Differences

This shows you the differences between two versions of the page.

Link to this comparison view

installing_and_configuring_the_apache2.4_with_php_plus_mysql_on_the_freebsd_9.2_en [2017/09/05 12:18] (current)
Line 1: Line 1:
 +====== Installing and configuring the Apache 2.4 + PHP + MySQL on the FreeBSD 9.2  ======
  
 +
 +**General Information**
 +
 +The Apache web server is a free open-source HTTP server, that powers most of the web servers across the Internet. It's easy to install and to configure and runs on most UNIX and UNIX-like platforms
 +
 +For more information about Apache Web Server, please visit their home page at http://​httpd.apache.org
 +
 +Here I going show how to install and configure the Apache 2.4 with PHP and <​nowiki>​MySQL</​nowiki>​ support.
 +
 +Requirements:​
 +  * <​nowiki>​FreeBSD</​nowiki>​ 9.2
 +  * IP: 192.168.1.60/​24
 +  * Hostname: freebsd.douglasqsantos.com.br
 +
 +Now we are going to configure the /etc/hosts
 +<sxh bash>
 +vim /etc/hosts
 +[...]
 +192.168.1.60 ​           freebsd.douglasqsantos.com.br freebsd
 +</​sxh>​
 +
 +Let's get the <​nowiki>​FreeBSD</​nowiki>​ ports and let's install them
 +<sxh bash>
 +portsnap fetch && portsnap extract && portsnap update
 +</​sxh>​
 +
 +I go disable the DIALOG is that little boring window that is displayed when do you going install something
 +<sxh bash>
 +echo "​NO_DIALOG=yes"​ >> /​etc/​make.conf
 +</​sxh>​
 +
 +Let's install the Apache 2.4, let's access your ports for install
 +<sxh bash>
 +cd /​usr/​ports/​www/​apache24
 +</​sxh>​
 +
 +When we execute the bellow command, will be compiled, installed and cleaned the Apache ports
 +<sxh bash>
 +make install clean
 +</​sxh>​
 +
 +Add the following lines to your /​boot/​loader.conf,​ otherwise when you first start Apache you will get warnings messages. ​
 +<sxh bash>
 +echo '​accf_http_load="​YES"'​ >> /​boot/​loader.conf
 +echo '​accf_data_load="​YES"'​ >> /​boot/​loader.conf
 +</​sxh>​
 +
 +Now load the above modules
 +<sxh bash>
 +kldload accf_http
 +kldload accf_data
 +</​sxh>​
 +
 +To launch Apache at system startup, add the following line to /​etc/​rc.conf how bellow
 +<sxh bash>
 +echo '​apache24_enable="​YES"'​ >> /​etc/​rc.conf
 +</​sxh>​
 +
 +For get information about the variable that you need to insert in the /​etc/​rc.conf execute the command bellow
 +<sxh bash>
 +/​usr/​local/​etc/​rc.d/​apache24 rcvar
 +# apache24
 +#
 +apache24_enable="​NO"​
 +#   ​(default:​ ""​)
 +</​sxh>​
 +
 +The Apache Server can be started with the following command ​
 +<sxh bash>
 +/​usr/​local/​sbin/​apachectl start
 +</​sxh>​
 +
 +The Apache service can be tested by entering http://​192.168.1.60 in a web browser. The default web page that is displayed is /​usr/​local/​www/​apache22/​data/​index.html
 +
 +====== Now let's install PHP ======
 +
 +Let's access the php ports and let's install them
 +<sxh bash>
 +cd /​usr/​ports/​lang/​php55 && make WITH_APACHE=yes install clean 
 +</​sxh>​
 +
 +Now let's configure the right local for php.ini
 +<sxh bash>
 +cp /​usr/​local/​etc/​php.ini-production /​usr/​local/​etc/​php.ini
 +</​sxh>​
 +
 +Let's access the php extensions and let's install <​nowiki>​MySQL</​nowiki>,​ <​nowiki>​MySQLI</​nowiki>​ and PDO_MYSQL
 +<sxh bash>
 +cd /​usr/​ports/​lang/​php55-extensions && make WITH_MYSQL=yes WITH_MYSQLI=yes WITH_PDO_MYSQL=yes install clean
 +</​sxh>​
 +
 +Now lets enable the php support on Apache
 +<sxh bash>
 +vim /​usr/​local/​etc/​apache24/​httpd.conf ​
 +[...]
 +    #edit the line 255 how to bellow for the apache know that index.php is the page index to php pages
 +    DirectoryIndex index.html index.php
 +[...]
 +    #Add on line 385
 +    AddType application/​x-httpd-php .php
 +    AddType application/​x-httpd-php-source .phps
 +[...]
 +
 +</​sxh>​
 +
 +Let's delete the index.html that is default index page for Apache ​
 +<sxh bash>
 +rm -rf /​usr/​local/​www/​apache24/​data/​index.html ​
 +</​sxh>​
 +
 +Now let's create a index.php
 +<sxh php>
 +vim /​usr/​local/​www/​apache24/​data/​index.php
 +<?php
 +phpinfo();
 +?>
 +</​sxh>​
 +
 +Now let's reboot the Apache server to test php support
 +<sxh bash>
 +/​usr/​local/​sbin/​apachectl restart
 +</​sxh>​
 +
 +The httpd service can be tested by entering http://​192.168.1.60 here let's seeing the php configuration
 +====== Installing MySQL ======
 +
 +Let's access the <​nowiki>​MySQL</​nowiki>​ ports and let's install them
 +<sxh bash>
 +cd /​usr/​ports/​databases/​mysql56-server/​ && make install clean
 +</​sxh>​
 +
 +To launch the <​nowiki>​MySQL</​nowiki>​ at system startup, add the following line to the rc.conf how bellow
 +<sxh bash>
 +echo '​mysql_enable="​YES"'​ >> /​etc/​rc.conf
 +</​sxh>​
 +
 +Now let's adjust local to the configuration file of the <​nowiki>​MySQL</​nowiki>​
 +<sxh bash>
 +cp /​usr/​local/​share/​mysql/​my-default.cnf /etc/my.cnf
 +</​sxh>​
 +
 +Let's enable <​nowiki>​MySQL</​nowiki>​ listening on all interfaces
 +<sxh bash>
 +echo "​bind-address = 0.0.0.0"​ >> /etc/my.cnf
 +</​sxh>​
 +
 +Let's start the <​nowiki>​MySQL</​nowiki>​ with the following command
 +<sxh bash>
 +/​usr/​local/​etc/​rc.d/​mysql-server onestart
 +</​sxh>​
 +
 +Now let's set password for root on <​nowiki>​MySQL</​nowiki>​
 +<sxh bash>
 +mysqladmin -u root password '​senha'​
 +</​sxh>​
 +
 +Now we'll test of the Mysql connection with the following command
 +<sxh sql>
 +mysql -u root -p
 +Enter password: ​
 +Welcome to the MySQL monitor. ​ Commands end with ; or \g.
 +Your MySQL connection id is 2
 +Server version: 5.6.14 Source distribution
 +
 +Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
 +
 +Oracle is a registered trademark of Oracle Corporation and/or its
 +affiliates. Other names may be trademarks of their respective
 +owners.
 +
 +Type '​help;'​ or '​\h'​ for help. Type '​\c'​ to clear the current input statement.
 +
 +mysql> \q
 +Bye
 +</​sxh>​
 +
 +let's show the listening ports of the <​nowiki>​MySQL</​nowiki>​
 +<sxh bash>
 +sockstat -4 -l
 +USER     ​COMMAND ​   PID   FD PROTO  LOCAL ADDRESS ​        ​FOREIGN ADDRESS ​     ​
 +mysql    mysqld ​    34711 10 tcp4   ​*:​3306 ​               *:*
 +www      httpd      3286  4  tcp4   ​*:​80 ​                 *:*
 +www      httpd      3283  4  tcp4   ​*:​80 ​                 *:*
 +www      httpd      3282  4  tcp4   ​*:​80 ​                 *:*
 +www      httpd      3281  4  tcp4   ​*:​80 ​                 *:*
 +www      httpd      3280  4  tcp4   ​*:​80 ​                 *:*
 +www      httpd      3279  4  tcp4   ​*:​80 ​                 *:*
 +root     ​httpd ​     3278  4  tcp4   ​*:​80 ​                 *:*
 +root     ​sendmail ​  ​689 ​  ​3 ​ tcp4   ​127.0.0.1:​25 ​         *:*
 +root     ​sshd ​      ​686 ​  ​4 ​ tcp4   ​*:​22 ​                 *:*
 +root     ​syslogd ​   582   ​7 ​ udp4   ​*:​514 ​                *:*
 +</​sxh>​
 +Our Apache and Mysql is listening on all interfaces
 +
 +====== Creating VirtualHost ======
 +
 +Now let's see how to create a Virtual host
 +
 +Let's enable the line on httpd.conf to Apache know the Virtual Host
 +<sxh apache>
 +vim /​usr/​local/​etc/​apache24/​httpd.conf
 +[...]
 +#Uncomment the line bellow. Line: 473
 +Include etc/​apache24/​extra/​httpd-vhosts.conf
 +[...]
 +</​sxh>​
 +
 +Let's leave the file how to bellow
 +<sxh apache>
 +vim /​usr/​local/​etc/​apache24/​extra/​httpd-vhosts.conf
 +<​VirtualHost *:80>
 +     ​ServerAdmin webmaster@douglasqsantos.com.br
 +     ​ServerName freebsd.douglasqsantos.com.br
 +  DocumentRoot "/​usr/​local/​www/​freebsd"​
 +   <​Directory "/​usr/​local/​www/​freebsd">​
 +     ​Options +FollowSymLinks +MultiViews
 +     ​AllowOverride All
 +     ​Require all granted
 +   </​Directory>​
 +
 +   <​IfModule mod_php5.c>​
 +     ​AddType application/​x-httpd-php .php
 +     ​php_flag expose_php Off
 +     ​php_flag allow_url_fopen Off
 +     ​php_flag allow_url_include Off
 +     ​php_flag magic_quotes_gpc Off
 +     ​php_flag register_globals Off
 +     ​php_flag disable_functions show_source
 +     ​php_flag disable_functions system
 +     ​php_flag disable_functions shell_exec
 +     ​php_flag disable_functions passthru
 +     ​php_flag disable_functions exec
 +     ​php_flag disable_functions popen
 +     ​php_flag disable_functions proc_open
 +     ​php_flag disable_functions symlink
 +     ​php_value upload_max_filesize ​ 15M
 +     ​php_value post_max_size 15M
 +   </​IfModule>​
 +     ​CustomLog /​var/​log/​apache24/​freebsd.douglasqsantos.com.br-access.log combined
 +     ​ErrorLog /​var/​log/​apache24/​freebsd.douglasqsantos.com.br-error.log
 +     ​LogLevel warn
 +     ​ServerSignature Off
 +</​VirtualHost>​
 +</​sxh>​
 +
 +Let's create the directory for receive the data for web site and the directory for receive the logs, then let's set the permissions to directories
 +<sxh bash>
 +mkdir -p /​usr/​local/​www/​freebsd && chown -R www:www /​usr/​local/​www/​freebsd ​
 +mkdir -p /​var/​log/​apache24/​ && chown -R www:www /​var/​log/​apache24/​
 +</​sxh>​
 +
 +Let's create the index file
 +<sxh php>
 +vim /​usr/​local/​www/​freebsd/​index.php ​
 +<?php
 +
 +echo "<​h1>​FreeBSD</​h1>";​
 +
 +?>
 +</​sxh>​
 +
 +Let's reboot the Apache server with the following command
 +<sxh bash>
 +/​usr/​local/​etc/​rc.d/​apache24 restart
 +</​sxh>​
 +
 +Now let's enable the SSL support
 +
 +Let's create a directory for received the keys for ssl connections of the Apache
 +<sxh bash>
 +mkdir -p /​usr/​local/​etc/​apache24/​ssl
 +</​sxh>​
 +
 +Let's build the main key
 +<sxh bash>
 +openssl genrsa -des3 -out server.key 1024
 +Generating RSA private key, 1024 bit long modulus
 +........++++++
 +....................++++++
 +e is 65537 (0x10001)
 +Enter pass phrase for server.key: #PASS
 +Verifying - Enter pass phrase for server.key: #PASS
 +</​sxh>​
 +
 +Let's build the request for signing for our key
 +<sxh bash>
 +openssl req -new -key server.key -out server.csr
 +Enter pass phrase for server.key:
 +You are about to be asked to enter information that will be incorporated
 +into your certificate request.
 +What you are about to enter is what is called a Distinguished Name or a DN.
 +There are quite a few fields but you can leave some blank
 +For some fields there will be a default value,
 +If you enter '​.',​ the field will be left blank.
 +-----
 +Country Name (2 letter code) [AU]:BR
 +State or Province Name (full name) [Some-State]:​Parana
 +Locality Name (eg, city) []:Curitiba
 +Organization Name (eg, company) [Internet Widgits Pty Ltd]:​Douglas
 +Organizational Unit Name (eg, section) []:IT
 +Common Name (e.g. server FQDN or YOUR name) []:​freebsd.douglasqsantos.com.br
 +Email Address []:​douglas@douglasqsantos.com.br
 +
 +Please enter the following '​extra'​ attributes
 +to be sent with your certificate request
 +A challenge password []:
 +An optional company name []:Douglas
 +</​sxh>​
 +
 +Let's self-signing our certificate
 +<sxh bash>
 +openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
 +Signature ok
 +subject=/​C=BR/​ST=Parana/​L=Curitiba/​O=Douglas/​OU=IT/​CN=freebsd.douglasqsantos.com.br/​emailAddress=douglas@douglasqsantos.com.br
 +Getting Private key
 +Enter pass phrase for server.key:
 +</​sxh>​
 +
 +Let's adjust the permissions for our keys
 +<sxh bash>
 +chmod 0400 server.*
 +cp server.key server.key.orig
 +</​sxh>​
 +
 +Let's take out the password, because on startup, Apache need input this key for start
 +<sxh bash>
 +openssl rsa -in server.key.orig -out server.key
 +Enter pass phrase for server.key.orig:​
 +writing RSA key
 +</​sxh>​
 +
 +Let's adjust our Virtual host for enable SSL support
 +<sxh apache>
 +vim /​usr/​local/​etc/​apache24/​extra/​httpd-vhosts.conf
 +Listen 443
 +<​VirtualHost *:80>
 +     ​ServerName freebsd.douglasqsantos.com.br
 +     ​Redirect / https://​freebsd.douglasqsantos.com.br/​
 +</​VirtualHost>​
 +<​VirtualHost *:443>
 +     ​ServerAdmin webmaster@douglasqsantos.com.br
 +     ​ServerName freebsd.douglasqsantos.com.br
 +     ​DocumentRoot "/​usr/​local/​www/​freebsd"​
 +   <​Directory "/​usr/​local/​www/​freebsd">​
 +     ​Options +FollowSymLinks +MultiViews
 +     ​AllowOverride All
 +     ​Require all granted
 +   </​Directory>​
 +
 +   <​IfModule mod_php5.c>​
 +   ​AddType application/​x-httpd-php .php
 +     ​php_flag expose_php Off
 +     ​php_flag allow_url_fopen Off
 +     ​php_flag allow_url_include Off
 +     ​php_flag magic_quotes_gpc Off
 +     ​php_flag register_globals Off
 +     ​php_flag disable_functions show_source
 +     ​php_flag disable_functions system
 +     ​php_flag disable_functions shell_exec
 +     ​php_flag disable_functions passthru
 +     ​php_flag disable_functions exec
 +     ​php_flag disable_functions popen
 +     ​php_flag disable_functions proc_open
 +     ​php_flag disable_functions symlink
 +     ​php_value upload_max_filesize ​ 15M
 +     ​php_value post_max_size 15M
 +   </​IfModule>​
 +     ​SSLEngine on
 +     ​SSLCipherSuite ALL:​!ADH:​!EXPORT56:​RC4+RSA:​+HIGH:​+MEDIUM:​+LOW:​+SSLv2:​+EXP:​+eNULL
 +     ​SSLCertificateFile "/​usr/​local/​etc/​apache24/​ssl/​server.crt"​
 +     ​SSLCertificateKeyFile "/​usr/​local/​etc/​apache24/​ssl/​server.key"​
 +   <​FilesMatch "​\.(cgi|shtml|phtml|php)$">​
 +     ​SSLOptions +StdEnvVars
 +   </​FilesMatch>​
 +     ​BrowserMatch "​.*MSIE.*"​ \
 +     ​nokeepalive ssl-unclean-shutdown \
 +     ​downgrade-1.0 force-response-1.0
 +     ​CustomLog /​var/​log/​apache24/​freebsd.douglasqsantos.com.br-access.log combined
 +     ​ErrorLog /​var/​log/​apache24/​freebsd.douglasqsantos.com.br-error.log
 +     ​LogLevel warn
 +     ​ServerSignature Off
 +</​VirtualHost>​
 +</​sxh>​
 +
 +Let's uncomment the line of the ssl module in httpd.conf
 +<sxh bash>
 +vim /​usr/​local/​etc/​apache24/​httpd.conf
 +[...]
 +#uncomment the line bellow
 +LoadModule ssl_module libexec/​apache24/​mod_ssl.so
 +</​sxh>​
 +
 +Let's reboot our Apache recognize a new configuration
 +<sxh bash>
 +/​usr/​local/​etc/​rc.d/​apache24 restart
 +</​sxh>​
 +
 +Can we test the Apache entering https://​freebsd.douglasqsantos.com.br on your web browser if you don't use the dns for resolve the fqdn,  add a ip and fqdn on /etc/hosts on your client or access with ip https://​192.168.1.60.
 +
 +====== References ======
 +  - http://​www.br.freebsd.org/​doc/​handbook/​network-apache.html