is the size limit of a post request?]]
 +  * [[https://confluence.jaytaala.com/display/TKB/Securing+Apache+and+blocking+a+list+of+ip+addresses|Securing Apache and blocking a list of ip addresses]]
 +  * [[https://support.plesk.com/hc/en-us/articles/214529205--Apache-keeps-going-down-on-a-Plesk-server-server-reached-MaxRequestWorkers-setting|Apache keeps going down on a Plesk server: server reached MaxRequestWorkers setting]]
  
 ===== PHP Installation ===== ===== PHP Installation =====
Line 20: Line 36:
 $ sudo a2enmod proxy_http $ sudo a2enmod proxy_http
 $ sudo a2enmod rewrite</code> $ sudo a2enmod rewrite</code>
 +
 +==== Settings ====
 +  * ''php.ini'' for production:<code>max_execution_time = 120
 +max_input_vars = 2000
 +memory_limit = 512M
 +post_max_size = 32M
 +sys_temp_dir = "/tmp"
 +upload_tmp_dir = "/tmp"
 +upload_max_filesize = 16M
 +date.timezone = Asia/Bangkok</code>
 +  * ''php.ini'' for development:<code>output_buffering=off
 +short_open_tag = On
 +max_execution_time=120
 +max_input_time=150
 +max_input_vars = 2000
 +memory_limit = 512M
 +error_reporting=E_ALL & ~E_DEPRECATED & ~E_STRICT
 +display_errors=On
 +post_max_size = 32M
 +sys_temp_dir = "/tmp"
 +upload_tmp_dir = "/tmp"
 +upload_max_filesize=128M
 +date.timezone=Asia/Bangkok</code>
 +  * Check ini files
 +    * apache2: load a php file with the following content<file><?php phpinfo();?></file>
 +    * cli:<file>php --ini</file>
 +
 +==== Links ====
 +  * [[https://deb.sury.org/|DEB.SURY.ORG]]
 +  * [[https://www.php.net/manual/en/configuration.file.php|php.net - The configuration file]]
   * [[https://opensource.com/article/22/9/deprecated-linux-apt-key|Fix the apt-key deprecation error in Linux]]   * [[https://opensource.com/article/22/9/deprecated-linux-apt-key|Fix the apt-key deprecation error in Linux]]
 +  * [[https://www.howtoforge.com/how-to-specify-a-custom-php.ini-for-a-website-apache2-with-mod_php|How To Specify A Custom php.ini For A Web Site]]
  
 ===== PHP Extensions ===== ===== PHP Extensions =====
Line 32: Line 79:
 sudo systemctl restart apache2 sudo systemctl restart apache2
 sudo service apache2 restart</code> sudo service apache2 restart</code>
-  - Set the desired PHP version for CLI:<code>sudo update-alternatives --set php /usr/bin/phpV.v+  - Check PHP cli Version<code>php -v</code> 
 +  - Set the desired PHP version for CLI (interactive):<code>sudo update-alternatives --config php 
 +sudo update-alternatives --config php-config 
 +sudo update-alternatives --config phar 
 +sudo update-alternatives --config phar.phar 
 +sudo update-alternatives --config phpize</code> 
 +  - Set the desired PHP version for CLI (manual):<code>sudo update-alternatives --set php /usr/bin/phpV.v 
 +sudo update-alternatives --set php-config /usr/bin/php-configV.v
 sudo update-alternatives --set phar /usr/bin/pharV.v sudo update-alternatives --set phar /usr/bin/pharV.v
-sudo update-alternatives --set phar.phar /usr/bin/phar.pharV.v</code> +sudo update-alternatives --set phar.phar /usr/bin/phar.pharV.v 
-  Check PHP cli Version<code>php -v</code>+sudo update-alternatives --set phpize /usr/bin/phpizeV.v</code>
   - Check PHP apache2 Version: call phpinfo(); in a script   - Check PHP apache2 Version: call phpinfo(); in a script
   - Once you have installed a required extension, use the below command to verify it<code>php -m | grep -i mysql</code>   - Once you have installed a required extension, use the below command to verify it<code>php -m | grep -i mysql</code>
-  * [[https://tecadmin.net/switch-between-multiple-php-version-on-debian/|How to Switch between Multiple PHP Version on Debian 9]] 
  
-===== Settings ===== +==== Links ==== 
-==== Harden apache ==== +  * [[https://tecadmin.net/switch-between-multiple-php-version-on-debian/|How to Switch between Multiple PHP Version on Debian 12/11/10]] 
-  * change //ServerTokens// and //ServerSignature// in /etc/apache2/conf.d/security.conf +  * [[https://tecadmin.net/install-multiple-php-version-with-apache-on-debian/|How to Install Multiple PHP Version with Apache on Debian 11/10]]
-  * add //Require all granted// to your web space, possibly exclude black listed ip addresses, and restrict access to phpmyadmin etc. Put a respective conf file into /etc/apache2/conf.d.+
  
-==== Check ini files ==== 
-  * apache2: load a php file with the following content<code><?php phpinfo();?></code> 
-  * cli:<code>php --ini</code> 
- 
-==== php.ini ==== 
-  * <code>max_execution_time = 120 
-max_input_vars = 2000 
-memory_limit = 512M 
-post_max_size = 32M 
-sys_temp_dir = "/tmp" 
-upload_tmp_dir = "/tmp" 
-upload_max_filesize = 16M 
-date.timezone = Asia/Bangkok</code> 
 ===== Xdebug ===== ===== Xdebug =====
-  - Open terminal and write following command:<code>php -i > /var/www/html/php_info.txt</code> +  - Start the web server and //View page source// of the output of ''phpinfo();'' 
-  - Copy the output from /var/www/html/php_info.txt+  - Copy the entire page
   - Go to the [[https://xdebug.org/wizard|Xdebug: Installation Wizard]], and paste the output inside the text box on the page. It will analyze the output and will recommend the most suited package of Xdebug.   - Go to the [[https://xdebug.org/wizard|Xdebug: Installation Wizard]], and paste the output inside the text box on the page. It will analyze the output and will recommend the most suited package of Xdebug.
   - Download that package from the output before by clicking on it's name, for example xdebug-3.3.2.tgz   - Download that package from the output before by clicking on it's name, for example xdebug-3.3.2.tgz
   - Install the pre-requisites for compiling PHP extensions<code>sudo apt install phpV.v-dev autoconf automake</code>   - Install the pre-requisites for compiling PHP extensions<code>sudo apt install phpV.v-dev autoconf automake</code>
 +  - If you have more than one php version installed you need to [[#set_or_change_php_version|Set or change PHP version]] first
   - Unpack the downloaded file with ''tar -xvzf xdebug-3.3.2.tgz'' within a temp folder, then change to that folder, run ''phpize'' and check it's output:<code>cd xdebug-3.3.2   - Unpack the downloaded file with ''tar -xvzf xdebug-3.3.2.tgz'' within a temp folder, then change to that folder, run ''phpize'' and check it's output:<code>cd xdebug-3.3.2
 phpize phpize
Line 69: Line 109:
 PHP Api Version:         20230831 (8.3) PHP Api Version:         20230831 (8.3)
 Zend Module Api No:      20230831 Zend Module Api No:      20230831
-Zend Extension Api No:   3220170718 (7.2), 320190902 (7.4)</code>+Zend Extension Api No:   420230831</code>
   - If it does not, you are using the wrong phpize. Please follow [[https://xdebug.org/docs/faq#custom-phpize|this FAQ entry]] and skip the next step.   - If it does not, you are using the wrong phpize. Please follow [[https://xdebug.org/docs/faq#custom-phpize|this FAQ entry]] and skip the next step.
   - Run:<code>./configure   - Run:<code>./configure
 make</code> make</code>
-  - Copy the module to:<code>sudo cp modules/xdebug.so /usr/lib/php/{20170718, 20190902}</code> +  - Copy the module to ''20230831'', the date-string taken from the output of phpize:<code>sudo cp modules/xdebug.so /usr/lib/php/20230831</code> 
-  - Modify the configuration in /etc/php/{7.2, 7.4}/cli/php.ini for Xdebug 2:<file>zend_extension = /usr/lib/php/{20170718, 20190902}/xdebug.so+  - Add the configuration in a new file to ''/etc/php/<V.v>/[apache2|cli]/conf.d/80-xdebug.ini'' (V.v is the php version, e.g. ''8.3''): 
 +    * <color red>**Xdebug 2 config**</color><code>zend_extension = /usr/lib/php/20230831/xdebug.so
 xdebug.remote_enable=1 xdebug.remote_enable=1
-xdebug.remote_port=9000 (default: 9000) 
 xdebug.profiler_enable=0  xdebug.profiler_enable=0 
 xdebug.profiler_enable_trigger=1 xdebug.profiler_enable_trigger=1
-xdebug.profiler_output_dir=PATH_TO_PROFILER_OUTPUT_DIR +xdebug.trace_output_dir=PATH_TO_OUTPUT 
-xdebug.remote_log=PATH_TO_LOG/xdebug.log</file> +xdebug.profiler_output_dir=PATH_TO_OUTPUT 
-    - Change the PATH_TO_PROFILER_OUTPUT_DIR to point to the directory you want to receive profiler outputchange PATH_TO_LOG to point to the directory where you want to receive xdebug.log+xdebug.gc_stats_output_dir=PATH_TO_OUTPUT 
-    - Make sure that zend_extension = /usr/lib/php/20190902/xdebug.so is below the line for OPcache. Please also update php.ini files in adjacent directories (//apache2// and //cli//), as your system might be configured with a separate php.ini file for the web server and command line. +xdebug.remote_log=PATH_TO_LOG/xdebug.log 
-  - Restart your webserver. +xdebug.remote_port=9000 
-  - Create a PHP page that has phpinfo(). Load it in a browser and look for the info on the Xdebug module. If you see it next to the Zend logo, you have been successful! +xdebug.remote_host=127.0.0.1</code> 
-  - On the command line, you can also ''php -m''. This lists all loaded modules. Xdebug should appear twice there (once under 'PHP Modules' and once under 'Zend Modules').+    * <color red>**Xdebug 3 config**</color><code>zend_extension = /usr/lib/php/20230831/xdebug.so 
 +xdebug.mode=debug,develop 
 +xdebug.start_with_request=trigger 
 +xdebug.start_upon_error=no 
 +xdebug.output_dir=PATH_TO_OUTPUT 
 +xdebug.log=/PATH/TO/LOG/xdebug.log 
 +xdebug.log_level=10 
 +xdebug.var_display_max_children=-1 
 +xdebug.var_display_max_data=-1 
 +xdebug.var_display_max_depth=-1 
 +xdebug.client_port=9003 
 +xdebug.client_host=127.0.0.1</code> 
 +  - ''PATH_TO_OUTPUT'' and ''PATH_TO_LOG'' must be writable for the php process (apache or cli) 
 +  - Make sure the xdebug configuration is loaded last (e.g., ''zend_extension'' directive must be below the line for OPcache
 +  - Also update php.ini files in adjacent directories (//apache2// and //cli//), as your system might be configured with a separate php.ini file for the web server and command line. 
 +  - Read [[#wsl_windows_subsystem_for_linux|WSL (Windows Subsystem for Linux)]] if you are running your LAMP server inside WSL 
 +  - Read [[https://xdebug.org/docs/upgrade_guide|Upgrading from Xdebug 2 to 3]] if you are upgrading 
 +  - Restart your webserver after configuration changes 
 +  - Create a PHP page with ''<?php phpinfo(); ?>''. Load it in a browser and look for the info on the Xdebug module. If you see it next to the Zend logo, you have been successful! 
 +  - Create a PHP page with ''<?php xdebug_info(); ?>''. Load it in a browser to verify the Xdebug configuration 
 +  - On the command line, you can also ''php -m''. This lists all loaded modules. Xdebug should appear twice there (once under 'PHP Modules' and once under 'Zend Modules')
  
-===== phpMyAdmin ===== +==== Links ==== 
-Debian 10/11, other than Debian 9, require manual installation of phpmyadmin, phpmyadmin has been removed from Debian's repositories. +  * [[https://xdebug.org/docs/install|Xdebug: Installation]] 
-==== Installation ==== +  * [[https://xdebug.org/docs/all_settings|Xdebug: all settings]] 
-  * Download [[https://www.phpmyadmin.net/downloads/|phpMyAdmin]] from the Downloads page, scroll down to the table with download links for the latest stable release, and copy the download link ending in tar.gz:<code>wget https://files.phpmyadmin.net/phpMyAdmin/5.0.2/phpMyAdmin-5.0.2-english.tar.gz</code> +  * [[https://xdebug.org/docs/upgrade_guide|Upgrading from Xdebug 2 to 3]]
-  * Unzip the tarball, then move the folder:<code>tar xvf phpMyAdmin-5.0.2-english.tar.gz +
-sudo mv phpMyAdmin-5.0.2-english/ /usr/share/phpmyadmin</code>+
  
-==== Configuration ==== +===== MariaDB 10.11.6 Installation ===== 
-  * To begin, make a new directory where phpMyAdmin will store its temporary files and set ownership:<code>sudo mkdir -p /var/lib/phpmyadmin/tmp +  - Install<file>sudo apt install mariadb-server</file
-sudo chown -R www-data:www-data /var/lib/phpmyadmin</code+  - Start MariaDB<file>$ sudo service mariadb start</file
-  * In the same folder, create a file with the blowfish secret passphrase and set permissions:<code>sudo vim /var/lib/phpmyadmin/blowfish_secret.inc.php +  - Secure the installation following [[https://linuxgenie.net/how-to-install-mariadb-on-debian-12-bookworm-distribution/|How to Install MariaDB on Debian 12 Bookworm Distribution]]<file>sudo mariadb-secure-installation</file
-<?php +  - Assign a password to root 
-$cfg['blowfish_secret'] = '32-CHAR-LONG-SECRET-KEY'; +  - Dump all databases on the old server<file>sudo mysqldump --all-databases > sql_file.sql</file
-<ESC>:wq +  - Copy ''sql_file.sql'' to the new server and remove databases ''mysql'' and ''phpmyadmin'' from the dump file, then import with<file>$ sudo mysql < sql_file.sql</file> 
-sudo chown root:www-data /var/lib/phpmyadmin/blowfish_secret.inc.php + 
-sudo chmod 640 /var/lib/phpmyadmin/blowfish_secret.inc.php</code+===== phpMyAdmin ===== 
-  * Copy folder {{:deb9:phpmyadmin.zip|phpmyadmin}} from a Debian 9 installation to /etc. Check the **apache.conf** file and remove path elements in //php_admin_value open_basedir// which do not exist in your system. +  * [[deb11:phpmyadmin|phpMyAdmin]]
-  * Symlink the configuration files for apache:<code>cd /etc/apache2/conf-available +
-ln -s ../../phpmyadmin/apache.conf phpmyadmin.conf +
-cd ../conf-enabled +
-ln -s ../conf-available/phpmyadmin.conf phpmyadmin.conf</code> +
-  * Symlink the configuration files for phpmyadmin in it's root folder:<code>cd /usr/share/phpmyadmin +
-ln -s /etc/phpmyadmin/config.inc.php config.inc.php +
-ln -s /etc/phpmyadmin/config.header.inc.php config.header.inc.php +
-ln -/etc/phpmyadmin/config.footer.inc.php config.footer.inc.php</code> +
-  * Create a additional config file with the path to the **tmp** directory:<code>vim /etc/phpmyadmin/conf.d/tempdir.php +
-<?php +
-$cfg['TempDir'] = '/var/lib/phpmyadmin/tmp';</code+
-  * Make sure the //phpmyadmin// user has been created in mysql:<code>mysql -u <my-admin-user> -p +
-SELECT user,host FROM mysql.user; +
-CREATE USER 'user'@'localhost' IDENTIFIED BY 'password'; +
-GRANT USAGE ON phpmyadmin.* TO phpmyadmin</code> +
-  * The password is in file /etc/phpmyadmin/config-db.php. Restrict permissions of that file as it contains a password:<code>sudo chown root:www-data /etc/phpmyadmin/config-db.php +
-sudo chmod 640 /etc/phpmyadmin/config-db.php</code+
-  * Create a regular MariaDB user for the purpose of managing databases through phpMyAdmin, as it’s recommended that you log in using another account than the pma userYou could create a user that has privileges to all tables within the database, as well as the power to add, change, and remove user privileges, with this command. Whatever privileges you assign to this user, be sure to give it a strong password as well:<code>sudo mariadb +
-GRANT ALL PRIVILEGES ON *.* TO 'user'@'localhostIDENTIFIED BY 'passwordWITH GRANT OPTION; +
-exit</code+
-  * [[https://docs.phpmyadmin.net/en/latest/config.html|phpMyAdmin Configuration]]+
  
-==== Manual Upgrade on Debian 9 ==== +===== WSL (Windows Subsystem for Linux=====
-  * Check latest version of [[https://www.phpmyadmin.net/|phpMyAdmin]] +
-  * Download and install<code>cd /usr/share/phpmyadmin/ +
-sudo wget https://files.phpmyadmin.net/phpMyAdmin/5.1.0/phpMyAdmin-5.1.0-english.tar.gz +
-tar xzf phpMyAdmin-5.1.0-english.tar.gz +
-sudo mv phpMyAdmin-5.1.0-english phpmyadmin</code> +
-  * Modify the following lines in /usr/share/phpmyadmin/libraries/vendor_config.php<code>define('TEMP_DIR', '/var/lib/phpmyadmin/tmp/'); +
-define('CONFIG_DIR', '/etc/phpmyadmin/');</code> +
-  * See [[https://kenfavors.com/code/how-to-manually-upgrade-phpmyadmin/|How To Manually Upgrade phpMyAdmin]] and [[https://phpsolved.com/phpmyadmin-blowfish-secret-generator/|phpMyAdmin blowfish secret generator]] +
-==== Security ==== +
-  * You should secure access to phpmyadmin, for example by limiting access to verified ip addresses +
-===== Windows Subsystem for Linux =====+
   * For Windows Subsystem for Linux, create a **Virtual Host** file with document root in ///mnt/<drive>/htdocs// or similar, if you need to access it through the Windows file system.   * For Windows Subsystem for Linux, create a **Virtual Host** file with document root in ///mnt/<drive>/htdocs// or similar, if you need to access it through the Windows file system.
   * You should set the apache user to the one who owns the files in the document root, which helps avoiding problems with permissions on the Windows NTFS file system:<code>export APACHE_RUN_USER=<user>   * You should set the apache user to the one who owns the files in the document root, which helps avoiding problems with permissions on the Windows NTFS file system:<code>export APACHE_RUN_USER=<user>
Line 152: Line 178:
 icacls X:\FULL_PATH_TO_FOLDER /grant Administrators:F /t</code> icacls X:\FULL_PATH_TO_FOLDER /grant Administrators:F /t</code>
  
-===== apache2 settings ===== +==== WSL1 with Xdebug ==== 
-==== MaxRequestedWorkers ==== +  * WSL1 runs networking in ''bridged'' mode 
-Modify /etc/apache2/mods-available/mdm-prefork.conf and restart apache2<code>sudo apache2ctl -V | grep MPM +  * You do not need to set ''xdebug.client_host'' (Xdebug2: ''xdebug.remote_host''
-vim /etc/apache2/mods-available/mdm-prefork.conf +  * Will work with default configuration settings 
-  MaxRequestedWorkers 400 +==== WSL2 (NAT) ==== 
-  ServerLimit 400 +  * WSL2 set to ''NAT'' networking mode (default) 
-sudo service apache2 restart</code>+  * Your Linux box runs within a Hyper-V Virtual Machine 
 +  * You can access the Windows host through the IP address stored in ''/etc/resolv.conf'' 
 +  * ''xdebug.client''_host must be configured to use this IP address. Separate the directive from the xdebug settings by copying it into a separate file to be loaded after the xdebug settings, then run a script to update this IP address before starting or restarting the LAMP server:<code>#!/bin/bash 
 +IP=$(ip route show | grep -i default | awk '{ print $3}') 
 +INI="/home/bco/conf/xdebug.host.ini" 
 +echo -e "[Xdebug]" > $INI 
 +echo -e "xdebug.client_host=$IP" >> $INI</code> 
 +  * Check the xdebug logfile with ''tail -f /path/to/log/xdebug.log'' until this is working properly
  
 +=== Windows host IP address ===
 +  * Alternatively you could use the Windows host IP address (feasible if it remains the same through re-boots) in which case you need to add a firewall rule to allow access through the xdebug port. Command to run in an elevated PowerShell:<code>New-NetFirewallRule -DisplayName "xdebug" -InterfaceAlias "vEthernet (WSL (Hyper-V firewall))" -Direction Inbound -Protocol TCP -LocalPort 9003 -Action Allow</code>
 +  * Commands to check or remove the firewall rule:<code>Get-NetFirewallRule -DisplayName "xdebug"
 +Remove-NetFirewallRule -DisplayName "xdebug"</code>
  
 +==== WSL2 (mirrored) ====
 +  * WSL2 set to ''mirrored'' networking mode
 +  * This networking mode is available for Windows 11  23H2 and later
 +  * To enabled ''mirrored'' mode, save the following content as file ''.wslconfig'' into folder ''C:\Users\<user>'' on your Windows host<file>[wsl2]
 +networkingMode=mirrored</file>
 +  * Your Linux box runs within a Hyper-V Virtual Machine
 +  * You can access the Windows host through the IP address ''127.0.0.1'', no firewall rule is necessary
 +  * ''xdebug.client''_host must be configured to use this IP address
 +  * Check the xdebug logfile with ''tail -f /path/to/log/xdebug.log'' until this is working properly
 +  * Note that WSL in ''mirrored'' mode is less secure and can be directly accessed from your LAN
 ==== Links ==== ==== Links ====
-  * [[https://community.letsencrypt.org/t/correct-steps-to-add-another-domain-to-existing-certificate/64654/2|Correct steps to add another domain to existing certificate]] +  * [[https://gist.github.com/SomajitDey/68e8cd639e3bf592bded035630cf86ec|How to forward WSL2 port to Windows port and vice versa]] 
-  * [[https://websiteforstudents.com/revoking-lets-encrypt-certificates-on-ubuntu-18-04-16-04/|Revoking Let’s Encrypt Certificates]] +
-  * [[https://medium.com/@mhagemann/correct-way-to-delete-a-certbot-ssl-certificate-e8ee123e6e01|Correct Way to Delete a Certbot SSL Certificate]] +
-  * [[https://webmasters.stackexchange.com/questions/126557/what-is-the-difference-of-certbot-and-certbot-auto|What is the difference of certbot and certbot-auto?]] +
-  * [[https://www.jesusamieiro.com/remove-revoke-a-domain-in-lets-encrypt/|Remove a domain in Let’s Encrypt]]+
 ===== SSL for localhost ===== ===== SSL for localhost =====
 ==== Ignore invalid certificates ==== ==== Ignore invalid certificates ====
Line 202: Line 246:
     * You can check the domain names included in the original certificate:<code>openssl x509 -text < $CERT_FILE</code>     * You can check the domain names included in the original certificate:<code>openssl x509 -text < $CERT_FILE</code>
  
-=== Links ===+==== Trust localhost certificate on Windows 11 ==== 
 +  * Run ''certmgr.msc'', then select //Trusted Root Certification Authorities// 
 +  * Right-click on //Certificates// and select //All Tasks --> Import...//. Import the ''RootCA.crt'' file and accept all questions with default answer. 
 +==== Links ===
 +  * [[https://www.sslshopper.com/ssl-checker.html|SSL Checker]] 
 +  * [[https://community.letsencrypt.org/t/correct-steps-to-add-another-domain-to-existing-certificate/64654/2|Correct steps to add another domain to existing certificate]] 
 +  * [[https://websiteforstudents.com/revoking-lets-encrypt-certificates-on-ubuntu-18-04-16-04/|Revoking Let’s Encrypt Certificates]] 
 +  * [[https://medium.com/@mhagemann/correct-way-to-delete-a-certbot-ssl-certificate-e8ee123e6e01|Correct Way to Delete a Certbot SSL Certificate]] 
 +  * [[https://www.jesusamieiro.com/remove-revoke-a-domain-in-lets-encrypt/|Remove a domain in Let’s Encrypt]] 
 +  * [[https://linuxgenie.net/how-to-install-mariadb-on-debian-12-bookworm-distribution/|How to Install MariaDB on Debian 12 Bookworm Distribution]]
   * [[https://gist.github.com/cecilemuller/9492b848eb8fe46d462abeb26656c4f8|How to create an HTTPS certificate for localhost domains]] (reference)   * [[https://gist.github.com/cecilemuller/9492b848eb8fe46d462abeb26656c4f8|How to create an HTTPS certificate for localhost domains]] (reference)
   * [[https://letsencrypt.org/docs/certificates-for-localhost/|Let's Encrypt: Certificates for localhost]]   * [[https://letsencrypt.org/docs/certificates-for-localhost/|Let's Encrypt: Certificates for localhost]]
   * [[https://www.section.io/engineering-education/how-to-get-ssl-https-for-localhost/|How to Get SSL HTTPS for localhost]]   * [[https://www.section.io/engineering-education/how-to-get-ssl-https-for-localhost/|How to Get SSL HTTPS for localhost]]
   * [[https://www.digicert.com/kb/ssl-support/apache-fix-common-ssl-errors.htm|Troubleshooting Apache SSL Certificate Errors]]   * [[https://www.digicert.com/kb/ssl-support/apache-fix-common-ssl-errors.htm|Troubleshooting Apache SSL Certificate Errors]]
 +  * [[https://medium.com/@mhagemann/correct-way-to-delete-a-certbot-ssl-certificate-e8ee123e6e01|Correct Way to Delete a Certbot SSL Certificate]]
 +  * [[https://certbot.eff.org/docs/install.html#certbot-auto|Remove certbot-auto]]
 +  * [[https://stackoverflow.com/questions/7580508/getting-chrome-to-accept-self-signed-localhost-certificate|Getting Chrome to accept self-signed localhost certificate]]
 +  * [[https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl|How to create a self-signed certificate with OpenSSL]]
 +  * [[https://www.ssls.com/knowledgebase/how-to-install-an-ssl-certificate-on-apache/|How to install an SSL Certificate on Apache]]
 +
 ===== Proxy ===== ===== Proxy =====
 * Setup a VirtualHost on your main apache server, which for this example is now called "proxy". * Setup a VirtualHost on your main apache server, which for this example is now called "proxy".
Line 242: Line 301:
 </VirtualHost> </VirtualHost>
 </code> </code>
 +
 ==== Links ==== ==== Links ====
   * [[https://serverfault.com/questions/486042/use-apache-as-a-https-to-http-proxy|Use apache as a HTTPS to HTTP Proxy]]   * [[https://serverfault.com/questions/486042/use-apache-as-a-https-to-http-proxy|Use apache as a HTTPS to HTTP Proxy]]
   * [[https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html|Reverse Proxy Guide]]   * [[https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html|Reverse Proxy Guide]]
   * [[https://www.jamescoyle.net/how-to/116-simple-apache-reverse-proxy-example|Simple Apache reverse proxy example]]   * [[https://www.jamescoyle.net/how-to/116-simple-apache-reverse-proxy-example|Simple Apache reverse proxy example]]
-===== Links ===== 
-  * [[https://www.itzgeek.com/how-tos/linux/debian/how-to-install-php-7-3-7-2-7-1-on-debian-10-debian-9-debian-8.html|How To Install PHP 7.4 / 7.3 / 7.2 / 7.1 on Debian 10 / Debian 9]] 
-  * [[https://deb.sury.org/|DEB.SURY.ORG]] 
-  * [[https://tecadmin.net/install-php-debian-9-stretch/|How To Install PHP (7.2, 7.1 & 5.6) on Debian 9 Stretch]] 
-  * [[https://linuxize.com/post/how-to-install-php-on-debian-9/|How to Install PHP on Debian 9]] 
-  * [[https://tecadmin.net/switch-between-multiple-php-version-on-debian/|How to Switch between Multiple PHP Version on Debian 9]] 
-  * [[https://tecadmin.net/install-multiple-php-version-with-apache-on-debian/|How to Install Multiple PHP Version with Apache on Debian 9]] 
-  * [[https://www.php.net/manual/en/simplexml.installation.php|php.net - SimpleXML Installation]] 
-  * [[https://www.php.net/manual/en/configuration.file.php|php.net - The configuration file]] 
-  * [[https://www.howtoforge.com/how-to-specify-a-custom-php.ini-for-a-website-apache2-with-mod_php|How To Specify A Custom php.ini For A Web Site]] 
-  * [[https://www.sslshopper.com/ssl-checker.html|SSL Checker]] 
-  * [[https://www.onepagezen.com/letsencrypt-auto-renew-certbot-apache/|How to Setup Auto-Renew for Let’s Encrypt SSL Certificates (Apache)]] 
-  * [[https://medium.com/@mhagemann/correct-way-to-delete-a-certbot-ssl-certificate-e8ee123e6e01|Correct Way to Delete a Certbot SSL Certificate]] 
-  * [[https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-debian-9|How To Secure Apache with Let's Encrypt on Debian 9]] 
-  * [[https://certbot.eff.org/docs/install.html#certbot-auto|Certbot-auto]] 
-  * [[https://stackoverflow.com/questions/38302401/letsencrypt-add-domain-to-existing-certificate|Letsencrypt add domain to existing certificate]] 
-  * [[https://community.letsencrypt.org/t/certbot-auto-deployment-best-practices/91979|Certbot-auto deployment best practices]] 
-  * [[https://community.letsencrypt.org/t/multiple-servers-one-ip-address-home-setup-issue/64210|Multiple servers one IP address]] 
-  * [[https://stackoverflow.com/questions/2364840/what-is-the-size-limit-of-a-post-request|What is the size limit of a post request?]] 
-  * [[https://xdebug.org/docs/install|Xdebug: Installation]] 
-  * [[https://gist.github.com/RazaChohan/51bffc660d52eae8a75dd0f9503740bf|GitHub: Xdebug Installation]] 
-  * [[https://xdebug.org/docs/all_settings|Xdebug: all settings]] 
-  * [[https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-on-debian-9|How To Install and Secure phpMyAdmin on Debian 9]] 
-  * [[https://www.digitalocean.com/community/tutorials/how-to-install-phpmyadmin-from-source-debian-10|How To Install phpMyAdmin From Source on Debian 10]] 
-  * [[https://computingforgeeks.com/install-phpmyadmin-with-apache-on-debian-10-buster/|How To Install phpMyAdmin with Apache on Debian 10]] 
-  * [[https://devanswers.co/problem-php-7-2-phpmyadmin-warning-in-librariessql-count/|Problem with phpMyAdmin and PHP 7.2]] 
-  * [[https://devanswers.co/manually-upgrade-phpmyadmin/|How to Manually Upgrade phpMyAdmin]] 
-  * [[https://www.phpmyadmin.net/downloads/|Download phpMyAdmin]] 
-  * [[https://www.itaewonpool.org/phpmyadmin/doc/html/faq.html#faq1-16|phpMyAdmin trouble shooting]] 
-  * [[https://stackoverflow.com/questions/7580508/getting-chrome-to-accept-self-signed-localhost-certificate|Getting Chrome to accept self-signed localhost certificate]] 
-  * [[https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl|How to create a self-signed certificate with OpenSSL]] 
-  * [[https://www.ssls.com/knowledgebase/how-to-install-an-ssl-certificate-on-apache/|How to install an SSL Certificate on Apache]] 
-  * [[https://confluence.jaytaala.com/display/TKB/Securing+Apache+and+blocking+a+list+of+ip+addresses|Securing Apache and blocking a list of ip addresses]] 
-  * [[https://support.plesk.com/hc/en-us/articles/214529205--Apache-keeps-going-down-on-a-Plesk-server-server-reached-MaxRequestWorkers-setting|Apache keeps going down on a Plesk server: server reached MaxRequestWorkers setting]] 
  

Know How

© 2007-2025 Bernard Condrau - Powered by DokuWiki