Whether you’re new to hosting websites or a seasoned developer, you’ve more than likely heard of a LAMP stack. The LAMP stack is the base set of applications that most websites running on a Linux server are served from and is commonly referred to as “Lamp”. Rather than a single program that interacts with the website being served, LAMP is actually a number of independent programs that operate in tandem: Linux, Apache, MySQL/MariaDB, and PHP. Throughout this article, we’ll walk through installing the LAMP stack on your CentOS 7 server so you can run a website from any Dedicated Server or Virtual Private Server. Although we’re focusing on installing LAMP on a CentOS 7 server, the steps that we’ll cover are very similar across multiple Linux distributions.
What is Puppet?
Puppet is an intuitive, task-controlling software which provides a straightforward method to manage Linux and Windows server functions from a central master server. It can perform administrative work across a wide array of systems that are primarily defined by a “manifest” file, for the group or type of server(s) being controlled.
If you’re using a Windows-based server to host your content, you may using Microsoft’s database server product, MSSQL. However, licensing restrictions can make using MSSQL difficult, especially for small businesses. Microsoft offers a free version of MSSQL called MSSQL Express that will be suitable for many users, but this version does have limitations on database size and memory usage. If you need a more robust database solution but want to try something with a lower cost (like a free, open-source database server), you could try MySQL database server.
MySQL is a standard part of the typical Linux server build (or LAMP stack) but is also available for use on Windows operating systems. Depending on your needs, you could fully develop your database in MySQL. Many popular Content Management Systems (CMS) also use MySQL by default, so using MySQL to manage those applications may be beneficial. MySQL and MSSQL can be run on the same server at the same time, so you’re free to use both or to experiment as needed.
Installing MySQL on your Windows server is as simple as downloading an MSI Installer package and clicking through a few options.
- Download the MySQL Installer from dev.mysql.com. The two download options are a web-community version and a full version. The web-community version will only download the server, by default, but you can select other applications (like Workbench) as desired. The full installer will download the server and all the recommended additional applications. (You’ll also be asked to create a user account, but you skip this part by scrolling down to the bottom and clicking “No thanks, just start my download”.)
- Run the installer that you downloaded from its location on your server, generally by double-clicking.
- Determine which setup type you would like to use for the installation:
- Developer Default: this is the full installation of MySQL Server and the other tools needed for development. If you are building your database from the ground up or will be managing the data directly in the database, you’ll want to use this setup type.
- Server Only: if you only need MySQL Server installed for use with a CMS or other application and will not be managing the database directly, you can install just the server (you can always install additional tools later).
- Custom: this setup type will allow you to customize every part of the installation from the server version to whichever additional tools you select.
- Install the server instance and whichever additional products you selected. Then begin the configuration process by selecting the availability level (most users will use the default, standalone version).
- Complete the configuration process by following the on-screen instructions. You’ll want to make sure to install MySQL as a Service so that Windows can automatically start the service after a reboot or can restart the service if it fails. For additional, step-by-step instructions, see MySQL Server Configuration with MySQL Installer.
Have other thoughts or questions? Our Sales and Support teams are available 24 hours by phone or e-mail to assist. Reach out to us by opening a support ticket at firstname.lastname@example.org, giving us a call at 1-800-580-4985 or, open a chat with us and we’ll be happy to answer any questions you may have!
The security of your website is vital to the success of your Internet business. One way you can protect your data (and your customers) is through the use of encrypted communication protocols. Secure Socket Layer (or SSL) was the original method of providing for basic encryption between servers and clients. The industry mostly uses Transport Layer Security (or TLS) protocols now, but the process is basically the same, and most users refer to this kind of encryption by the old name: SSL. As part of our Web Hosting Toolkit, Liquid Web provides and SSL Tool to help you verify that your SSL is installed correctly and up-to-date. Below is an insight on how to use this tool and as well as some core concepts and certificates types to know when dealing with SSL.
SSL Certificate Checker
You’ll want to confirm that everything is functioning correctly on the server once you’ve successfully ordered and installed your SSL. At this time, you’ll want to check on your domain SSL’s to confirm expiration dates, covered subdomains, or other information. While you can use various third-party SSL checkers on the Internet, Liquid Web makes gathering this information about your domain simple. Just go to the Liquid Web Internet Webhosting Toolkit page and click on SSL Tool.
How Do I Check If My SSL Certificate is Valid?
Enter your domain name in the box provided and click on Submit. You can enter either your primary domain name (like mydomain.com) or any of the subdomains you may have created SSL certificates for (like blog.mydomain.com). If an SSL certificate is installed on the server for the domain, the page will display the status of the certificate and additional information.
In this example, you can see that the certificate is valid and trusted by browsers and that the tested domain matches the certificate.
You can also see which Certificate Authority issued the certificate and the dates for which the certificate is valid.
Finally, you can see which signing algorithm was used to generate the certificate (indicating how complex and secure the certificate is) and which domains and subdomains are covered by the certificate.
How SSLs Work
SSL connections work through a series of tools that exist on your server and on a client’s web browser. At the simplest level, the server and a client computer exchange information and agree on a secret “handshake” that allows each computer to trust the other computer. This handshake is established through the use of private and public SSL certificate keys. The private key resides on the server, and the public key is available to a client computer. All information passed between the computers is encoded and can only be decoded if the keys match. These keys are generated by a Certificate Authority (like GlobalSign) and can vary in complexity and expiration date. These matched keys exist to prevent what are known as “man in the middle” attacks when a third-party intercepts the Internet traffic for the purpose of stealing valuable data (like passwords or credit card information). Because the third-party doesn’t possess the matching keys, they will be unable to read any of the intercepted information.
By using a trusted certificate, your website users can enter their information with full confidence that their data is safe. Certificate Authorities only grant SSL certificates to operators who can prove that they are the legitimate owner of a domain and that the domain is hosted on the server for which the certificate is being issued. This proof is usually obtained by modifying the DNS records for a domain during the verification process of the certificate ordering transaction. To learn more about how to order an SSL through your Liquid Web account, see How To Order or Renew an SSL Certificate in Manage.
Types of SSL Certificates
While SSL certificates all provide the same essential functions, there are several different types of certificates to choose from. You’ll want to establish which certificate meets your needs before you decide to order one for your domain. The types we’ll discuss here are Self-Signed Certificates, Standard Domain Certificates, Wildcard Certificates, Extended Validation Certificates.
Most servers have the capability of generating a Self-Signed SSL certificate. These certificates provide the same kinds of encrypted communication that certificate provided by Certificate Authorities provide. However, because they are self-signed, there is no proof that the server is the “real” server associated with a website. Many control panels use self-signed certificates because the owner of the server knows the IP address of the server and can trust that they are connecting to the correct site when using that IP address. The advantage of self-signed certificates is that they are easy to generate and are free to use for as long as you want to use them.
Standard Domain Certificates
If you only need to secure a single domain or subdomain, a standard domain SSL certificate is appropriate. Standard certificates are generally the least expensive option from Certificate Authorities and are designed to cover one domain or subdomain (generally both domain.com and www.domain.com are covered by a standard certificate).
If you have multiple subdomains, you may be able to save time and money by getting a wildcard SSL certificate. Wildcard certificates cover a domain and all of its subdomains. For instance, if you have a domain website that also has a mail subdomain, a blog, a news site, and a staging site that you want to be protected by SSL communication, a single wildcard would protect all of the sites.
Extended Validation Certificates
SSL certificates are generally issued to companies that can prove they have the right to use a domain name on the Internet (normally because they can modify the DNS records for that domain). While that level of verification is sufficient for most companies, you may need to have additional evidence that your company is a reliable entity for business purposes. Organizational SSL certificates require additional vetting by a Certificate Authority, including checks about the physical location of your company and your right to conduct business. Organizational SSL details can be visible on your website if you install a Secure Site Seal. Additional vetting is available for companies that choose Extended Validation SSL certificates. Extended Validation processes are often used by banks and financial institutions to provide extra reassurance to their customers that their website is legitimate. EV SSLs will turn the address bar of the client’s browser green and display the company’s name on the right side of the address bar.
If you need help determining which type of SSL is right for your business, chat with our Solutions team for additional information.
Now that you’ve checked the details of your SSL certificate and confirmed that all of the information is correct, you’ll be sure that the communications between your server and your customer’s computers are secure as that information travels over the Internet. For more information about improving the overall security of your server, see Best Practices: Protecting Your Website from Compromise.
Similar to Dropbox and Google Drive, Nextcloud is self-hosting software that allows you to share files, contacts, and calendars. But, unlike Dropbox and Google Drive, your files will be private and stored on your server instead of a third party server. Nextcloud is HIPAA and GDPR compliant, so your files will be encrypted along with the ability to audit. For this tutorial, we’ll be installing our Nextcloud instance on our Ubuntu 18.04 LTS server. Continue reading “How to Install Nextcloud 15 on Ubuntu 18.04”
When we are done, you will have a React environment you can use to start development on your Liquid Web server.
MariaDB is a drop in replacement for MySQL, and its popularity makes for several other applications to work in conjunction with it. If you’re interested in a MariaDB server without the maintenance, then check out our high-availability platform. Otherwise, we’ll be installing MariaDB 10 onto our Liquid Web Ubuntu server, let’s get started! Continue reading “How to Install MariaDB on Ubuntu 18.04”
A Squid Proxy Server is a feature rich web server application that provides both reverse proxy services and caching options for websites. This provides a noticeable speedup of sites and allows for reduced load times when being utilized.
Squids reverse proxy is a service that sits between the Internet and the webserver (usually within a private network) that redirects inbound client requests to a server where data is stored for easier retrieval. If the caching server (proxy) does not have the cached data, it then forwards the request on to the webserver where the data is actually stored. This type of caching allows for the collection of data and reproducing the original data values stored in a different location to provide for easier access.
When looking to host websites or services from a Windows server, there are several options to consider. It is worth reviewing the strengths and weaknesses of each server type to determine which one is most likely to meet your particular needs before you spend the time installing and configuring a web service.
Some of the most common web servers available for Windows services are Tomcat, Microsoft IIS (Internet Information Services), and of course the Apache server. Many server owners will choose to use a control panel which manages most of the common tasks usually needed to administer a web server such as e-mail and firewall configuration.
At LiquidWeb, that option means you’re using one of our Fully Managed Windows Servers with Plesk. Alternately, some administrators who need more flexibility choose one of our Core or Self-Managed Windows Servers. This article is intended for the latter type of server with no Plesk (or other) server management control panel.
This guide was written for a 64-bit Windows server since a modern server is more likely to utilize that platform. There are also a few potential issues with Apache on a Windows 32-bit systems (non-64-bit) which you should be aware of and can be reviewed here.
While there are several mirrors to choose from for downloading the pre-compiled Apache binaries for windows, we’ll be using ApacheHaus for our purposes.
(This is the 64-bit version with OpenSSL version 1.1.1a included). If you would like to utilize an alternate version they are listed here: Available Versions Page
Install Apache on Windows
We will assume that you have installed all the latest available updates for your version of Windows. If not, it is critical to do so now to avoid unexpected issues. These instructions are specifically adapted from the directions provided by ApacheHaus where we obtained the binary package. You may find the entire document in the extracted Apache folder under the file “readme_first.html”.
Visual C++ Installation
Before installing Apache, we first need to install the below package. Once it has been installed, it is often a good idea to restart the system to ensure any remaining changes requiring a restart are completed.
- Download the Visual C++ 2008 Redistributable Package and install it. It is located here.
- Restart (optional but recommended).
- Extract the compressed Apache download. While you can extract it to any directory it is the best practice to extract it to the root directory of the drive it is located on (our example folder is located in C:\Apache24). This is the location we will be using for these instructions. Please note that once installed you can see Apache’s base path by opening the configuration file and checking the “ServerRoot” directive).
- Open an “Administrator” command prompt. (Click the Windows “Start” icon, then type “cmd”. Right-click the “Command Prompt” item which appears, and select “Run As Administrator.”)
- Change to the installation directory (For our purposes C:\Apache24\bin).
- Run the program httpd.exe.
- You will likely notice a dialogue box from the Windows Firewall noting that some features are being blocked. If this appears, place a checkmark in “Private Networks…” as well as “Public Networks…”, and then click “Allow access.”
- As noted in the ApacheHaus instructions:
“You can now test your installation by opening up your Web Browser and typing in the address: http://localhost
If everything is working properly, you should see the ApacheHaus’ test page.“
To shut down the new Apache server instance, you can go back to the Command Prompt and press “Control-C”.
- Now that you have confirmed the Apache server is working and shut it down, you are ready to install Apache as a system service.
- In your Command Prompt window, enter (or paste) the following command:
httpd.exe -k install -n "Apache HTTP Server"
Installing the 'Apache HTTP Server' service
The 'Apache HTTP Server' service is successfully installed.
Errors reported here must be corrected before the service can be started.
(this line should be blank)
- From your Command Prompt window enter the following command and press ‘Enter.’
Look for the service “Apache HTTP Server.” Looking towards the left of that line you should see “Automatic.” If you do not, double-click the line and change the Startup Type to “Automatic.”
- Restart your server and open a web browser once you are logged back in. Go to this page in the browser’s URL bar: http://localhost/
Configure Windows’ Firewall
To allow connections from the Internet to your new web server, you will need to configure a Windows Firewall rule to do so. Follow these steps:
- Click the “Windows Start” button, and enter “firewall.” Click the “Windows Firewall With Advanced Security” item.
- Click “New Rule” on the right-hand sidebar.
- Select “Port,” and click Next. Select the radio button next to “Specific remote ports:” Enter the following into the input box: 80, 443, 8080
- Click Next, then select the radio button next to “Allow the connection.”
- Click Next, ensure all the boxes on the next page are checked, then click Next again.
- For the “name” section, enter a description that is familiar enough that you will be able to recognize the rule’s purpose later such as: “Allow Incoming Apache Traffic.”
- Click “finish.”
- Try connecting to your server’s IP address from a device other than the one you are using to connect to the server right now. Open a browser and enter the IP address of your server. For example, http://192.168.1.21/. You should see the test web page.
- For now, go back to the Windows firewall and right-click the new rule you created under the “Inbound Rules” section. Click “Disable Rule.” This will block any incoming connections until you have removed or renamed the default test page as it exposes too much information about the server to the Internet. Once you are ready to start serving your new web pages, re-enable that firewall rules, and they should be reachable from the Internet again.
That’s it! You now have the Apache Web Server installed on your Windows server. From here you’ll likely want to install some Apache modules. Almost certainly you will need to install the PHP module for Apache, as well as MySQL. Doing so is beyond the scope of this tutorial; however, you should be able to find a variety of instructions by searching “How to Install PHP (or other) Apache module on Windows server,” or similar at your favorite search engine.
What is the purpose of Git?
Git gives you a way to not only track changes in source code, but it can also be used to track changes in files. It then stores the data in what is called a repository, also known as a repo. Continue reading “Install and Configure Git on Ubuntu 18.04”