MySQL + Apache + PHP + (PHPLIB) + OpenSSL/mod_ssl Quick Installation Guide
(Version 1.1. Last modified: 2000-11-14. Older version is here.)
Table of contents
This document is a quick guide to cook up a great web server (with database backend) out of a Unix box. It is meant for users with root access to their system. This tutorial has been tested on FreeBSD 4.1. With minor modifications such as folder paths or location of system init files, the instructions provided here should be applicable to other Unix systems as well.
All the instructions provided in this tutorial are either available online or included in those INSTALL/README docs that come with the various source packages. It took me quite a while to put the different pieces of the puzzle together. Hence here is a quick tutorial to save you some time. Please note that this tutorial is by no means a substitution of the original documentation from those packages. It is suggested that you consult them whenever necessary.
Please read the Disclaimer before you proceed!
Recommended: In order to compile MySQL successfully with reasonable speed, it is suggested that your machine has a 100MHz (or better) CPU with 64M+ RAM. (Note: I was able in installing MySQL 3.22.32 on a system with 32M of RAM but it took for ever to finish.)
There are two objectives we want to achieve:
Instructions provided in this tutorial have been tested on FreeBSD 4.1. With a few modifications such as system init scripts, the installation instructions provided here should be applicable to other Unix flavors. Notes about (RedHat) Linux will be provided where appropriate.
My FreeBSD box is a minimal installation, i.e., bare-bone OS including the necessary compilers, etc.. When you have a fresh FreeBSD installation, choose the 'minimal installation' option if you are going to use your Unix box as a server (e.g., for web and email services) only (i.e., without using the X-window system).
Grab the following packages (source code only (in .tar.gz tarballs) but not pre-compiled binaries) onto your system. Save them in the same folder, e.g., /tmp/downloads. Note that by the time you read this tutorial, version numbers may be different.
We will use /usr/src/local as the folder to store all the downloaded packages. Before installation, you need to become the superuser. Also we need to create the /usr/src/local folder.
% su root # mkdir /usr/src/local # cd /usr/src/local
Suppose you downloaded all the software packages in the /tmp/downloads folder:
# cp /tmp/downloads/* ./
Now, unpack all the gzip'ed and tarred files. For example,
# gunzip apache_1.3.14.tar.gz # tar xvf apache_1.3.14.tar
Repeat the above procedure for every gzipped tarball you've downloaded.
We are going to install the different packages in the order given below:
It is suggested that you follow the order of installation as given above, since some task(s) to be performed may rely on previous task(s) performed.
Further, PHP will be installed as dynamically linked modules within the Apache web server.
4.2 Install OpenSSL
# cd openssl-0.9.6/ # ./config \ -no-idea \ (European users*) -fPIC # make # make test # make install # cd ..
* Copied from mod_ssl INSTALL file. Haven't looked into why this option should be added here.
4.3 Install Net_SSLeay
Install the Perl module as follows:
Note that during 'make test', you may get error messages saying that the test is not OK. This happens when testing against external sites. You can ignore this message and continue with 'make install'.
4.4 Install Webmin
Webmin is an excellent web-based administration tools package for various Unix systems. With the package installed, you can perform many system tasks such as user management, Samba and Apache configuration, etc. through a web browser.
Suppose that you have already unpacked the Webmin tarball, you can install the package using the following command:
# cd webmin-0.82 # ./setup.sh
During installation, just accept all the defaults when prompted (except, of course, the administrator's username and password).
If you use the default port number for Webmin installation with secure connection support, you can access your Webmin installation using:
Without encryption, you use 'http://' instead.
Don't forget to restrict access privileges to the IPs that you use. To do this, use the Webmin Configuration module and set up restricted IP address(es). You can do this after everything is installed.
(To uninstall Webmin, find the unstall.sh script and run it. If you accept the default settings during installation, the uninstall.sh script is located in the /etc/webmin/ folder.)
4.5 Install MySQL
Install MySQL is as easy as taking the following three steps:
4.5.1 Compile and install the software
# pw groupadd mysql # pw useradd mysql -g mysql -d /usr/local/mysql -s /nonexistent # ./configure --prefix=/usr/local/mysql # make # make install
4.5.2 Run MySQL for the first time
After MySQL is installed, run the following commands only ONCE:
# /usr/local/mysql/bin/mysql_install_db # chown -R mysql /usr/local/mysql # chgrp -R mysql /usr/local/mysql # /usr/local/mysql/bin/safe_mysqld --user=mysql & # /usr/local/mysql/bin/mysqladmin -u root password newpassword
where newpassword is the password you choose for the root.
4.5.3 Start MySQL after system reboot
This step is to link MySQL initiating script with system initiating process so that it will be restarted after each system reboot.
There is a file called mysql.server within your unpacked mysql-3.23.25/support-files folder.
Copy the same mysql-3.23.25/support-files/mysql.server file into, for example, the /etc folder and make it executable.
# cp mysql.server /etc/ # chmod 755 /etc/mysql.server
Add the following line into the /etc/rc.local file. If there is no rc.local file, create one yourself (and make it executable).
Change two lines in the mysql.server script.
On a Linux box
Copy the file mysql-3.23.25/support-files/mysql.server into the /etc/rc.d/init.d/ folder and create a softlink in the /etc/rc.d/rc3.d folder. e.g.
# ln -s /etc/rc.d/init.d/mysql.server /etc/rc.d/rc3.d/S91mysql
We need to make mysql.server excutable so that it will be called up when the system reboots:
# chmod a+x /etc/rc.d/init.d/mysql.server
Again, you need to modify the mysql.server script as per instruction in the FreeBSD subsection.
4.6 Install Apache (with Zend Optimizer)
PHP can be built into Apache in two modes: 1) Statically linked; 2) Dynamically linked. In this tutorial, we build dynamically linked PHP modules. If you are not clear about the difference between 'statically' and 'dynamically' linked installation, it is suggested that you follow the instructions provided here. Otherwise, please take a look at the older version of this tutorial (Note that the older version is no longer updated).
Installing Apache and PHP involves six steps in the following order:
4.6.1 Compile the MM Shared Memory Library
# cd mm-1.1.3/ # ./configure --disable-shared # make # make test # cd ..
4.6.2 Compile and build mod_ssl
4.6.3 Compile and install Apache
Suppose that both Apache and PHP files are untarred under the same parent folder. Do the following:
# cd apache_1.3.14 # SSL_BASE=../openssl-0.9.6 \ EAPI_MM=../mm-1.1.3 \ ./configure \ --prefix=/usr/local/apache \ --enable-module=ssl \ --enable-module=so \ --enable-module=log_agent \ --enable-module=log_referer \ --enable-module=proxy \ --enable-module=rewrite \ --enable-module=speling \ --enable-module=usertrack \ --enable-module=vhost_alias # make # make certificate TYPE=dummy # make install
Note the use of --prefix=/usr/local/apache option, which will get all Apache files installed in the /usr/local/apache folder.
If you encounter problem running the above configure command (with tons of options :-)), you can create a text file with all the 'configure' options in it and execute that file. For example, your text file can contain the following content (Modify it to meet your own needs):
Suppose you edit the file and save it as 'myscript.txt'. Now you can issue the following command at the shell prompt:
Take a look at http://httpd.apache.org/docs/mod/index.html for all available modules.
The command './configure --help' will give you a list of all the modules available.
4.6.4 Create a protected folder (for installing phpMyAdmin)
By default, all the files and folder under the web root folder is viewable by everyone. If you need to restrict access to a certain web folder, you need to create a login name for authentication. Note that this login name is different from (Shell) user accounts on your Unix box. You can choose any login name.
4.6.5 Create a login name for authentication
The following command will create a login name mynewuser which can be used for authentication to access a protected folder.
# /usr/local/apache/bin/htpasswd -c \ /home/www/userdb/userfile mynewuser
where /home/www/userdb is the folder which contains the file userfile which in turn contains the username mynewuser. With the option -c, username will be created. Otherwise the useerfile will be updated (when, for example, you want to change the password associated with the username).
4.6.6 Set up a password protected folder
Suppose the folder /home/www/securefoldername needs to be protected. In the /usr/local/apache/conf/httpd.conf file, add the following:
<Directory "/home/www/securefoldername"> AllowOverride AuthConfig AuthName "MYCOMMUNITY" AuthType Basic AuthUserFile /home/www/userdb/userfile Order deny,allow Deny from all Allow from .mydomain.com </Directory>
Note that 'MYCOMMUNITY' is an arbitrary string I choose. You can use a different string as long as you keep it consistent in the following .htaccess file.
In the /home/www/securefoldername folder, create the .htaccess file (don't forget about the dot (.) in front of htaccess) which contains the following lines:
AuthName "MYCOMMUNITY" AuthType Basic AuthUserFile /home/www/userdb/userfile AuthGroupFile /dev/null Require user mynewuser
The /home/www/securefoldername will now be protected with basic authentication. Only the username 'mynewuser' from a computer within .mydomain.com will be able to view pages hosted within that folder. We will use this folder to install the phpMyAdmin files.
4.6.7 Modifying system init file
To manually start Apache
# /usr/local/apache/bin/apachectl start
To start apache in secure mode:
To automatically start Apache at system reboot, do the following:
The /etc/rc.d/rc.local file can be modified so that Apache will be fired at system reboot. Add the following line at the very end of the file:
Add the following line to the /etc/rc.local file (after the line that initiates MySQL):
Add the following line to the /etc/rc.shutdown file (before the line that shuts down MySQL):
4.7 Install PHP
We are going to compile both PHP3 and PHP4 as two different dynamically linked modules in Apache. If you don't want PHP3, you can simply compile and install PHP4 alone.
4.7.1 Compile and install PHP
First, we compile and install PHP3.
# cd ../php-3.0.17 # EAPI_MM=../mm-1.1.3 \ ./configure --with-apxs=/usr/local/apache/bin/apxs \ --enable-versioning --with-mysql --enable-track-vars # make # make install # cp php3.ini-dist /usr/local/lib/php3.ini
Next, we compile and install PHP4.
# cd ../php-4.0.3pl1 # EAPI_MM=../mm-1.1.3 \ ./configure --with-apxs=/usr/local/apache/bin/apxs \ --enable-versioning --with-mysql --enable-track-vars # make # make install # cp php.ini-dist /usr/local/lib/php.ini
Again, if the configure command has too many options, simple create a text file, put everything in it and then execute it.
4.7.2 Installing Zend Optimizer
The following is quoted directly from the FAQ.txt of Zend Optimizer:
Under UNIX: 1. Compile PHP 4.0 in non-debug mode - or else the Zend Optimizer won't load. As of 4.0.1, this is the default, no special configure option is required. 2. Copy the ZendOptimizer.so file to your system; a good place to put it is in the /usr/local/Zend/lib directory. 3. Add the following two lines to your php.ini file; do not add any extra spaces or tabs: zend_optimizer.optimization_level=15 zend_extension="/usr/local/Zend/lib/ZendOptimizer.so" 4. Restart your Apache web server; for recent Apache 1.3.* versions use the command apachectl restart.
4.7.3 Configure Apache to enable PHP scripting
This is done by modifying the /usr/local/apache/conf/httpd.conf file and make sure the following line is present exactly as below (What you need to do is to uncomment (i.e., delete the # sign at the beginning of) the two lines in the default httpd.conf file):
AddType application/x-httpd-php3 .php3 AddType application/x-httpd-php3-source .phpsAddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps
You need to restart Apache to let the changes take effect.
4.7.4 Test your new server configuration
You can test all the configurations by creating a file (name it info.php3, for example) and place it under the root directory of your web server. (If you haven't modified the DocumentRoot option in the httpd.conf file, the web server root is at /usr/local/apache/htdocs folder.) The file should just contains one line:
<?php phpinfo() ?>
Run the script from a web browser and you should see a list of web server configuration parameters.
Rename the file you just created as info.php. Run it through your web browser. This will display your PHP4 installation.
At this time, you can optionally reboot your Linux box to make sure that the two servers (MySQL and Apache) are fired up at system reboot.
4.8 Install phpMyAdmin for MySQL administration
Untar the phpMyAdmin file in a protected folder such as the one we just created above. It is suggested that you password protect the folder and implement IP access restriction at the same time (See relevant instrutions above).
Modify the config.inc.php3 file to add the root password of your MySQL server.
Remove the READ ('r') permission bit of this particular folder which contains the phpMyAdmin scripts. To do this, you can simply use the following command:
This will prevent those users with shell login privileges to read your MySQL root passport through terminal (e.g., telnet) access.
Now you can administer your MySQL database from a web browser.
Let us create our first database for use with the following PHPLIB installation.
You need to consult the MySQL manual for further information about permissions, etc.. The latest Webmin (0.79) also has limited support to MySQL administration. Reload MySQL from the phpMyAdmin top page.
4.9 Install PHPLIB
Installing PHPLIB is optional but STRONGLY recommended if you are serious about PHP scripting. PHPLIB is an excellent library that will enable you to code in PHP more efficiently and cleanly.
To install the library, untar the downloaded file into a folder parallel to your web server's document root. For example, if your web root is at /home/www/DocRoot, you can place PHPLIB files under /home/www/phplib72.
Edit the /usr/local/lib/php3.ini file by adding the following two lines:
include = "/path/to/the/phpfolder" auto_prepend_file = "/path/to/thefile/prepend.php3"
Add the appropriate entries in MySQL:
Host: localhost Database: mydb Username: mydbuser Password: secrete
Modify the DB_Example lines in the local.inc file to add the above information.
Run the following command:
$ /usr/local/mysql/bin/mysql -h localhost -u root -p mydb < /whateverpath/to/create_database.mysql
Now you should be able to use the PHPLIB for your coding. Check out this sample code page to see how to connect to a database with or without PHPLIB support.
PHPLIB can be customized for each virtual web server that is running on your unix box. If you need information or help with configuration, please contact me.
4.10 Install DBI
DBI is a Perl module that enables interfacing with MySQL from a Perl script. One way or the other, you will need it for writing Perl scripts to interact with MySQL.
To install it, follow the instructions below:
# perl Makefile.PL # make # make test # make install
You can ignore the error message about using proxy servers. You will unlikely need this feature if you only use Perl script to interface with the MySQL database on a localhost.
Sit back and take a break! You've done a great job within a very short period of time.
Now it is time for you to read those manuals to get started with scripting. The two must-haves are:
If you want to learn SQL, read this very informative tutorial. Tutorials on PHP scripting can be found by following links provided on the official PHP website. If you are serious about PHP scripting, http://www.phpbuilder.com/ is the place to check out. http://www.webmonkey.com/ is also a great place for tutorials.
If you want to code cleanly and quickly and develop serious web applications, please read the PHPLIB document. One way or the other, you will like it.
Two pieces of simple SAMPLE CODES can be found here.
1) This tutorial is provided for you reference only. Use it at your own risk! The author is not responsible for any possible damage that may happen to you or your computer.
2) Please check your local laws concerning installing security software packages such as OpenSSL/mod_ssl on your system. The author of this tutorial does not assume any responsibility (whether stated or implied) of any kind concerning the use of those software applications.
If you have any questions concerning this tutorial, feel free to contact me through the online form.