This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
deb12:lamp [2024/04/22 15:27] – [Installation] Bernard Condrau | deb12:lamp [2024/05/23 06:25] (current) – [Links] Bernard Condrau | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== | + | ====== |
===== Apache 2.4 Installation ===== | ===== Apache 2.4 Installation ===== | ||
- Install apache 2.4< | - Install apache 2.4< | ||
Line 8: | Line 8: | ||
- Create sub folders in ''/ | - Create sub folders in ''/ | ||
- Install and configure [[deb11: | - Install and configure [[deb11: | ||
+ | |||
+ | ==== Settings ==== | ||
+ | * Harden apache | ||
+ | * change // | ||
+ | * add //Require all granted// to your web space, possibly exclude black listed ip addresses, and restrict access to phpmyadmin etc. Put a respective conf file into / | ||
+ | * '' | ||
+ | vim / | ||
+ | MaxRequestedWorkers 400 | ||
+ | ServerLimit 400 | ||
+ | $ sudo service apache2 restart</ | ||
+ | |||
+ | ==== Links ==== | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
===== PHP Installation ===== | ===== PHP Installation ===== | ||
Line 20: | Line 36: | ||
$ sudo a2enmod proxy_http | $ sudo a2enmod proxy_http | ||
$ sudo a2enmod rewrite</ | $ sudo a2enmod rewrite</ | ||
+ | |||
+ | ==== Settings ==== | ||
+ | * '' | ||
+ | max_input_vars = 2000 | ||
+ | memory_limit = 512M | ||
+ | post_max_size = 32M | ||
+ | sys_temp_dir = "/ | ||
+ | upload_tmp_dir = "/ | ||
+ | upload_max_filesize = 16M | ||
+ | date.timezone = Asia/ | ||
+ | * '' | ||
+ | short_open_tag = On | ||
+ | max_execution_time=120 | ||
+ | max_input_time=150 | ||
+ | max_input_vars = 2000 | ||
+ | memory_limit = 512M | ||
+ | error_reporting=E_ALL & ~E_DEPRECATED & ~E_STRICT | ||
+ | display_errors=On | ||
+ | post_max_size = 32M | ||
+ | sys_temp_dir = "/ | ||
+ | upload_tmp_dir = "/ | ||
+ | upload_max_filesize=128M | ||
+ | date.timezone=Asia/ | ||
+ | * Check ini files | ||
+ | * apache2: load a php file with the following content< | ||
+ | * cli:< | ||
+ | |||
+ | ==== Links ==== | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
* [[https:// | * [[https:// | ||
+ | * [[https:// | ||
===== PHP Extensions ===== | ===== PHP Extensions ===== | ||
Line 38: | Line 85: | ||
- Check PHP apache2 Version: call phpinfo(); in a script | - Check PHP apache2 Version: call phpinfo(); in a script | ||
- Once you have installed a required extension, use the below command to verify it< | - Once you have installed a required extension, use the below command to verify it< | ||
- | * [[https:// | ||
- | ===== Settings ===== | + | ==== Links ==== |
- | ==== Harden apache | + | * [[https://tecadmin.net/switch-between-multiple-php-version-on-debian/|How to Switch between Multiple PHP Version on Debian 12/11/10]] |
- | * change | + | * [[https://tecadmin.net/install-multiple-php-version-with-apache-on-debian/|How to Install Multiple PHP Version with Apache on Debian 11/10]] |
- | * add //Require all granted// to your web space, possibly exclude black listed ip addresses, and restrict access to phpmyadmin etc. Put a respective conf file into /etc/ | + | |
- | ==== Check ini files ==== | ||
- | * apache2: load a php file with the following content< | ||
- | * cli:< | ||
- | |||
- | ==== php.ini ==== | ||
- | * < | ||
- | max_input_vars = 2000 | ||
- | memory_limit = 512M | ||
- | post_max_size = 32M | ||
- | sys_temp_dir = "/ | ||
- | upload_tmp_dir = "/ | ||
- | upload_max_filesize = 16M | ||
- | date.timezone = Asia/ | ||
===== Xdebug ===== | ===== Xdebug ===== | ||
- Open terminal and write following command:< | - Open terminal and write following command:< | ||
Line 74: | Line 106: | ||
make</ | make</ | ||
- Copy the module to:< | - Copy the module to:< | ||
- | - Modify | + | - Add the configuration in a new file to '' |
+ | * <color red>**Xdebug 2 config**</ | ||
xdebug.remote_enable=1 | xdebug.remote_enable=1 | ||
- | xdebug.remote_port=9000 (default: 9000) | ||
xdebug.profiler_enable=0 | xdebug.profiler_enable=0 | ||
xdebug.profiler_enable_trigger=1 | xdebug.profiler_enable_trigger=1 | ||
- | xdebug.profiler_output_dir=PATH_TO_PROFILER_OUTPUT_DIR | + | xdebug.trace_output_dir=PATH_TO_OUTPUT |
- | xdebug.remote_log=PATH_TO_LOG/ | + | xdebug.profiler_output_dir=PATH_TO_OUTPUT |
- | - Change the PATH_TO_PROFILER_OUTPUT_DIR to point to the directory you want to receive profiler output. change PATH_TO_LOG to point to the directory where you want to receive | + | xdebug.gc_stats_output_dir=PATH_TO_OUTPUT |
- | | + | xdebug.remote_log=PATH_TO_LOG/ |
- | - Restart your webserver. | + | xdebug.remote_port=9000 |
- | - Create a PHP page that has phpinfo(). Load it in a browser and look for the info on the Xdebug module. If you see it next to the Zend logo, you have been successful! | + | xdebug.remote_host=127.0.0.1</ |
- | - On the command line, you can also '' | + | |
+ | xdebug.mode=debug, | ||
+ | xdebug.start_with_request=trigger | ||
+ | xdebug.start_upon_error=no | ||
+ | xdebug.output_dir=PATH_TO_OUTPUT | ||
+ | xdebug.log=/ | ||
+ | xdebug.log_level=10 | ||
+ | xdebug.var_display_max_children=-1 | ||
+ | xdebug.var_display_max_data=-1 | ||
+ | xdebug.var_display_max_depth=-1 | ||
+ | xdebug.client_port=9003 | ||
+ | xdebug.client_host=127.0.0.1</ | ||
+ | - '' | ||
+ | - Make sure the xdebug configuration | ||
+ | - Also update php.ini files in adjacent directories (// | ||
+ | - Read [[# | ||
+ | - Read [[https:// | ||
+ | - Restart your webserver | ||
+ | - Create a PHP page with ''<? | ||
+ | - Create a PHP page with ''<? | ||
+ | - On the command line, you can also '' | ||
+ | |||
+ | ==== Links ==== | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
===== MariaDB 10.11.6 Installation ===== | ===== MariaDB 10.11.6 Installation ===== | ||
- | | + | |
+ | - Start MariaDB< | ||
+ | - Secure the installation following [[https:// | ||
+ | - Assign a password to root | ||
+ | - Dump all databases on the old server< | ||
+ | - Copy '' | ||
===== phpMyAdmin ===== | ===== phpMyAdmin ===== | ||
* [[deb11: | * [[deb11: | ||
- | Debian 10/11, other than Debian 9, require manual installation of phpmyadmin, phpmyadmin has been removed from Debian' | ||
- | ==== Configuration ==== | + | ===== WSL (Windows Subsystem for Linux) ===== |
- | * To begin, make a new directory where phpMyAdmin will store its temporary files and set ownership:< | + | |
- | sudo chown -R www-data: | + | |
- | * In the same folder, create a file with the blowfish secret passphrase and set permissions:< | + | |
- | <?php | + | |
- | $cfg[' | + | |
- | < | + | |
- | sudo chown root: | + | |
- | sudo chmod 640 / | + | |
- | * Copy folder {{: | + | |
- | * Symlink the configuration files for apache:< | + | |
- | ln -s ../ | + | |
- | cd ../ | + | |
- | ln -s ../ | + | |
- | * Symlink the configuration files for phpmyadmin in it's root folder:< | + | |
- | ln -s / | + | |
- | ln -s / | + | |
- | ln -s / | + | |
- | * Create a additional config file with the path to the **tmp** directory:< | + | |
- | <?php | + | |
- | $cfg[' | + | |
- | * Make sure the // | + | |
- | SELECT user,host FROM mysql.user; | + | |
- | CREATE USER ' | + | |
- | GRANT USAGE ON phpmyadmin.* TO phpmyadmin</ | + | |
- | * The password is in file / | + | |
- | sudo chmod 640 / | + | |
- | * Create a regular MariaDB user for the purpose of managing databases through phpMyAdmin, as it’s recommended that you log in using another account than the pma user. You could create a user that has privileges to all tables within the database, as well as the power to add, change, and remove user privileges, with this command. Whatever privileges you assign to this user, be sure to give it a strong password as well:< | + | |
- | GRANT ALL PRIVILEGES ON *.* TO ' | + | |
- | exit</ | + | |
- | * [[https:// | + | |
- | ==== Security ==== | + | |
- | * You should secure access to phpmyadmin, for example by limiting access to verified ip addresses | + | |
- | ===== Windows Subsystem for Linux ===== | + | |
* For Windows Subsystem for Linux, create a **Virtual Host** file with document root in /// | * For Windows Subsystem for Linux, create a **Virtual Host** file with document root in /// | ||
* You should set the apache user to the one who owns the files in the document root, which helps avoiding problems with permissions on the Windows NTFS file system:< | * You should set the apache user to the one who owns the files in the document root, which helps avoiding problems with permissions on the Windows NTFS file system:< | ||
Line 142: | Line 170: | ||
icacls X: | icacls X: | ||
- | ===== apache2 settings ===== | + | ==== WSL1 with Xdebug |
- | ==== MaxRequestedWorkers | + | * WSL1 runs networking in '' |
- | Modify | + | * You do not need to set '' |
- | vim /etc/apache2/mods-available/mdm-prefork.conf | + | * Will work with default configuration settings |
- | | + | ==== WSL2 (NAT) ==== |
- | ServerLimit 400 | + | * WSL2 set to '' |
- | $ sudo service apache2 restart</ | + | * Your Linux box runs within a Hyper-V Virtual Machine |
+ | * You can access the Windows host through the IP address stored in '' | ||
+ | * '' | ||
+ | IP=$(ip route show | grep -i default | awk '{ print $3}') | ||
+ | INI="/home/bco/conf/xdebug.host.ini" | ||
+ | echo -e " | ||
+ | echo -e " | ||
+ | * Check the xdebug logfile with '' | ||
+ | === Windows host IP address === | ||
+ | * Alternatively you could use the Windows host IP address (feasible if it remains the same through re-boots) in which case you need to add a firewall rule to allow access through the xdebug port. Command to run in an elevated PowerShell:< | ||
+ | * Commands to check or remove the firewall rule:< | ||
+ | Remove-NetFirewallRule -DisplayName " | ||
+ | ==== WSL2 (mirrored) ==== | ||
+ | * WSL2 set to '' | ||
+ | * This networking mode is available for Windows 11 23H2 and later | ||
+ | * To enabled '' | ||
+ | networkingMode=mirrored</ | ||
+ | * Your Linux box runs within a Hyper-V Virtual Machine | ||
+ | * You can access the Windows host through the IP address '' | ||
+ | * '' | ||
+ | * Check the xdebug logfile with '' | ||
+ | * Note that WSL in '' | ||
==== Links ==== | ==== Links ==== | ||
- | * [[https://community.letsencrypt.org/ | + | * [[https://gist.github.com/SomajitDey/68e8cd639e3bf592bded035630cf86ec|How to forward WSL2 port to Windows port and vice versa]] |
- | * [[https:// | + | |
- | * [[https:// | + | |
- | * [[https:// | + | |
- | * [[https:// | + | |
===== SSL for localhost ===== | ===== SSL for localhost ===== | ||
==== Ignore invalid certificates ==== | ==== Ignore invalid certificates ==== | ||
Line 192: | Line 238: | ||
* You can check the domain names included in the original certificate:< | * You can check the domain names included in the original certificate:< | ||
- | === Links === | + | ==== Links ==== |
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
* [[https:// | * [[https:// | ||
* [[https:// | * [[https:// | ||
* [[https:// | * [[https:// | ||
* [[https:// | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
===== Proxy ===== | ===== Proxy ===== | ||
* Setup a VirtualHost on your main apache server, which for this example is now called " | * Setup a VirtualHost on your main apache server, which for this example is now called " | ||
Line 232: | Line 290: | ||
</ | </ | ||
</ | </ | ||
+ | |||
==== Links ==== | ==== Links ==== | ||
* [[https:// | * [[https:// | ||
* [[https:// | * [[https:// | ||
* [[https:// | * [[https:// | ||
- | ===== Links ===== | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||