Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung Nächste ÜberarbeitungBeide Seiten der Revision | ||
content:apache_phpfpm [2021/06/24 11:35] – [Howto setup a LAMP-Server in 2018-2020] Daniel | content:apache_phpfpm [2022/03/19 10:55] – [Tell Apache to use php-fpm] Daniel | ||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
- | ====== | + | ====== Apache PHP- FPM- Serverguide ====== |
===== Howto setup a LAMP-Server in 2018-2020 ===== | ===== Howto setup a LAMP-Server in 2018-2020 ===== | ||
- | This documentation is about how to set up a LAMP- Server (Linux, Apache, MySql, PhP) in the current, most stable way. The Reason | + | This documentation is about how to set up a LAMP- Server (Linux, Apache, MySql aka MariaDB, PhP) in the current, most stable way for home office usage. The reason |
To get the Differences, | To get the Differences, | ||
* Apache-Prefork. That way, Apache is one Application with many threads - which is slower, consumes more memory and doesn' | * Apache-Prefork. That way, Apache is one Application with many threads - which is slower, consumes more memory and doesn' | ||
- | * PHP-Module integrated in the Apche- Server which is not released as stable and may crash the whole Apache- Server on Errors | + | * PHP-Module integrated in the Apache- Server which is not released as stable and may crash the whole Apache- Server on Errors. This module must be released to match the Apache- version, so the versions are tied together |
- | * Using Network | + | * PHP- Modules, which must be compiled againt the apache-mod_php- module. Updating mod_php means updating all modules. |
+ | * Using Network | ||
* MariaDB | * MariaDB | ||
Zeile 30: | Zeile 30: | ||
- Install the System with standard Desktop- Packages (KDE) | - Install the System with standard Desktop- Packages (KDE) | ||
- Boot into new Linux and Set Up Desktop as you like | - Boot into new Linux and Set Up Desktop as you like | ||
- | |||
==== Basic System- Scaling thoughts ==== | ==== Basic System- Scaling thoughts ==== | ||
Zeile 75: | Zeile 74: | ||
For a local setup, you should use Sockets and disable networking. To do this, set | For a local setup, you should use Sockets and disable networking. To do this, set | ||
- | |||
< | < | ||
+ | |||
socket = / | socket = / | ||
Zeile 85: | Zeile 84: | ||
Start Mysql with " | Start Mysql with " | ||
- | After that had worked you should secure your Database by giving a password as it was explained by the step above when starting it. If not shure just run "< | + | After that had worked you should secure your Database by giving a password as it was explained by the step above when starting it. If not shure just run " <font inherit/ |
==== Install Apache ==== | ==== Install Apache ==== | ||
Zeile 101: | Zeile 99: | ||
* Commit the Changes | * Commit the Changes | ||
* in / | * in / | ||
+ | |||
< | < | ||
- | |||
#This Config is for event or worker MPMs. | #This Config is for event or worker MPMs. | ||
# | # | ||
Zeile 188: | Zeile 186: | ||
</ | </ | ||
- | |||
==== PHP Configuration ==== | ==== PHP Configuration ==== | ||
Zeile 222: | Zeile 219: | ||
For making Apache use php-fpm as php-server, you use the module " | For making Apache use php-fpm as php-server, you use the module " | ||
- | Caution: this has noting to do with " | + | Caution: this has noting to do with " |
* To enable this and all its dependencies, | * To enable this and all its dependencies, | ||
- | < | ||
- | sudo a2enmod setenvif rewrite proxy proxy_fcgi | + | < |
+ | sudo a2enmod setenvif | ||
+ | sudo a2enmod | ||
+ | sudo a2enmod | ||
+ | sudo a2enmod | ||
</ | </ | ||
Zeile 238: | Zeile 238: | ||
# Don't use " | # Don't use " | ||
# This is to forward all PHP to php-fpm | # This is to forward all PHP to php-fpm | ||
- | < | + | < |
- | | + | SetHandler " |
- | </ | + | </ |
+ | DirectoryIndex index.php | ||
# Don't use " | # Don't use " | ||
# <Proxy fcgi:// | # <Proxy fcgi:// | ||
- | <Proxy fcgi:// | + | <Proxy fcgi:// |
- | #6 Hours = 21600 | + | |
- | #Make this high, as upload will stop after that amount of time | + | |
- | ProxySet connectiontimeout=30 timeout=21600 | + | |
- | </ | + | </ |
- | # If the php file doesn' | + | # If the php file doesn' |
- | # This will allow .htaccess rewrite rules to work and | + | # This will allow .htaccess rewrite rules to work and |
- | # the client will see the default 404 page of Apache | + | # the client will see the default 404 page of Apache |
- | | + | RewriteCond %{REQUEST_FILENAME} \.php$ |
- | | + | RewriteCond %{DOCUMENT_ROOT}/ |
- | | + | RewriteRule (.*) - [H=text/ |
</ | </ | ||
+ | |||
==== Start and check Apache ==== | ==== Start and check Apache ==== | ||
Zeile 299: | Zeile 301: | ||
Well: You are done. Now its up to you to fill Apache with content. Have fun! | Well: You are done. Now its up to you to fill Apache with content. Have fun! | ||
- | |||
==== Manage Database with phpMyAdmin ==== | ==== Manage Database with phpMyAdmin ==== | ||
- | To manage your local Database, it would be nice to have phpMyAdmin installed first (via Package-manager). After that, copy the config.sample.inc.php to config.inc.php under / | + | To manage your local Database, it would be nice to have phpMyAdmin installed first (via Package-manager). After that, copy the config.sample.inc.php to config.inc.php under / |
+ | <font inherit/ | ||
You can finish the setup of your phpMyAdmin by visiting [[http:// | You can finish the setup of your phpMyAdmin by visiting [[http:// | ||
+ | |||
+ | ==== About security of your WEB- Page (Scripts) ==== | ||
+ | |||
+ | There are really a lot of important Documentations about security of your Webserver going in Details for each functionality. They are important - as functions should be set as tight as possible. | ||
+ | |||
+ | But there are more basic security settings that may prevent damage if the functional security is breached. So the basic security might be very important - and here especially the file permissions. One big security-hole that is very common misunderstand at permissions is this one: | ||
+ | |||
+ | **If you make a file ONLY readable for the user of the webserver (400) and make that user own that file, you may expect this user to not be able to write to that file. THIS IS WRONG !** | ||
+ | |||
+ | Instead, in Linux/Unix the user owning a file can ALWAYs change its permissions. So the user will be able to make it writeable again and write to that file. The ONLY way to prevent the webservers- user form writing to files is not to make this user own that file. So you should make your file owned by root and use groups for controlling the access. | ||
+ | |||
+ | If you need more detailled file permissions, | ||
Zeile 313: | Zeile 327: | ||
You may download the file, extract the contents (e.g. to ~/eclipse) and run the installer there in userspace (no superuser is required). | You may download the file, extract the contents (e.g. to ~/eclipse) and run the installer there in userspace (no superuser is required). | ||
- | |||
===== Filling Content to your Server ===== | ===== Filling Content to your Server ===== | ||
This is a demo to install some small Software to your Server. I will use the github- Project [[https:// | This is a demo to install some small Software to your Server. I will use the github- Project [[https:// | ||
- | |||
==== Install git-web ==== | ==== Install git-web ==== |