Tag: Ubuntu 22.04

nopCommerce is an open-source e-commerce platform that allows users to create and manage their online stores. It is built on the ASP.NET Core framework and supports multiple database systems, including MySQL, Microsoft SQL Server, and PostgreSQL as it’s backend. The platform is highly customizable and offers a wide range of features, including product management, order processing, shipping, payment integration, and customer management. nopCommerce is a popular choice for businesses of all sizes because of its flexibility, scalability, and user-friendly interface.
In this tutorial, we will guide you through the process of installing nopCommerce on Ubuntu Linux with Nginx reverse proxy and SSL.

Register Microsoft key and feed
To register the Microsoft key and feed, launch the terminal and execute these commands:

1. Download the packages-microsoft-prod.deb file by running the command:

wget https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb

2. Install the packages-microsoft-prod.deb package by running the command:

sudo dpkg -i packages-microsoft-prod.deb

Install the .NET Core Runtime
To install the .NET Core Runtime, perform the following steps:

1. Update the available product listings for installation by running the command:

sudo apt-get update

2. Install the .NET runtime by running the command:

sudo apt-get install -y apt-transport-https aspnetcore-runtime-7.0

To determine the appropriate version of the .NET runtime to install, you should refer to the documentation provided by nopCommerce, which takes into account both the version of nopCommerce you are using and the Ubuntu OS version. Refer to the link below:

https://learn.microsoft.com/en-us/dotnet/core/install/linux-ubuntu
https://learn.microsoft.com/en-us/dotnet/core/install/linux-ubuntu#supported-distributions

3. Verify the installed .Net Core runtimes by running the command:

dotnet --list-runtimes

4. Install the libgdiplus library:

sudo apt-get install libgdiplus

libgdiplus is an open-source implementation of the GDI+ API that provides access to graphic-related functions in nopCommerce and is required for running nopCommerce on Linux.

Install MySql Server
Latest nopCommerce support latest MySQL and MariaDB versions. We will install the latest MariaDB 10.6.

1. To install mariadb-server for nopCommerce, execute the following command in the terminal:

sudo apt-get install mariadb-server

2. After installing MariaDB Server, you need to set the root password. Execute the following command in the terminal to set the root password:

sudo /usr/bin/mysql_secure_installation

This will start a prompt to guide you through the process of securing your MySQL installation and setting the root password.

3. Create a database and User. We will use these details while installing nopCommerce. Replace the names of the database and the database user accordingly.

mysql -u root -p
create database  nopCommerceDB;
grant all on nopCommerceDB.* to nopCommerceuser@localhost identified by 'P@ssW0rD';

Please replace the database name, username and password accordingly.

4. Reload privilege tables and exit the database.

flush privileges;
quit;

Install nginx

1. To install Nginx, run the following command:

sudo apt-get install nginx

2. After installing Nginx, start the service by running:

sudo systemctl start nginx

3. You can verify the status of the service using the following command:

sudo systemctl status nginx

4. Nginx Reverse proxy configuration
To configure Nginx as a reverse proxy for your nopCommerce application, you’ll need to modify the default Nginx configuration file located at /etc/nginx/sites-available/nopcommerce.linuxwebhostingsupport.in. Open the file in a text editor and replace its contents with the following:

server {

    server_name nopcommerce.linuxwebhostingsupport.in;

	listen 80;
    listen [::]:80;


  location / {
    proxy_pass         http://localhost:5000;
    proxy_http_version 1.1;
    proxy_set_header   Upgrade $http_upgrade;
    proxy_set_header   Connection keep-alive;
    proxy_set_header   Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header   X-Forwarded-Proto $scheme;
    }

}

You need to replace nopcommerce.linuxwebhostingsupport.in with your domain name
5. Enable the virtual host configuration file:
Enable the server block by creating a symbolic link in the /etc/nginx/sites-enabled directory:
sudo ln -s /etc/nginx/sites-available/nopcommerce.linuxwebhostingsupport.in /etc/nginx/sites-enabled/

6. Reload Nginx for the changes to take effect:

sudo systemctl reload Nginx

Install NopCommerce

In this example, we’ll use /var/www/nopCommerce for storing the files.

1. Create a directory:

sudo mkdir /var/www/nopCommerce

2. Navigate to the directory where you want to store the nopCommerce files, Download and unpack nopCommerce:

cd /var/www/nopCommerce
sudo wget https://github.com/nopSolutions/nopCommerce/releases/download/release-4.60.2/nopCommerce_4.60.2_NoSource_linux_x64.zip
sudo apt-get install unzip
sudo unzip nopCommerce_4.60.2_NoSource_linux_x64.zip

3. Create two directories that nopCommerce needs to run properly:

sudo mkdir bin
sudo mkdir logs

4. Change the ownership of the nopCommerce directory and its contents to the www-data group:

sudo chown -R www-data.www-data  /var/www/nopCommerce/

www-data is the user Nginx webserver runs.

Create the nopCommerce service

1. Create a file named nopCommerce.service in the /etc/systemd/system directory with the following content:

[Unit]
Description=Example nopCommerce app running on Xubuntu

[Service]
WorkingDirectory=/var/www/nopCommerce
ExecStart=/usr/bin/dotnet /var/www/nopCommerce/Nop.Web.dll
Restart=always
# Restart service after 10 seconds if the dotnet service crashes:
RestartSec=10
KillSignal=SIGINT
SyslogIdentifier=nopCommerce-example
User=www-data
Environment=ASPNETCORE_ENVIRONMENT=Production
Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false

[Install]
WantedBy=multi-user.target

2. Start the nopCommerce service by running:

sudo systemctl start nopCommerce.service

3. To check the status of the nopCommerce service, use the following command:

sudo systemctl status nopCommerce.service

Also, check if the service is running on port 5000

sudo lsof -i:5000

4. After that, restart the nginx server:

sudo systemctl restart nginx

Now that the prerequisites are installed and configured, you can proceed to install and set up your nopCommerce store.

Install nopCommerce
After completing the previous steps, you can access the website through the following URL: http://nopcommerce.linuxwebhostingsupport.in. Upon visiting the site for the first time, you will be automatically redirected to the installation page as shown below:

Provide the following information in the Store Information panel:

Admin user email: This is the email address of the first administrator for the website.

Admin user password: You must create a password for the administrator account.

Confirm password: Confirm the admin user password.

Country: Choose your country from the dropdown list. By selecting a country, you can configure your store with preinstalled language packs, preconfigured settings, shipping details, VAT settings, currencies, measures, and more.

Create sample data: Check this box if you want sample products to be created. It is recommended so that you can start working with your website before adding your own products. You can always delete or unpublish these items later.

In the Database Information panel, you will need to provide the following details:

Database: Select either Microsoft SQL Server, MySQL, or PostgreSQL. Since, we are installing nopCommerce on Linux and MariaDB, choose the MySQL.

Create database if it doesn’t exist: We recommend creating your database and database user ahead of time to ensure a successful installation. Simply create a database instance and add the database user to it. The installation process will create all the tables, stored procedures, and more. Uncheck this option since we can use the database and database user we created earlier.

Enter raw connection string (advanced): Select this option if you prefer to enter a Connection string instead of filling the connection fields. For now, leave this unchecked

Server name: This is the IP, URL, or server name of your database. Use “localhost”.

Database name: This is the name of the database used by nopCommerce. Use the database we created earlier.

Use integrated Windows authentication: Leave it unchecked

SQL Username: Enter your database user name we created earlier.

SQL Password: Use your database user password we used earlier.

Specify custom collation: Leave this advanced setting empty.

Click on the Install button to initiate the installation process. Once the installation is complete, the home page of your new site will be displayed. Access your site from the following URL: http://nopcommerce.linuxwebhostingsupport.in.

Note:
You can reset a nopCommerce website to its default settings by deleting the appsettings.json file located in the App_Data folder.

Adding and Securing the nopCommerce
We will be using Let’s Encrypt to add free and secure SSL certificate.
Let’s Encrypt is a free, automated, and open certificate authority that allows you to obtain SSL/TLS certificates for your website. Certbot is a command-line tool that automates the process of obtaining and renewing these certificates, making it easier to secure your website with HTTPS.

Here are the steps to install SSL with Certbot Nginx plugins:

1.Install Certbot: First, make sure you have Certbot installed on your server. You can do this by running the following command:

sudo apt-get update
sudo apt-get install certbot python3-certbot-nginx

2. Obtain SSL Certificate: Next, you need to obtain an SSL certificate for your domain. You can do this by running the following command:
sudo certbot –nginx -d yourdomain.com

Replace yourdomain.com with your own domain name. This command will automatically configure Nginx to use SSL, obtain a Let’s Encrypt SSL certificate and set an automatic redirect from http to https.

3.Verify SSL Certificate: Once the certificate is installed, you can verify it by visiting your website using the https protocol. If the SSL certificate is valid, you should see a padlock icon in your browser’s address bar.

4. Automatic Renewal: Certbot SSL certificates are valid for 90 days. To automatically renew your SSL certificate before it expires, you can set up a cron job to run the following command:

sudo certbot renew --quiet

This will check if your SSL certificate is due for renewal and automatically renew it if necessary.

5. nopCommerce also recommend turning “UseProxy setting to true in the appsettings.json file located in the App_Data folder if we are using SSL. So change this value too.

nopCommerce is a popular open-source e-commerce platform that offers users a flexible and scalable solution for creating and managing online stores. In this tutorial, we provided a step-by-step guide for installing and configuring nopCommerce on Ubuntu Linux with Nginx reverse proxy and SSL. We covered the installation of Microsoft key and feed, .NET Core Runtime, MySQL server, and Nginx reverse proxy. We also discussed how to configure Nginx as a reverse proxy for the nopCommerce application. By following this tutorial, you can set up a secure and reliable nopCommerce e-commerce store on Ubuntu Linux.

How to install SSL with Apache on Ubuntu

By wahab

On June 4, 2022

In Uncategorized

In today’s world of online business and communication, security is more important than ever. One essential aspect of website security is SSL (Secure Sockets Layer), a protocol that encrypts data sent between a web server and a user’s web browser. By using SSL, website owners can protect their users’ personal information from being intercepted or stolen by hackers.

In this tutorial, we’ll walk you through the steps to install and secure your website with SSL on Ubuntu 22.04 using Apache2. By the end of this guide, you’ll have a secure, encrypted connection between your web server and your users’ browsers, helping to ensure their safety and privacy.

Section 1: Installing Apache2 on Ubuntu 22.04

Apache2 is a popular open-source web server software that plays a crucial role in hosting websites on the internet. In this section, we will walk through the process of installing Apache2 on Ubuntu 22.04.

Step 1: Update the Package List
Before installing any new software, it’s always a good idea to update the package list to ensure you are installing the latest version of the software. To update the package list, open the terminal on Ubuntu 22.04 and run the following command:

sudo apt update

Step 2: Install Apache2
Once the package list is updated, you can proceed with installing Apache2 by running the following command:

sudo apt install apache2

This command will download and install Apache2 along with all its dependencies. During the installation process, you will be prompted to confirm the installation by typing y and pressing Enter.

Enable and Start the Apache2 service

sudo systemctl enable apache2
sudo systemctl start  apache2

Step 3: Verify Apache2 Installation
To test if Apache2 is working correctly, open a web browser and enter your server’s IP address or domain name in the address bar. You should see the default Apache2 web page.

I hope that helps! Let me know if you have any questions or suggestions for the blog post.
If Apache2 is installed correctly, you should see a page that says “Apache2 Ubuntu Default Page”.

Congratulations, you have successfully installed Apache2 on Ubuntu 22.04! In the next section, we will proceed with securing the web server by enabling SSL.

If you encounter any issues like Connection timeout or Unable to reach the website during the verification process, one possible cause could be that the Ubuntu firewall is blocking Apache2 traffic.

To check if Apache2 is currently enabled in the firewall, you can use the following command:

sudo ufw status

If the output shows that the firewall is active and Apache2 is not listed as an allowed service, you can add it by running the following command:

sudo ufw allow 'Apache Full'

This will allow both HTTP (port 80) and HTTPS (port 443) traffic to pass through the firewall, ensuring that your website is accessible to visitors.

Section 2: Installing SSL Certificate on Ubuntu 22.04 with Apache2

There are different types of SSL certificates, including domain validated, organization validated, and extended validation certificates. Each type has different features and provides varying levels of trust and security.

To install an SSL certificate on Ubuntu 22.04 with Apache2, you’ll need to follow these steps:

Obtain an SSL certificate: You can purchase an SSL certificate from a certificate authority (CA) or obtain a free SSL certificate from Let’s Encrypt. If you already have an SSL certificate, make sure it is valid and up-to-date.

Configure Apache2 to use the SSL certificate: Apache2 needs to be configured to use the SSL certificate for secure communication. This involves creating a virtual host for the SSL-enabled website, specifying the SSL certificate and key files, and enabling SSL encryption.

You can read more about different SSL certificate types, the process to create a Certificate signing request(CSR), etc in the below blog post:

SSL Certificates: What They Are and Why Your Website Needs Them

Here are the steps for creating and configuring virtual hosts for Apache on Ubuntu 22.04:

1. Create a new virtual host configuration file:

sudo nano /etc/apache2/sites-available/linuxwebhostingsupport.in.conf

Add the following configuration to the file, replacing linuxwebhostingsupport.in with your own domain name:

<VirtualHost *:80>
    ServerAdmin admin@linuxwebhostingsupport.in
    ServerName linuxwebhostingsupport.in
	ServerAlias www.linuxwebhostingsupport.in
    DocumentRoot /var/www/html/linuxwebhostingsupport.in/html

    <Directory /var/www/html/linuxwebhostingsupport.in/html>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/linuxwebhostingsupport.in_error.log
    CustomLog ${APACHE_LOG_DIR}/linuxwebhostingsupport.in_access.log combined
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin admin@linuxwebhostingsupport.in
    ServerName linuxwebhostingsupport.in
	ServerAlias www.linuxwebhostingsupport.in
    DocumentRoot /var/www/html/linuxwebhostingsupport.in/html

    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/linuxwebhostingsupport.in.crt
    SSLCertificateKeyFile /etc/ssl/private/linuxwebhostingsupport.in.key
    SSLCertificateChainFile /etc/ssl/certs/linuxwebhostingsupport.in_cabundle.crt

    <Directory /var/www/html/linuxwebhostingsupport.in/html>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/linuxwebhostingsupport.in_error.log
    CustomLog ${APACHE_LOG_DIR}/linuxwebhostingsupport.in_access.log combined
</VirtualHost>

Note: replace the paths to SSL certificate files with your own paths.

2. Enable the virtual host configuration file:

sudo a2ensite linuxwebhostingsupport.in.conf

3. Create the documentroot
Run the following command to create the directory:

sudo mkdir -p /var/www/html/linuxwebhostingsupport.in/html

4. Create an HTML file named index.html in the new directory by running the following command:

sudo nano /var/www/html/linuxwebhostingsupport.in/html/index.html

This will open a text editor. Add the following code to the file:

<html>
    <head>
        <title>Hello, world!</title>
    </head>
    <body>
        <h1>Hello, world!</h1>
        <p>Welcome to my website!</p>
    </body>
</html>

5. Reload Apache for the changes to take effect:

sudo systemctl reload apache2

Section 3: Testing SSL on Ubuntu 22.04 with Apache2

Test your SSL configuration by visiting your domain in a web browser and verifying that the SSL certificate is valid and the website loads correctly over HTTPS. The browser should display a padlock icon and the connection should be secure

You can also use the online tools like https://www.sslshopper.com/ssl-checker.html to check the configuration further. It can show if there any issues with certificate chain or trust.

Section 4. Troubleshooting SSL on Ubuntu 22.04 with Apache2

1. Certificate errors: If you encounter a certificate error, such as a warning that the certificate is not trusted or has expired, check the certificate’s validity and ensure it’s installed correctly. You can check the certificate’s details using your web browser, and make sure it matches the domain name and other relevant details.

2. Mixed content warnings: If you see mixed content warnings, which indicate that some parts of the site are not secure, check for any resources that are still being loaded over HTTP instead of HTTPS. This can include images, scripts, and other files.

3. SSL handshake errors: If you see an SSL handshake error, this usually means there’s an issue with the SSL configuration. Check your Apache configuration files and make sure the SSL directives are properly set up. You can also check for any issues with the SSL certificate, such as an invalid or mismatched domain name.

4. Server configuration errors: If the SSL certificate is working properly, but the site is still not loading over HTTPS, check your server configuration files to make sure the VirtualHost configuration is correct. Make sure the correct SSL certificate and key files are specified and that the SSL directives are set up correctly.

5. Browser-specific issues: If you’re only experiencing SSL issues in a specific web browser, make sure the browser is up to date and try clearing the cache and cookies. You can also try disabling any browser extensions that may be interfering with the SSL connection.

Remember, troubleshooting SSL issues can be complex and may require some technical expertise. If you’re not comfortable with these steps or need additional help, it’s always a good idea to consult with a professional. You can contact me at admin @ linuxwebhostingsupport.in

Section 5: Best Practices for SSL Configuration on Ubuntu 22.04 with Apache2

Here are some tips and best practices for configuring SSL on Ubuntu 22.04 with Apache2:

1. Keep SSL certificates up to date: Make sure to renew your SSL certificates before they expire. This can be done through the certificate authority where you purchased the certificate. Keeping your SSL certificates up to date will ensure that your website visitors are not presented with security warnings or errors.

2. Configure Apache2 for HTTPS-only access: Configure your web server to only serve HTTPS traffic. This can be done by redirecting all HTTP traffic to HTTPS. To do this, add the following lines to your Apache virtual host configuration or. htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

3. Use secure ciphers and protocols: Use secure ciphers and protocols to protect the confidentiality and integrity of your website traffic. Disable weak ciphers and protocols such as SSLv2 and SSLv3. Use TLSv1.2 or higher, and prefer the use of forward secrecy. You can configure this in your Apache virtual host configuration file by adding the following lines:

SSLProtocol -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLHonorCipherOrder on

You can find more detailed instruction on making your SSL configuration strong and best practices in the below post:

Strong TLS/SSL Security on your server

By following these best practices, you can ensure that your SSL configuration is secure and up to date.

Section 6. Summary

In this tutorial, we discussed how to install and configure SSL certificates on Ubuntu 22.04 with Apache2. We covered the different types of SSL certificates, the steps for obtaining and installing an SSL certificate, and how to configure Apache2 to use the SSL certificate. We also discussed how to create virtual hosts for both SSL and non-SSL sites and how to troubleshoot SSL issues.

It’s important to emphasize the importance of SSL for website security and user trust. SSL encryption helps protect sensitive information, such as passwords and credit card numbers, from being intercepted by attackers. Additionally, having a valid SSL certificate gives users confidence that they are interacting with a legitimate website and not an imposter.

To follow best practices for SSL configuration, it’s recommended to keep SSL certificates up to date, configure Apache2 for HTTPS-only access, and use secure ciphers and protocols. By following these best practices, website owners can help ensure the security and trustworthiness of their website.

Step-by-Step Tutorial: Setting up Apache, MySQL, PHP (LAMP Stack) on Ubuntu 22.04 for Beginners

By wahab

On April 23, 2022

In Linux server

What is a LAMP Stack?

LAMP stack is a popular combination of open-source software that is used to run dynamic websites and web applications. The acronym LAMP stands for Linux (operating system), Apache (web server), MySQL (database management system), and PHP (scripting language).

Linux provides the foundation for the LAMP stack, serving as the operating system on which the other software components are installed. Apache is the web server that handles HTTP requests and serves web pages to users. MySQL is a powerful database management system that is used to store and manage website data. PHP is a popular scripting language used to create dynamic web content, such as interactive forms and web applications.

Together, these software components create a powerful platform for building and deploying web applications. The LAMP stack is highly customizable and widely used, making it an excellent choice for developers and system administrators alike.

Prerequisites

1. Ubuntu server: You will need an Ubuntu server to install the LAMP stack. You can use a Virtual/CLoud server or a physical server as per your requirement.

2. SSH access: You will need SSH access to your Ubuntu server to be able to install the LAMP stack. SSH (Secure Shell) is a secure network protocol that allows you to access and manage your server remotely.

3. Non-root user with sudo privileges: It is recommended that you use a non-root user with sudo privileges to install and configure the LAMP stack. This is because running as root can pose a security risk and may lead to unintended consequences if something goes wrong. You can also run the commands as root user.

4. Basic familiarity with Linux command line: A basic understanding of how to use the Linux command line interface (CLI) to run commands and navigate your Ubuntu server is recommended, not mandatory.

Installing a LAMP Stack on Ubuntu
In this section, the process of installing a LAMP Stack on Ubuntu 22.04 LTS is outlined. These instructions can be applied to Ubuntu 20.04 LTS as well.

A LAMP stack is a popular combination of open-source software used to run dynamic websites or web applications. LAMP stands for Linux (operating system), Apache (web server), MySQL (database management system), and PHP (scripting language). In this guide, we will walk you through the steps involved in installing and configuring a LAMP stack on an Ubuntu server.

Step 1: Update Your Ubuntu Server
Before we begin installing LAMP stack components, let’s update the server’s software packages by running the following command:

sudo apt update && sudo apt upgrade

Step 2: Install Apache
Apache is the most widely used web server software. To install it, run the following command:

sudo apt install apache2

Once the installation is complete, you can check the status of Apache by running the following command:

sudo systemctl status apache2
This will display Apache’s status as either active or inactive.

Step 3: Install MySQL
MySQL is a popular open-source database management system. To install it, run the following command:

sudo apt install mysql-server
Once the installation is complete, you can check the status of MySQL by running the following command:

sudo systemctl status mysql
This will display MySQL’s status as either active or inactive.

Step 4: Install PHP
PHP is a popular server-side scripting language used to create dynamic web content. To install it, run the following command:

sudo apt install php libapache2-mod-php php-mysql

There are several additional PHP modules recommended for a CMS like WordPress. You can install them by running the command below:
sudo apt-get install php-curl php-gd php-xml php-mbstring php-imagick php-zip php-xmlrpc
After installing these modules, you will need to restart your Apache server for the changes to take effect. You can do this by running the following command:

sudo systemctl restart apache2

Setting up firewall rules to allow access to Apache web server

UFW is the default firewall with Ubuntu systems, providing a simple command-line interface to configure iptables, the software-based firewall used in most Linux distributions. UFW provides various application profiles that can be utilized to manage traffic to and from different services. To view a list of all the available UFW application profiles, you can run the command:

sudo ufw app list

Output
Available applications: Apache Apache Full Apache Secure OpenSSH

These application profiles have different configurations for opening specific ports on the firewall. For instance:

Apache: Allows traffic on port 80, which is used for normal, unencrypted web traffic.
Apache Full: Allows traffic on both port 80 and port 443, which is used for TLS/SSL encrypted traffic.
Apache Secure: Allows traffic only on port 443 for TLS/SSL encrypted traffic.

To allow traffic on both port 80 and port 443(SSL), you can use the Apache Full profile by running the following command:

sudo ufw allow in "Apache Full"

You can verify that the change has been made by running the command:
sudo ufw status

Output

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                                
Apache Full                ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)                    
Apache Full(v6)            ALLOW       Anywhere (v6)

To test if the ports are open and Apache web server is accessible, you can try visiting your server’s public IP address in a web browser using the URL http://your_server_ip. If successful, you should see the default Apache web page.

If you can view this page, your web server is correctly installed and accessible through your firewall.

Configuring the MySQL Database server
Upon installation of MySQL, it is immediately available for use. However, in order to utilize it for web applications such as WordPress and improve the security of said applications, it is imperative to generate a database user and database. To complete the configuration process for MySQL, please adhere to the following steps.

To configure MySQL and improve application security, follow these steps:

1. Log in to the MySQL shell as the root user:

sudo mysql -u root

2. Using the MySQL shell, you can create the wpdatabase database and generate a new user account for accessing the web application. Instead of using the placeholders “dbuser” and “password” in the CREATE USER query, you should provide a real username and password. Furthermore, you should grant complete permissions to the user. After each line, MySQL should respond with “Query OK.”

CREATE DATABASE wpdatabase ; CREATE USER 'dbuser' IDENTIFIED BY 'password'; GRANT ALL ON wpdatabase .* TO 'dbuser';

Exit the SQL shell:
quit

3. Set a password for root’@’localhost:

sudo mysql ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password by 'password';

Exit the SQL shell:
quit

Note: Replace “password” with a strong password.
4. Use the mysql_secure_installation tool to increase database security:

sudo mysql_secure_installation

When prompted to change the root password, leave it unchanged. Answer Y for the following questions:

Remove anonymous users?
Disallow root login remotely?
Remove test database and access to it?
Reload privilege tables now?

To log in to the MySQL shell as root after this change, use “sudo mysql -u root” and type “quit” exit the SQL Shell.

It’s worth noting that when connecting as the root user, there’s no need to enter a password, despite having defined one during the mysql_secure_installation script. This is due to the default authentication method for the administrative MySQL user being unix_socket rather than password. Although it may appear to be a security issue, it actually strengthens the security of the database server by only allowing system users with sudo privileges to log in as the root MySQL user from the console or through an application with the same privileges. As a result, you won’t be able to use the administrative database root user to connect from your PHP application. However, setting a password for the root MySQL account acts as a precautionary measure in case the default authentication method is changed from unix_socket to password.

Creating a Virtual Host for your Website

In order to host multiple domains from a single server, Apache web server provides the capability to create virtual hosts. These virtual hosts are beneficial as they allow you to encapsulate configuration details for each domain. In this tutorial, we will walk you through setting up a domain named “example.com”. However, it is important to keep in mind that you should replace “example.com” with your own domain name.

By default, Ubuntu 22.04’s Apache web server has a single virtual host that is enabled and configured to serve documents from the /var/www/html directory. While this is a workable solution for a single site, it becomes cumbersome when hosting multiple sites. Therefore, instead of modifying /var/www/html, we will create a directory structure within the /var/www directory specifically for the example.com site. In doing so, we will leave /var/www/html in place as the default directory to be served if a client request does not match any other sites.

1. First, create a new directory for the “example.com” website files:

sudo mkdir /var/www/example.com

2. Assign the ownership of the directory to the web server user (www-data):

sudo chown -R www-data:www-data /var/www/example.com

3. Create a new virtual host configuration file for “example.com” using the nano text editor:

sudo nano /etc/apache2/sites-available/example.com.conf

4. Add the following configuration to the file, replacing “example.com” with your own domain name:

<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/example.com

    <Directory /var/www/example.com>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/example.com_error.log
    CustomLog ${APACHE_LOG_DIR}/example.com_access.log combined
</VirtualHost>

This configuration specifies that the “example.com” domain should use the files located in the /var/www/example.com directory as its document root.

5. Disable the default Apache site configuration to avoid conflicts:

sudo a2dissite 000-default.conf

6. Enable the “example.com” site configuration:
sudo a2ensite example.com.conf

7. Restart Apache to apply the changes:
sudo systemctl restart apache2

8. Create a test “hello world” HTML file:
sudo nano /var/www/example.com/index.html

Add the following HTML code to the file:

<!DOCTYPE html>
<html>
<head>
    <title>Hello World</title>
</head>
<body>
    <h1>Hello World!</h1>
</body>
</html>

9. Save and close the file.

10. Finally, configure your DNS records to point the “example.com” domain to your server’s IP address. Once the DNS records are updated, you can access the website by visiting “http://example.com” in your web browser.

Testing the LAMP Stack Installation on Your Ubuntu Server
To ensure that the LAMP stack configuration is fully functional, it’s necessary to conduct tests on Apache, PHP, and MySQL components. Verifying the Apache operational status and virtual host configuration was done earlier. Now, it’s important to test the interaction between the web server and PHP and MySQL components.

The easiest way to verify the configuration of the Ubuntu LAMP stack is by using a short test script. The PHP code does not need to be lengthy or complex; however, it must establish a connection to MySQL. The test script should be placed within the DirectoryRoot directory.

To validate the database, use PHP to invoke the mysqli_connect function. Use the username and password created in the “Configuring the MySQL Database server” section. If the attempt is successful, the mysqli_connect function returns a Connection object. The script should indicate whether the connection succeeded or failed and provide more information about any errors.

To verify the installation, follow these steps:

1. Create a new file called “phptest.php” in the /var/www/example.com directory.

<html>
<head>
    <title>PHP MySQL Test</title>
</head>
    <body>
    <?php echo '<p>Welcome to the Site!</p>';

    // When running this script on a local database, the servername must be 'localhost'. Use the name and password of the web user account created earlier. Do not use the root password.
    $servername = "localhost";
    $username = "dbuser";
    $password = "password";

    // Create MySQL connection
    $conn = mysqli_connect($servername, $username, $password);

    // If the conn variable is empty, the connection has failed. The output for the failure case includes the error message
    if (!$conn) {
        die('<p>Connection failed: </p>' . mysqli_connect_error());
    }
    echo '<p>Connected successfully</p>';
    ?>
</body>
</html>

2. To test the script, open a web browser and type the domain name followed by “/phptest.php” in the address bar. For example, if your domain name is “example.com”, you would enter “example.com/phptest.php” in the address bar. Make sure to substitute the actual name of the domain for “example.com” in the example provided.

http://example.com/phptest.php

3. Upon successful execution of the script, the web page should display without any errors. The page should contain the text “Welcome to the Site!” and “Connected successfully.” However, if you encounter the “Connection Failed” error message, review the SQL error information to troubleshoot the issue.

Bonus: Install phpMyAdmin
phpMyAdmin is a web-based application used to manage MySQL databases. To install it, run the following command:

sudo apt install phpmyadmin
During the installation process, you will be prompted to choose the web server that should be automatically configured to run phpMyAdmin. Select Apache and press Enter.

You will also be prompted to enter a password for phpMyAdmin’s administrative account. Enter a secure password and press Enter.

Once the installation is complete, you can access phpMyAdmin by navigating to http://your_server_IP_address/phpmyadmin in your web browser.

Congratulations! You have successfully installed and configured a LAMP stack on your Ubuntu server.

Summary
This guide walks through the process of setting up a LAMP Stack, a combination of the Linux operating system, Apache web server, MySQL RDBMS, and PHP programming language, to serve PHP websites and applications. The individual components are free and open source, designed to work together, and easy to install and use. Following the steps provided, you can install the LAMP Stack on Ubuntu 22.04 LTS using apt, configure the Apache web server, create a virtual host for the domain, and integrate the MySQL web server by creating a new account to represent the web user. Additional PHP packages are required for Apache, PHP, and the database to communicate. A short PHP test script can be used to test the new installation by connecting to the database.

Empowering you with the knowledge to master Linux web hosting, DevOps and Cloud