Amazon EC2 Instance: Installing and setting up PHP, phpMyAdmin, MySQL and FTP

Setting up an Amazon EC2 Instance

  • Sign up for an EC2 account
  • Set up an EC2 instance
  • Create a key pair file for use with SSH
  • Create a security group and open any required ports
  • Set up an Elastic IP address

Installing and setting up PHP, phpMyAdmin, mySQL and FTP

Installing and Configuring Apache

sudo yum install httpdsudo nano /etc/httpd/conf/httpd.conf

Virtual Hosts allow you to run multiple websites on the same server, which can be IP address based or name based. Go to the bottom of the httpd.config file, which you can do by pressing G while in command mode, and uncomment the <VirtualHost **:80> section, DocumentRoot and ServerName. Leave ServerAdmin, ErrorLog and CustomLog commented out though, we don’t need them for now.

Change the DocumentRoot to /var/www/html/, which is the default directory for web files on an Apache server, then change the server name to the public domain name of your instance, which will be similar to ec2-23-23-229-35.compute-1.amazonaws.com. The last change we need to make is to the DirectoryIndex, which is the file that Apache serves when the root directory of the server is requested. This section is located toward the middle of the file. Change the line to:

DirectoryIndex index.html index.php index.sh default.jsp

This will allow you to have a PHP file as the DirectoryIndex file. The file name does not need to be index.xxx, this is usually just the default file name that most websites use. After you have changed everything, press Ctrl+X & Shift+Y to save and exit. Finally, start the Apache server using the command:

sudo service httpd start

Installing PHP, mySQL and phpMyAdmin

To install everything you need for PHP, just run this command:

sudo yum install php-mysql php php-xml php-mcrypt php-mbstring php-cli mysql

Which installs PHP and all of the extensions required for it. Just say yes to all of the prompts that appear. Next, we will install mySQL. Install and run the mySQL server with these commands, and say yes to all of the prompts:

sudo yum install mysql-server
sudo /etc/init.d/mysqld start

Then set the password for the root user to something secure:

mysqladmin -u root password '[PASSWORD]'

phpMyAdmin

mySQL is now installed and running, and we can now go a step further and install and configure phpMyAdmin. phpMyAdmin is a web based interface for administering mySQL, including managing users and setting permissions, creating databases and queries, and handling other similar database administration tasks. The process of installing phpMyAdmin takes the most steps in this guide.

First, change directory to the Apache root folder:

cd /var/www/html

Then, download phpMyAdmin to this folder:

sudo wget http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.3.9.1/phpMyAdmin-3.3.9.1-all-languages.tar.gz

Next, extract the files to the root of the folder:

sudo tar -xzvf phpMyAdmin-3.3.9.1-all-languages.tar.gz -C /var/www/html

Rename the folder to phpmyadmin and remove the zip file:

sudo mv phpMyAdmin-3.3.9.1-all-languages phpmyadmin
sudo rm -rf phpMyAdmin-3.3.9.1-all-languages.tar.gz

Create a Unix user for phpmyadmin and give it permission/ownership over the phpmyadmin folder.

sudo adduser phpmyadmin
sudo passwd phpmyadmin (After this you will be prompted to enter a password)

Give the user permission/ownership over the phpmyadmin folder, first by finding which user Apache uses by running:

egrep 'User|Group' /etc/httpd/conf/httpd.conf

And then, after finding this user, by changing to the root Apache directory and running the chown command on the phpmyadmin folder.

cd /var/www/html
sudo chown phpmyadmin.apache phpmyadmin/

Then, run this set of commands:

cd /var/www/html/phpmyadmin/
sudo mkdir config
sudo chmod o+rw config
sudo cp config.sample.inc.php config/config.inc.php
sudo chmod o+w config/config.inc.php
sudo service httpd restart

This changes your directory to the phpmyadmin folder, makes a config directory and sets permissions for it, copies a sample config file for phpmyadmin to the config directory and renames it then adds permissions to the config.inc.php file. Finally, the Apache server is restarted.

Now we need to run the phpMyAdmin setup. Navigate to http://[your_instance_IP]/phpmyadmin/setup/index.php and click New Server. All you need to change on the next screen is the PHP extension to use to mysqli if it is not already selected, and then enter the config auth user, which will be root, and config auth password, which is the password we entered earlier for the root mySQL user. Click save and you will be done. Don’t worry about the errors that appear after the setup, we will be fixing them up next.

You can now navigate to http://[your_instance_IP]/phpmyadmin/index.php and log in using the root user credentials. We will now handle the errors shown. One should be something along the lines of “The configuration file now needs a secret passphrase (blowfish_secret).”, and the other should be telling you to delete the config folder in the phpmyadmin directory. There will also be another error saying something along the lines of “The additional features for working with linked tables have been deactivated. To find out why click here.”, but don’t worry about that for now. We’ll fix the first error, and set up some other things in the config file, before deleting the config folder.

Open the config file, config.inc.php, by running this command:

sudo vi /var/www/html/phpmyadmin/config/config.inc.php

Near the top of the file you will see this line:

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

All you need to do here is enter a random string of characters between the quotation marks. Scroll down to the /* Server Parameters */ section, and change

$cfg['Servers'][$i]['extension'] = 'mysql';

to

$cfg['Servers'][$i]['extension'] = 'mysqli';

Scroll down a bit further and you will find the /* User for advanced features */ section. Leave the control user and the control password commented out, as we will not need them, and uncomment all of the other lines starting with $cfg in this section and the two below it. Save your changes by pressing Esc and entering :wq. Change directory back to the phpmyadmin config folder.

cd /var/www/html/phpmyadmin/config

We are now going to copy the config.inc.php file out of the config folder and into the root directory so phpMyAdmin can use it, switch back to the root directory, and delete the config folder so that error is resolved. Run the following commands to achieve this:

sudo cp config.inc.php .. cd .. sudo rm -rf config/

We are almost done with installing phpMyAdmin! We just need to complete a couple more steps to ensure the installation is successful and all of the components are correctly configured, and to get rid of the final setup error.

First, log into phpMyAdmin and go into the Privileges tab, and select ‘Add a new user’. Enter phpmyadmin as the user name, change the Host to Local, then enter a password for the user. Select “Create database with same name and grant all privileges”, then click Check All in the Global Privileges section, then click Go and the database and user will be created.

Finally, and I promise this will be the last step in setting up phpmyadmin, we need to download a script called create_tables.sql and run it. This script will create the linked tables required in the phpmyadmin database we just created. To download it via SSH, first navigate to your ~/.ssh folder, then enter the following command to download the .sql file from the server to your downloads directory:

scp -i filename.pem ec2-user@23.23.229.35:/var/www/html/phpmyadmin/scripts/create_tables.sql ~/Downloads

The scp command is used to download a file over SSH. The structure is as follows:

scp -i your_keyfile.pem ec2-user@your_instance_IP:/file/location/on/instance /file/download/local

After you have downloaded the file, log back in to phpMyAdmin if you aren’t already logged in and go to the import tab. Select the create_tables.sql file from your Downloads directory and click Go. The script will be run and the tables will be created. If the error does not disappear, log out of phpMyAdmin and log back in and it should disappear.

And we’re done! Phew! The very last thing that we need to do is set up SFTP on our server so we can transfer files between our server and our local machine easily without having to use SSH. Read on!

Setting up SFTP

First of all we need to install the SFTP server, vsftpd, on our instance. Run the following command to install it:

sudo yum install vsftpd

Now we will need to edit the configuration file for the SFTP server. Open the vsftpd.conf file in the text editor:

sudo nano/etc/vsftpd/vsftpd.conf

In here we will be changing a few properties to make the SFTP server more secure. Change the properties listed to the values shown.

anonymous_login=NO
local_enable=YES
write_enable=YES
connect_from_port_20=NO
chroot_local_users=YES (you may need to uncomment this)
local_umask=022

There is also some lines that we will need to add to this configuration file to allow passive connections to the FTP server using the ports that we defined earlier in the security group for the instance (12000–12100). Add these lines to the bottom of your config file, then save and exit using :wq.

pasv_enable=YES
pasv_address=your_instance_IP
pasv_min_port=12000
pasv_max_port=12100
port_enable=YES

Now we will be securing the FTP upload directory to the ec2-user, so only they can read/write to the directory. First we will set the ec2-user to the owner of that directory and set the correct read/write permissions for that directory:

sudo chown -R ec2-user /var/www/html
sudo chmod 775 /var/www/html

After that, we will need to create a .userlist file and add the ec2-user to it, which will be used in vsftpd.conf as a list of users to give access to the FTP directory:

sudo vi /etc/vsftpd/vsftpd.userlist

Once in edit mode for the file, add the ec2-user user to it, save and quit. Open the vsftpd.conf file again using sudo vi /etc/vsftpd/vsftpd.conf and add the following lines:

userlist_file=/etc/vsftpd.userlist
userlist_enable=YES
userlist_deny=NO

Finally, you need to add nologin to the shell set to connect. Open sudo vi /etc/shells, which should look something like:

/bin/ksh
/usr/bin/rc
/usr/bin/tcsh
/bin/tcsh
/usr/bin/esh
/bin/dash
/bin/bash
/bin/rbash

Add the line /usr/sbin/nologin to the end of the file. To finish off, create a usergroup and add the ec2-user to it, then start up the vsftpd service:

sudo groupadd ftpusers
sudo usermod -Gftpusers ec2-user
sudo service vsftpd start

You will now be able to connect to your instance and upload/download files using SFTP in your preferred file transfer application.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store