Tutorial: Installing a LAMP Web Server

The following procedures help you the Apache web server with and MySQL support on your EC2 instance (sometimes called a LAMP web server or LAMP stack). You can use this server to host a static website or deploy a dynamic application that reads and writes information to a database.


This tutorial assumes that you have already launched an instance with a public name that is reachable from the Internet. For more information, see Launch an Amazon EC2 Instance. You must also have configured your group to allow (port 22), HTTP (port 80), and HTTPS (port 443) connections.


These procedures are intended for use with Amazon Linux, but the commands and file locations are similar for Red Hat and CentOS. For more information about other distributions, see their specific documentation. If you are trying to set up a LAMP web server on an instance, this tutorial will not work for you.

To install and start the LAMP web server

  1. Connect to your instance.
  2. To ensure that all of your software packages are up to date, perform a quick software update on your instance. This process may take a few minutes, but it is important to make sure you have the latest security updates and bug fixes.


    The -y option installs the updates without asking for confirmation. If you would like to examine the updates before installing, you can omit this option.

    [ec2-user ~]$ sudo  update -y
  3. Now that your instance is current, you can install the Apache web server, MySQL, and PHP software packages. Use the yum groupinstall to install multiple software packages and all related dependencies at the same time.
    [ec2-user ~]$ sudo yum groupinstall -y "Web Server" "MySQL Database" "PHP Support"


    Non-Amazon Linux instances may have subtle differences in their group names. If the above command fails because of an invalid group name, use the yum grouplistcommand and scan the output for similar groups, such as “MySQL Database server” instead of “MySQL Database", and use the appropriate group name for your distribution.

  4. Install the php-mysql package.
    [ec2-user ~]$ sudo yum install -y php-mysql
  5. Start the Apache web server.
    [ec2-user ~]$ sudo service httpd start
    Starting httpd:                                            [  OK  ]
  6. Use the chkconfig command to configure the Apache web server to start at each system boot.
    [ec2-user ~]$ sudo chkconfig httpd on


    The chkconfig command does not provide any confirmation message when you successfully enable a service. You can verify that httpd is on by running the following command.

    [ec2-user ~]$ chkconfig --list httpd
    httpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off

    Here, httpd is on in runlevels 2, 3, 4, and 5 (which is what you want to see).

  7. Test your web server. In a web browser, enter the public DNS address (or the public IP address) of your instance; you should see the Apache test page. You can get the public DNS for your instance using the Amazon EC2 console (check the Public DNS column; if this column is hidden, click the Show/Hide icon and select Public DNS).


    If you are unable to see the Apache test page, check that the security group you are using contains a rule to allow HTTP (port 80) traffic. For information about adding anHTTP rule to your security group, adding Rules to a Security Group.


    If you are not using Amazon Linux, you may also need to configure the on your instance to allow these connections. For more information about how to configure the , see the documentation for your specific distribution.



    This test page appears only when there is no content in /var/www/html. When you add content to the document root, your content appears at the public DNS address of your instance instead of this test page.

Apache httpd serves files that are kept in a directory called the Apache document root. The Amazon Linux Apache document root is /var/www/html, which is owned by root by default.

[ec2-user ~]$ ls -l /var/www
total 16
drwxr-xr-x 2 root root 4096 Jul 12 01:00 cgi-bin
drwxr-xr-x 3 root root 4096 Aug  7 00:02 error
drwxr-xr-x 2 root root 4096 Jan  6  2012 html
drwxr-xr-x 3 root root 4096 Aug  7 00:02 icons

To allow ec2-user to manipulate files in this directory, you need to modify the ownership and permissions of the directory. There are many ways to accomplish this task; in this tutorial, you add a www group to your instance, and you give that group ownership of the /var/www directory and add write permissions for the group. Any members of that group will then be able to add, delete, and modify files for the web server.

To set file permissions

  1. Add the www group to your instance.
    [ec2-user ~]$ sudo groupadd www
  2. Add your user (in this case, ec2-user) to the www group.
    [ec2-user ~]$ sudo usermod -a -G www ec2-user


    You need to log out and log back in to pick up the new group. You can use the exit command, or close the terminal window.

  3. Log out and then log back in again, and verify your membership in the www group.
    1. Log out.
      [ec2-user ~]$ exit
    2. Reconnect to your instance, and then run the following command to verify your membership in the www group.
      [ec2-user ~]$ groups
      ec2-user wheel www
  4. Change the group ownership of /var/www and its contents to the www group.
    [ec2-user ~]$ sudo chown -R root:www /var/www
  5. Change the directory permissions of /var/www and its subdirectories to add group write permissions and to set the group ID on future subdirectories.
    [ec2-user ~]$ sudo chmod 2775 /var/www
    [ec2-user ~]$ find /var/www -type d -exec sudo chmod 2775 {} +
  6. Recursively change the file permissions of /var/www and its subdirectories to add group write permissions.
    [ec2-user ~]$ find /var/www -type f -exec sudo chmod 0664 {} +

Now ec2_user (and any future members of the www group) can add, delete, and edit files in the Apache document root. Now you are ready to add content, such as a static website or a PHP application.

To test your LAMP web server

If your server is installed and running, and your file permissions are set correctly, your ec2-user account should be able to create a simple PHP file in the /var/www/html directory that will be available from the Internet.

  1. Create a simple PHP file in the Apache document root.
    [ec2-user ~]$ echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php


    If you get a “Permission denied” error when trying to run this command, try logging out and logging back in again to pick up the proper group permissions that you configured file permissions.

  2. In a web browser, enter the URL of the file you just created. This URL is the public DNS address of your instance followed by a forward slash and the file name. For example:

    You should see the PHP information page.



    If you do not see the above image, but instead see the phpinfo() source code, verify that the php package was installed properly. Your output may look slightly different, but look for php in the Installed Packages section.

    [ec2-user wordpress]$ yum list installed php
    Loaded plugins: priorities, security, update-motd, upgrade-helper
    amzn-main                                                | 2.1 kB     00:00
    amzn-updates                                             | 2.3 kB     00:00
    Installed Packages
    php.x86_64                       5.3.27-1.0.amzn1                  @amzn-updates

    If this package is not listed as installed, install it with the following command, restart the httpd service, and reload the phpinfo.php page.

    [ec2-user wordpress]$ sudo yum install -y php
    [ec2-user wordpress]$ sudo service httpd restart
  3. Delete the phpinfo.php file. Although this can be useful information to you, it should not be broadcast to the Internet for security reasons.
    [ec2-user ~]$ rm /var/www/html/phpinfo.php

To secure the MySQL server

The default installation of the MySQL server has several features that are great for testing and development, but they should be disabled or removed for production servers. Themysql_secure_installation command walks you through the process of setting a root password and removing the insecure features from your installation. Even if you are not planning on using the MySQL server, performing this procedure is a good idea.

  1. Start the MySQL server so that you can run mysql_secure_installation.
    [ec2-user ~]$ sudo service mysqld start
    Initializing MySQL database:  Installing MySQL system tables...
    Filling help tables...
    To start mysqld at boot time you have to copy
    support-files/mysql.server to the right place for your system
    Starting mysqld:                                           [  OK  ]
  2. Run mysql_secure_installation.
    [ec2-user ~]$ sudo mysql_secure_installation
    1. When prompted, enter a password for the root account.
      1. Enter the current root password. By default, the root account does not have a password set, so press Enter.
      2. Type Y to set a password, and enter a secure password twice. For more information about creating a secure password. Make sure to store this password in a safe place.
    2. Type Y to remove the anonymous user accounts.
    3. Type Y to remote root login.
    4. Type Y to remove the test database.
    5. Type Y to reload the privilege tables and save your changes.
  3. (Optional) Stop the MySQL server if you do not plan to use it right away. You can restart the server when you need it again.
    [ec2-user ~]$ sudo service mysqld stop
    Stopping mysqld:                                           [  OK  ]
  4. (Optional) If you want the MySQL server to start at every boot, enter the following command.
    [ec2-user ~]$ sudo chkconfig mysqld on

You should now have a fully functional LAMP web server. If you add content to the Apache document root at /var/www/html, you should be able to view that content at the public DNS address for your instance.

Print Friendly, PDF & Email



Bài viết liên quan