Amazon EC2 Instance: Installing and setting up PHP, phpMyAdmin, MySQL and FTP
Setting up an Amazon EC2 Instance
- Sign up for an EC2 account
- Set up an EC2 instance
- Create a key pair file for use with SSH
- Create a security group and open any required ports
- Set up an Elastic IP address
Installing and setting up PHP, phpMyAdmin, mySQL and FTP
Installing and Configuring Apache
sudo yum install httpdsudo nano /etc/httpd/conf/httpd.conf
Virtual Hosts allow you to run multiple websites on the same server, which can be IP address based or name based. Go to the bottom of the httpd.config file, which you can do by pressing G while in command mode, and uncomment the
<VirtualHost **:80> section,
CustomLog commented out though, we don’t need them for now.
Change the DocumentRoot to
/var/www/html/, which is the default directory for web files on an Apache server, then change the server name to the public domain name of your instance, which will be similar to
ec2-23-23-229-35.compute-1.amazonaws.com. The last change we need to make is to the DirectoryIndex, which is the file that Apache serves when the root directory of the server is requested. This section is located toward the middle of the file. Change the line to:
DirectoryIndex index.html index.php index.sh default.jsp
This will allow you to have a PHP file as the DirectoryIndex file. The file name does not need to be index.xxx, this is usually just the default file name that most websites use. After you have changed everything, press Ctrl+X & Shift+Y to save and exit. Finally, start the Apache server using the command:
sudo service httpd start
Installing PHP, mySQL and phpMyAdmin
To install everything you need for PHP, just run this command:
sudo yum install php-mysql php php-xml php-mcrypt php-mbstring php-cli mysql
Which installs PHP and all of the extensions required for it. Just say yes to all of the prompts that appear. Next, we will install mySQL. Install and run the mySQL server with these commands, and say yes to all of the prompts:
sudo yum install mysql-server
sudo /etc/init.d/mysqld start
Then set the password for the root user to something secure:
mysqladmin -u root password '[PASSWORD]'
mySQL is now installed and running, and we can now go a step further and install and configure phpMyAdmin. phpMyAdmin is a web based interface for administering mySQL, including managing users and setting permissions, creating databases and queries, and handling other similar database administration tasks. The process of installing phpMyAdmin takes the most steps in this guide.
First, change directory to the Apache root folder:
Then, download phpMyAdmin to this folder:
sudo wget http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/220.127.116.11/phpMyAdmin-18.104.22.168-all-languages.tar.gz
Next, extract the files to the root of the folder:
sudo tar -xzvf phpMyAdmin-22.214.171.124-all-languages.tar.gz -C /var/www/html
Rename the folder to phpmyadmin and remove the zip file:
sudo mv phpMyAdmin-126.96.36.199-all-languages phpmyadmin
sudo rm -rf phpMyAdmin-188.8.131.52-all-languages.tar.gz
Create a Unix user for phpmyadmin and give it permission/ownership over the phpmyadmin folder.
sudo adduser phpmyadmin
sudo passwd phpmyadmin (After this you will be prompted to enter a password)
Give the user permission/ownership over the phpmyadmin folder, first by finding which user Apache uses by running:
egrep 'User|Group' /etc/httpd/conf/httpd.conf
And then, after finding this user, by changing to the root Apache directory and running the chown command on the phpmyadmin folder.
sudo chown phpmyadmin.apache phpmyadmin/
Then, run this set of commands:
sudo mkdir config
sudo chmod o+rw config
sudo cp config.sample.inc.php config/config.inc.php
sudo chmod o+w config/config.inc.php
sudo service httpd restart
This changes your directory to the phpmyadmin folder, makes a config directory and sets permissions for it, copies a sample config file for phpmyadmin to the config directory and renames it then adds permissions to the config.inc.php file. Finally, the Apache server is restarted.
Now we need to run the phpMyAdmin setup. Navigate to
http://[your_instance_IP]/phpmyadmin/setup/index.php and click New Server. All you need to change on the next screen is the PHP extension to use to mysqli if it is not already selected, and then enter the config auth user, which will be root, and config auth password, which is the password we entered earlier for the root mySQL user. Click save and you will be done. Don’t worry about the errors that appear after the setup, we will be fixing them up next.
You can now navigate to http://[your_instance_IP]/phpmyadmin/index.php and log in using the root user credentials. We will now handle the errors shown. One should be something along the lines of “The configuration file now needs a secret passphrase (blowfish_secret).”, and the other should be telling you to delete the config folder in the phpmyadmin directory. There will also be another error saying something along the lines of “The additional features for working with linked tables have been deactivated. To find out why click here.”, but don’t worry about that for now. We’ll fix the first error, and set up some other things in the config file, before deleting the config folder.
Open the config file, config.inc.php, by running this command:
sudo vi /var/www/html/phpmyadmin/config/config.inc.php
Near the top of the file you will see this line:
$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
All you need to do here is enter a random string of characters between the quotation marks. Scroll down to the /* Server Parameters */ section, and change
$cfg['Servers'][$i]['extension'] = 'mysql';
$cfg['Servers'][$i]['extension'] = 'mysqli';
Scroll down a bit further and you will find the /* User for advanced features */ section. Leave the control user and the control password commented out, as we will not need them, and uncomment all of the other lines starting with $cfg in this section and the two below it. Save your changes by pressing Esc and entering :wq. Change directory back to the phpmyadmin config folder.
We are now going to copy the config.inc.php file out of the config folder and into the root directory so phpMyAdmin can use it, switch back to the root directory, and delete the config folder so that error is resolved. Run the following commands to achieve this:
sudo cp config.inc.php .. cd .. sudo rm -rf config/
We are almost done with installing phpMyAdmin! We just need to complete a couple more steps to ensure the installation is successful and all of the components are correctly configured, and to get rid of the final setup error.
First, log into phpMyAdmin and go into the Privileges tab, and select ‘Add a new user’. Enter phpmyadmin as the user name, change the Host to Local, then enter a password for the user. Select “Create database with same name and grant all privileges”, then click Check All in the Global Privileges section, then click Go and the database and user will be created.
Finally, and I promise this will be the last step in setting up phpmyadmin, we need to download a script called create_tables.sql and run it. This script will create the linked tables required in the phpmyadmin database we just created. To download it via SSH, first navigate to your ~/.ssh folder, then enter the following command to download the .sql file from the server to your downloads directory:
scp -i filename.pem email@example.com:/var/www/html/phpmyadmin/scripts/create_tables.sql ~/Downloads
The scp command is used to download a file over SSH. The structure is as follows:
scp -i your_keyfile.pem ec2-user@your_instance_IP:/file/location/on/instance /file/download/local
After you have downloaded the file, log back in to phpMyAdmin if you aren’t already logged in and go to the import tab. Select the create_tables.sql file from your Downloads directory and click Go. The script will be run and the tables will be created. If the error does not disappear, log out of phpMyAdmin and log back in and it should disappear.
And we’re done! Phew! The very last thing that we need to do is set up SFTP on our server so we can transfer files between our server and our local machine easily without having to use SSH. Read on!
Setting up SFTP
First of all we need to install the SFTP server,
vsftpd, on our instance. Run the following command to install it:
sudo yum install vsftpd
Now we will need to edit the configuration file for the SFTP server. Open the
vsftpd.conf file in the text editor:
In here we will be changing a few properties to make the SFTP server more secure. Change the properties listed to the values shown.
chroot_local_users=YES (you may need to uncomment this)
There is also some lines that we will need to add to this configuration file to allow passive connections to the FTP server using the ports that we defined earlier in the security group for the instance (12000–12100). Add these lines to the bottom of your config file, then save and exit using
Now we will be securing the FTP upload directory to the ec2-user, so only they can read/write to the directory. First we will set the ec2-user to the owner of that directory and set the correct read/write permissions for that directory:
sudo chown -R ec2-user /var/www/html
sudo chmod 775 /var/www/html
After that, we will need to create a .userlist file and add the ec2-user to it, which will be used in vsftpd.conf as a list of users to give access to the FTP directory:
sudo vi /etc/vsftpd/vsftpd.userlist
Once in edit mode for the file, add the
ec2-user user to it, save and quit. Open the vsftpd.conf file again using
sudo vi /etc/vsftpd/vsftpd.conf and add the following lines:
Finally, you need to add nologin to the shell set to connect. Open
sudo vi /etc/shells, which should look something like:
Add the line
/usr/sbin/nologin to the end of the file. To finish off, create a usergroup and add the ec2-user to it, then start up the vsftpd service:
sudo groupadd ftpusers
sudo usermod -Gftpusers ec2-user
sudo service vsftpd start
You will now be able to connect to your instance and upload/download files using SFTP in your preferred file transfer application.