Skip to content

Instantly share code, notes, and snippets.

@dragonjet
Last active July 31, 2021 21:01
Show Gist options
  • Save dragonjet/270cf0139df45d1b7690 to your computer and use it in GitHub Desktop.
Save dragonjet/270cf0139df45d1b7690 to your computer and use it in GitHub Desktop.
Setup Web Server on EC2 Amazon Linux AMI

Step 1: Server Credentials

This assumes you are now connected to the server via SSH.

  • sudo -s Enter root mode for admin access
  • groupadd devgroup Create new group to be later granted access to /var/www/html

Creating a new Root User

  • useradd -G root,devgroup masterdev Create new root user. Also add to the devgroup
  • passwd masterdev Change password for the new root user
  • At this point, you'll need to input your new root user's new password

Further User Configuration

Next, we'll need to set PasswordAuthentication to On. By default, passwords cannot be used on SSH (Off), so you initially need to use the pem or ppk files. However, since we now have created our new root user, we can change this and set it to "On".

  • vi /etc/ssh/sshd_config Edit SSH config file
  • Make sure this is set: PasswordAuthentication yes
  • service sshd restart

Add as sudoer

  • vi /etc/sudoers Edit the sudoers file
  • Add masterdev user after the root's line
root ALL=(ALL) ALL
masterdev ALL=NOPASSWD: ALL
  • Since the sudoer file is read-only, you may need to save your changes using :wq!.

Step 2 (A): APACHE Web Server + PHP5.5

For this step, you may choose either (A) Apache or (B) Nginx.

Installation

  • yum update -y Update linux packages
  • yum -y install httpd24 Install APACHE webserver
  • chkconfig httpd on Setup service
  • yum -y install php55 php55-bcmath php55-devel php55-common php55-cli php55-pecl-apc php55-pdo php55-mysql php55-xml php55-gd php55-mbstring php-pear php55-mysqlnd php55-mcrypt Install php and the usual extensions.

Configuration

  • Apache Configuration vi /etc/httpd/conf/httpd.conf
<Directory "/var/www/html">
	Options Indexes FollowSymLinks
	AllowOverride All
	Require all granted
</Directory>
  • PHP Configuration vi /etc/php.ini
error_log = /var/log/php-error.log
date.timezone = "UTC"

Finalization

  • usermod -a -G devgroup apache Add apache to dev group
  • Give the devgroup access to /var/www/html
chown -R root:devgroup /var/www/html
chmod -R 775 /var/www/html
  • service httpd start

Step 2 (B): NGINX Web Server + PHP5.5

For this step, you may choose either (A) Apache or (B) Nginx.

Installation

  • yum update -y Update linux packages
  • yum install -y nginx Install NGINX webserver
  • chkconfig httpd on Setup service
  • yum -y install php55 php55-fpm php55-bcmath php55-devel php55-common php55-cli php55-pecl-apc php55-pdo php55-mysql php55-xml php55-gd php55-mbstring php-pear php55-mysqlnd php55-mcrypt Install php and the usual extensions, including FPM.

Configuration

  • Nginx Configuration vi /etc/nginx/nginx.conf
root /var/www/html;

location / {
	root   /var/www/html;
	index  index.php index.html index.htm;
}
 
location ~ \.php$ {
	fastcgi_pass    unix:/var/run/php-fpm/php-fpm.sock;
	fastcgi_index   index.php;
	fastcgi_param   SCRIPT_FILENAME  /var/www/html$fastcgi_script_name;
	include         fastcgi_params;
}
  • PHP-FPM Configuration vi /etc/php-fpm.d/www.conf
listen = /var/run/php-fpm/php-fpm.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0664
user = nginx
group = nginx
  • PHP Configuration vi /etc/php.ini
error_log = /var/log/php-error.log
date.timezone = "UTC"

Finalization

usermod -a -G devgroup nginx
chown -R root:devgroup /var/www/html
chmod -R 775 /var/www/html

chkconfig nginx on
service nginx start

chkconfig php-fpm on
service php-fpm start

Step 3: MySQL 5.6

  • If you will be using Amazon RDS or any separate database server, skip the whole MySQL Section. This is only required when you want to use a "localhost" MySQL on your server.

Installation

  • wget -O mysql.rpm http://dev.mysql.com/get/mysql-community-release-el6-5.noarch.rpm/from/http://repo.mysql.com/
  • yum -y localinstall mysql.rpm
  • yum -y install mysql-community-server
  • service mysqld start
  • chkconfig mysqld on
  • mysql_secure_installation
  • MySQL will ask for root password. By default, its blank. Press enter.
  • MySQL will ask to set root password, answer Y.
  • Input the new root password
  • MySQL will ask to remove anonymous users, answer Y.
  • MySQL will ask to disallow root login remotely, answer Y.
  • MySQL will ask to remove test database, answer Y.
  • MySQL will ask to reload privileges, answer Y.
  • mysql -u root -p Test Root Login to MySQL Console
  • At this point you will need to enter your password
  • If the console prefix changed to mysql>, it was successful
  • Type exit to go back to Linux command line

Setup phpMyAdmin

  • cd /var/www/html
  • wget -O pma.zip http://nchc.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/4.3.3/phpMyAdmin-4.3.3-english.zip
  • unzip pma.zip
  • mv phpMyAdmin-4.3.3-english dba
  • sudo rm pma.zip
  • phpMyAdmin now accessible on http://your_server/dba

Optional: Setup FTP

Creating a Dev User

  • useradd -d /var/www/html -G devgroup -M dev Add dev user, with home pointing to web directory, and add to the devgroup.
  • passwd dev Change password for the dev user
  • At this point, you'll need to input the dev user's new password

Connecting

  • Use the username and password of the Dev User you just created
  • Use SFTP connection. FTP only will not work.
@rdibona
Copy link

rdibona commented Oct 28, 2015

Thanks for this. It seems like in step 2 (b) for nginx, the proper 3rd command for "setup service" should be: chkconfig nginx on instead of chkconfig httpd on

@vinaythoke
Copy link

This is brilliant. Thank you so much for this. This saved me so much of surfing and searching on google. 👍

@tetreault
Copy link

Just wanted to add that its really bad practice to use passwords. If your'e the admin on the server get the user's public keys and create their user account then add their pub key to new-user/.ssh/authorized_keys. Feel free to also reference some steps i've jotted down: https://github.com/MSCHF/aws-ec2-node-npm-setup

@WilldelaVega777
Copy link

Amazing Work!!!

Please consider changing in step 2b (Install Nginx Web Server) the following:

chkconfig httpd on

to:

chkconfig nginx on

@jrbattles
Copy link

I used SFTP with keys insted of dev.... Having problems now with "permission denied" when I attempt to upload a file.

@alfredtan
Copy link

Thank you!

@yevgnenll
Copy link

awesome!! thx!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment