Home LAMP Stack Install Apache, MySQL, PHP (LAMP Stack) On Ubuntu 20.04 LTS

Install Apache, MySQL, PHP (LAMP Stack) On Ubuntu 20.04 LTS

By sk
Published: Last Updated on 13.5K views

LAMP stack is a popular, open source web development platform that can be used to run and deploy dynamic websites and web-based applications. Typically, a LAMP stack consists of Apache webserver, MariaDB/MySQL databases, PHP/Python/Perl programming languages. LAMP is the acronym of Linux, Apache, MariaDB/MYSQL, PHP/Python/Perl. This step by step tutorial describes how to install Apache, MySQL, PHP (LAMP stack) on Ubuntu 20.04 LTS server edition.

Install Apache, MySQL, PHP (LAMP Stack) On Ubuntu 20.04 LTS

For the purpose of this tutorial, we will be using the following Ubuntu system.

  • Operating System : Ubuntu 20.04 LTS Server Edition
  • IP address : 192.168.225.52/24

First, let us install Apache server.

1. Install Apache web server In Ubuntu

First of all, update Ubuntu server using commands:

$ sudo apt update
$ sudo apt upgrade

Next, install Apache web server:

$ sudo apt install apache2

Check if Apache web server is running or not with command:

$ sudo systemctl status apache2

Sample output would be:

● apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabl>
     Active: active (running) since Fri 2020-05-29 07:02:26 UTC; 25s ago
       Docs: https://httpd.apache.org/docs/2.4/
   Main PID: 23996 (apache2)
      Tasks: 55 (limit: 2283)
     Memory: 5.1M
     CGroup: /system.slice/apache2.service
             ├─23996 /usr/sbin/apache2 -k start
             ├─23998 /usr/sbin/apache2 -k start
             └─23999 /usr/sbin/apache2 -k start

May 29 07:02:26 ubuntuserver systemd[1]: Starting The Apache HTTP Server...
May 29 07:02:26 ubuntuserver apachectl[23981]: AH00558: apache2: Could not reliably det>
May 29 07:02:26 ubuntuserver systemd[1]: Started The Apache HTTP Server.

Congratulations! Apache service is up and running!!

1.1. Allow Apache web server via UFW firewall

UFW, stands for Uncomplicated Firewall, is a program for managing a netfilter firewall designed to be easy to use. UFW is available by default in all Ubuntu versions.

By default, the Apache web browser can’t be accessed from remote systems if you have enabled the UFW firewall in Ubuntu 20.04 LTS. You must allow the http and https ports by following the steps given below.

First, list out the application profiles available on your Ubuntu system using command:

$ sudo ufw app list

Sample output:

Available applications:
  Apache
  Apache Full
  Apache Secure
  OpenSSH

As you can see, Apache and OpenSSH applications have installed UFW profiles. You can list out information about each profile and its included rules using ufw app info "Profile Name" command.

Let us look into the “Apache Full” profile using command:

$ sudo ufw app info "Apache Full"

Sample output:

Profile: Apache Full
Title: Web Server (HTTP,HTTPS)
Description: Apache v2 is the next generation of the omnipresent Apache web
server.

Ports:
80,443/tcp

As you see, "Apache Full" profile has included the rules to enable traffic to the ports 80 and 443.

Now, run the following command to allow incoming HTTP and HTTPS traffic for this profile:

$ sudo ufw allow in "Apache Full"

You will see an output like below:

Rules updated
Rules updated (v6)

If you don't want to allow https traffic, but only http (80) traffic, run:

$ sudo ufw app info "Apache"

1.2. Test Apache Web server

Now, open your web browser and access Apache test page by navigating to http://localhost/ or http://IP-Address/.

If you see the "Apache 2 Ubuntu default page" as shown below, you are good to go. Apache server is working!

Apache2 Ubuntu Default Page In Ubuntu 20.04
Test Apache Web server

2. Install MySQL In Ubuntu

To install MySQL On Ubuntu, run:

$ sudo apt install mysql-server

Verify if MySQL service is running or not using command:

$ sudo systemctl status mysql

Sample output:

● mysql.service - MySQL Community Server
     Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2020-05-29 07:15:22 UTC; 2min 8s ago
   Main PID: 25242 (mysqld)
     Status: "Server is operational"
      Tasks: 38 (limit: 2283)
     Memory: 323.7M
     CGroup: /system.slice/mysql.service
             └─25242 /usr/sbin/mysqld

May 29 07:15:16 ubuntuserver systemd[1]: Starting MySQL Community Server...
May 29 07:15:22 ubuntuserver systemd[1]: Started MySQL Community Server.

As you see in the above output, MySQL is running!

2.1. Setup database administrative user (root) password for Mysql

By default, MySQL root user password is blank. It is not recommended to use empty password for database administrative account. You need to secure your MySQL server by running the following script:

$ sudo mysql_secure_installation

You will be asked whether you'd like to setup "VALIDATE PASSWORD" component or not. This component allows the users to configure strong password for database credentials. If enabled, It will automatically check the strength of the password and enforces the users to set only those passwords which are secure enough. It is safe to leave it disabled. However, you must use a strong and unique password for database credentials. If you don't want to enable this component, just press any key to skip the password validation part and continue the rest of the steps.

Enter y if you want to setup VALIDATE PASSWORD component:

Securing the MySQL server deployment.

Connecting to MySQL using a blank password.

VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?

Press y|Y for Yes, any other key for No: y

If your answer is Yes, you will be asked to choose the level of password validation. The available password validations are low, medium and strong. Just enter the appropriate number (0 for low, 1 for medium and 2 for strong password) and hit ENTER key.

There are three levels of password validation policy:

LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 0

Now, enter the password for MySQL root user. Please be mindful that you must use password for MySQL root user depending upon the password policy you choose in the previous step. If you didn't enable the plugin, just use any strong and unique password of your choice.

Please set the password for root here.

New password:

Re-enter new password:

Estimated strength of the password: 100 
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y

Once you entered the password twice, you will see the password strength (In our case it is 100). If it is OK for you, press Y to continue with the provided password. If not satisfied with password length, press any other key and set a strong password. I am OK with my current password, so I chose y.

For the rest of questions, just type y and hit ENTER. This will remove anonymous user, disallow root user login remotely and remove test database.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.

Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Dropping test database...
Success.

- Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.

All done!

Done! We have set MySQL root user's password.

2.2. Change authentication method for MySQL root user

By default, the MySQL root user is set to authenticate using the auth_socket plugin starting from MySQL 5.7 and newer versions on Ubuntu. Even though it enhances the security, it will also complicate things when you access your database server using any external programs, for example phpMyAdmin. To fix this issue, you need to change authentication method from auth_socket to caching_sha2_password or mysql_native_password.

As of MySQL 8.0 version, the preferred and default authentication plugin is caching_sha2_password. The caching_sha2_password authentication plugin provides more secure password encryption than the mysql_native_password plugin.

To change the authentication plugin, login to your MySQL prompt using command:

$ sudo mysql

Or,

$ mysql -u root -p

Enter the MySQL root password which we setup in the previous step.

Run the following command at the mysql prompt to find the current authentication method for all MySQL user accounts:

mysql> SELECT user,authentication_string,plugin,host FROM mysql.user;

Sample output:

+------------------+------------------------------------------------------------------------+-----------------------+-----------+
| user             | authentication_string                                                  | plugin                | host      |
+------------------+------------------------------------------------------------------------+-----------------------+-----------+
| debian-sys-maint | $A$005$=s%UO"�o@>.@320vBX9Agb0kvpTpyiqIsh6XlD0UqNXLcl3KLzp46.Le. | caching_sha2_password | localhost |
| mysql.infoschema | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | caching_sha2_password | localhost |
| mysql.session    | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | caching_sha2_password | localhost |
| mysql.sys        | $A$005$THISISACOMBINATIONOFINVALIDSALTANDPASSWORDTHATMUSTNEVERBRBEUSED | caching_sha2_password | localhost |
| root             |                                                                        | auth_socket           | localhost |
+------------------+------------------------------------------------------------------------+-----------------------+-----------+
5 rows in set (0.00 sec)
find the current authentication method for all mysql user accounts in ubuntu
Find the current authentication method for all mysql user accounts in Ubuntu

As you see, mysql root user uses auth_socket plugin for authentication.

To change auth_socket plugin to caching_sha2_password, run the following command at the MySQL prompt. If you have enabled VALIDATE PASSWORD plugin, make sure you have used a strong password based on the current policy requirements. A strong should consists of at least 8 characters including an uppercase letter, a lowercase letter, a number and a special character.

mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'Password123#@!';

Replace Password123#@! with a strong and unique password of your choice in the above command.

Update the changes using command:

mysql> FLUSH PRIVILEGES;

Now check if the current authentication plugin is changed or not using command:

mysql> SELECT user,authentication_string,plugin,host FROM mysql.user;

Sample output:

check the current authentication plugin in mysql
Check the current authentication plugin in mysql

Good! Now the MySQL root user can authenticate using password to access MySQL shell.

Exit from the MySQL prompt:

mysql> exit

Note:

Even though caching_sha2_password plugin provides enhanced secure encryption, it has some compatibility issues with existing MySQL installations. For details, refer this link. If you encountered with any compatibility issues, you need to set mysql_native_password plugin as default authentication plugin.

To change to mysql_native_password plugin, run the following command at MySQL prompt.

mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';

Update the changes using command:

mysql> FLUSH PRIVILEGES;

Now check again if the authentication method is changed or not using command:

mysql> SELECT user,authentication_string,plugin,host FROM mysql.user;

Sample output:

find the current authentication method for all mysql user accounts
Find the current authentication method for all MySQL user accounts

Exit from the mysql prompt:

mysql> exit

3. Install PHP In Ubuntu

To install PHP, run:

$ sudo apt install php libapache2-mod-php php-mysql

After installing PHP, create info.php file in the Apache root document folder. Usually, the Apache root document folder will be /var/www/html/ or /var/www/ in most Debian based Linux distributions. In Ubuntu 20.04 LTS, it is /var/www/html/.

Let us create info.php file in the apache root folder:

$ sudo vi /var/www/html/info.php

Add the following lines:

<?php
phpinfo();
?>

Press ESC key and type :wq to save and quit the file. Restart apache service to take effect the changes.

$ sudo systemctl restart apache2

3.1. Test PHP

Open up your web browser and navigate to http://IP-address/info.php URL.

You will see the php information such as version, server API and the details of all enabled php plugins.

php info page in Ubuntu 20.04
PHP test page

Usually, when a user requests a directory from the web server, Apache will first look for a file named index.html. If you want to change Apache to serve php files rather than others, move index.php to first position in the dir.conf file as shown below

$ sudo vi /etc/apache2/mods-enabled/dir.conf

Here is the contents of the above file.

<IfModule mod_dir.c>
DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Move the index.php file to first. Once you made the changes, your dir.conf file will look like below.

<IfModule mod_dir.c>
DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Press ESC key and type :wq to save and close the file. Restart Apache service to take effect the changes.

$ sudo systemctl restart apache2

3.2. Install PHP modules

To improve the functionality of PHP, you can install some additional PHP modules.

To list the available PHP modules, run:

$ sudo apt-cache search php- | less

Sample output:

list available PHP modules in Ubuntu
List available PHP modules in Ubuntu

Use the arrow keys to go through the result. To exit, type q.

To find the details of any particular php module, for example php-gd, run:

$ sudo apt-cache show php-gd

To install a php module run:

$ sudo apt install php-gd

Do not forget to restart Apache service after installing a php module. To check if the module is loaded or not, open info.php file in your browser and check if it is present.

Congratulations! As you can see, it is very easy to install apache, mysql, php (LAMP stack) on Ubuntu 20.04 LTS. You can now start hosting your websites using the LAMP stack.

Read Next:

Related read:

You May Also Like

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. By using this site, we will assume that you're OK with it. Accept Read More