Installing LAMP on Ubuntu 22.04 LTS (Jammy Jellyfish)

Acronym Refresher

“Instead of only serving static HTML pages, a LAMP server can generate dynamic web pages that run PHP code and load data from a MySQL database.”

LAMP Stands for "Linux, Apache, MySQL, and PHP." Together, these software technologies can be used to create a fully-functional web server.

Linux is the most popular, secure and open source operating system used in web servers.

Apache HTTP Server is a free and open-source web server that delivers web content through the internet.

MySQL is a relational database engine that allows you to store data and manage it.

PHP is a widely used open source and general purpose server side scripting language used mainly in web development to create dynamic websites and applications.

NOTE: In some instances, the "P" in LAMP may stand for either Perl or Python, which are other scripting languages.

In this tutorial, we’ll be using MariaDB— a backward compatible, drop-in replacement of the MySQL® Database Server, which includes all major open source storage engines, and allows you to manage relational databases for storing and organizing data.

Prerequisites

  • Root access to your server or a sudo user.

Step 1: Update The Package Cache

Start by updating the packages in the package manager cache to the latest available versions using the following command:

sudo apt update

Step 2: Install the MariaDB Database Server

After updating our package cache, we will now install the MariaDB database server. We'll use MariaDB instead of MySQL because it includes more features and supports new storage engines, in addition to its high performance.

To install MariaDB, execute the following command:

sudo apt install mariadb-server mariadb-client

Tap the y key then Enter to continue the installation.

In the preceding command, you install two packages:

  • mariadb-server: The MariaDB database server which actually stores data.
  • mariadb-client: The MariaDB database client which allows you to interact with and manage the database server via the command line.

Once the installation is finished, verify that the MariaDB database server is running properly by executing the following command to check out the MariaDB service status:

sudo service mariadb status

The output should show that the service is enabled and running:

● mariadb.service - MariaDB 10.6.7 database server
     Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2022-08-02 18:43:46 UTC; 52s ago
       Docs: man:mariadbd(8)
             https://mariadb.com/kb/en/library/systemd/
   Main PID:    2731 (mariadbd)
     Status:      "Taking your SQL requests now..."
      Tasks:      17 (limit: 19072)
   Memory:     57.5M
        CPU:     421ms
     CGroup: /system.slice/mariadb.service
             └─2731 /usr/sbin/mariadbd

Here, you can see that the service is active and running in the line "Active: active (running) ...".

Ensure That MariaDB Starts at Boot

To make sure that the MariaDB database server starts with the system at boot, use the enable subcommand of the systemctl command. To do so, execute the following command:

sudo systemctl enable mariadb.service

You should receive the following output:

Synchronizing state of mariadb.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable mariadb

Securing The MariaDB Database Server

MariaDB comes with some unsafe default settings which may expose your database server to dangerous security vulnerabilities. It's recommended that you run a security script that comes with MariaDB to strengthen your database server and minimize the risk of database intrusions or breaches.

To secure your MariaDB database server, execute the following command, where you will be presented with seven prompts:

First, run the script:

sudo mysql_secure_installation

You’ll be asked for your current root password:

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none): 

Tap Enter.

Next, you'll be asked whether you want to use the unix_socket authentication method:

OK, successfully used password, moving on...

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.

Switch to unix_socket authentication [Y/n] 

Tap Y to enable unix_socket authentication for better security.

The unix_socket authentication method uses the Unix user's credentials instead of a password to connect to the MariaDB account with the same username, which makes it a passwordless security mechanism, and because it depends on the user's credentials, it cannot be used to grant multiple Unix users access to a single MariaDB user account. With this, access to your MariaDB database server is limited to the Unix user, adding a security layer for your MariaDB account and preventing attackers from brute forcing or taking advantage of an accidental password leak.

The unix_socket authentication method is particularly strong due to the default sturdiness of Unix user security in preventing remote access. However, unskilled administration of your Unix user system may expose dangerous vulnerabilities. So, keep a wide and open eye on potential Unix user security issues such as weak passwords or accidental password exposure, excessive sudo permissions that allow users to execute commands of a different Unix user, scripts of other users executed by your MariaDB Unix user, running unsafe scripts, or weak remote access security.

Next, you'll be asked to change the root password:

Enabled successfully!
Reloading privilege tables..
 ... Success!

Change the root password? [Y/n] 

Tap Y to set a new password for root, and re-enter it for validation.

Next, you'll be asked to remove anonymous users:

Change the root password? [Y/n] y
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] 

Tap Y to remove the anonymous users that come with your MariaDB installation.

Next, you’ll be asked whether you want to disallow remote root logins:

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] 

Tap Y to disable remote root login.

Next, you’ll be asked whether you want to remove the test database that comes with your MariaDB installation:

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] 

Tap Y to remove your MariaDB test database and disable access to it.

In order for the changes you've made to take effect, you’ll be asked to reload your MariaDB privilege tables:

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] 

Tap Y to reload your MariaDB privilege tables. This will ensure that your changes will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

With this, your MariaDB installation is more secure than before, provided that you follow security best practices.

You now have the MariaDB database server installed, and you’re ready to store and manage your data. Next, you’ll need to serve the data you store using an HTTP server, which is the Apache HTTP server in the LAMP stack.

Step 3: Install the Apache HTTP Server

After installing and securing the MariaDB database server, the next step in our LAMP stack installation is installing the Apache HTTP server, which serves web content.

Use apt to install Apache using the following command:

sudo apt install apache2

You’ll be asked to confirm the installation. Tap the y key then Enter to continue.

Once the installation is finished, check Apache’s version to confirm that it was properly installed using the following command:

sudo apachectl -v

You should receive an output that looks as follows:

Server version: Apache/2.4.52 (Ubuntu)
Server built:   2022-06-14T12:30:21

Then check Apache’s status:

sudo systemctl status apache2

The output should show that the Apache service is enabled and running:

● apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2022-08-02 19:00:13 UTC; 2min 31s ago
       Docs: https://httpd.apache.org/docs/2.4/
   Main PID: 52442 (apache2)
      Tasks: 55 (limit: 19072)
     Memory: 5.2M
        CPU: 44ms
     CGroup: /system.slice/apache2.service
             ├─52442 /usr/sbin/apache2 -k start
             ├─52444 /usr/sbin/apache2 -k start
             └─52445 /usr/sbin/apache2 -k start

You now have Apache installed. Next, you’ll install the PHP language.

Step 4: Install PHP

With MariaDB you can store and manage data, and the Apache HTTP server allows you to serve it. You now need to install PHP to dynamically display data, and allow the final user to interact with your web service via easy-to-use web forms or API calls.

Use the following command to install the main PHP package, along with basic PHP packages that allow you to interact with your database and HTTP server:

sudo apt install php php-mysql php-xml php-mbstring libapache2-mod-php

When prompted, tap the y key then Enter to continue the installation.

In the preceding command, you install the following packages:

  • php: The main PHP language package.
  • php-mysql: A package that allows PHP to communicate with MySQL-based databases such as MariaDB.
  • php-xml: A package that provides a DOM, SimpleXML, WDDX, XML, and XSL module for PHP.
  • php-mbstring: A package that provides the MBSTRING module for PHP, which is used to manage non-ASCII strings.
  • libapache2-mod-php: A package that allows Apache to handle PHP files.

To ensure PHP was successfully installed, check its version using the following command:

php -v

You should receive an output similar to the following:

PHP 8.1.2 (cli) (built: Jul 21 2022 12:10:37) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.2, Copyright (c) Zend Technologies
    with Zend OPcache v8.1.2, Copyright (c), by Zend Technologies

This means that you've successfully installed PHP.

Step 5: Testing with a Custom-Made Web Page

After we've finished installing all the components of the LAMP stack, we will now test our Apache server by creating a small HTML file in an Apache Document Root folder –a folder that contains your website files.

To create a document root folder to serve our test file, create a new directory called mysite inside the /var/www directory, which is the default document root for Apache. Note that you can use your site's name instead of mysite:

sudo mkdir /var/www/mysite

Next, create a file called index.html inside your mysite directory:

sudo nano /var/www/mysite/index.html

Paste the following into the file:

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>My website</title>
</head>
<body>
    <h1>Hello World!</h1>
    <p>This is the landing page of <strong>My Site</strong></p>
</body>
</html>

As you can see, this is straightforward HTML code.

Save and close the file.

For Apache to know about your mysite document root directory and serve its index.html on your server's IP address or domain, you will need to modify the default Apache configuration file. To do this, first open it using the following command:

sudo nano /etc/apache2/sites-enabled/000-default.conf

Then make sure to set the correct server name and document root path:

ServerName your_server_domain_or_IP
DocumentRoot /var/www/mysite

Run the following command to ensure that your new configuration file does not contain any errors:

sudo apache2ctl configtest

You might receive a AH00558: apache2: Could not reliably determine the server's fully qualified domain name message. You can ignore this message because it’s just an informational note that does not affect the purposes of this tutorial, and Apache will run as expected.

You should receive an output that ends with the following:

Syntax OK

This means you can safely reload Apache. Otherwise, you will get a specific description pointing out the error you have to fix.
Restart Apache for these modifications to take effect:

sudo systemctl restart apache2

After you do so, use your browser and navigate to your server’s domain name or IP address:

http://your_server_domain_or_IP

You should see that the index.html file you created earlier is properly served.

Important Note:

What we’ve done in this article, is suitable for testing purposes and personal use, whereas if you want to publish your site to production, and securely process your customers’ online transactions, we do suggest you check our Hands-On: Securing Your Site with Self-Signed or CA Certificates blog article, that explains in detail how to secure your site with SSL certificates (both self-signed and CA).

Reader Alert!

If you feel that the technical instructions in this tutorial are time-consuming, or beyond your expertise, you can choose a very convenient and practical solution, ready-made, fully and professionally tested, and developed by SSD Nodes (That is us 😊). Just visit our website, choose the server’s specifications that fit your needs, and while prompted to choose among the operating systems and the 1-Click Applications we have, choose LAMP from the dropdown menu, complete your checkout, and in a couple of minutes our algorithms will take care of all the technical aspects smoothly and effortlessly, just for you!

Bonus: All our 1-Click applications are now installed with an active HTTPS self-signed certificate!

Way more practical, smooth, and headacheless, isn’t it?

Conclusion

For the next steps to go live, it is important to secure your web server connections by serving requests with HTTPS instead of HTTP. You can accomplish this using a CA certificate, which is the more convenient solution when going public; you can check our article explaining the difference between self-signed and CA certificates. You should also register a domain name with a registrar, so your customers can find you easily by using your site URL (such as www.example.com) instead of the server’s IP address (as seen in our testing example).