Top Left Text cha

Web & App Development

Add repository:
sudo add-apt-repository ppa:certbot/certbot

Install CertBot's Apache package:
sudo apt install python-certbot-apache

Make sure you have a server block for your domain:
sudo nano /etc/apache2/sites-available/

Reload Apache:
sudo systemctl reload apache2

Check firewall status:
sudo ufw status

After firewall has been confirmed enabled, configured, add rules:
sudo ufw allow 'Apache Full'
sudo ufw delete allow 'Apache'

Should at least have the following rules:
Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                  
Apache Full                ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)             
Apache Full (v6)           ALLOW       Anywhere (v6)        
Use Apache CertBot plugin to create & install certificate, keys:
sudo certbot --apache -d -d

Test auto-renew:
sudo certbot renew --dry-run
Comment (0) Hits: 749
Update software
apt-get update && apt-get upgrade

You will be prompted to update or keep local copy of grub... keep the local copy!
Create hostname
hostnamectl set-hostname example
(replace 'example' with something new. Doesn't matter what you call it)

Edit /etc/hosts

Example: localhost example-hostname
2600:3c01::f03c:91ff:fea5:187e example-hostname
(ipv6 is optional)

Set Time Zone

List time zones:

Preferred Method:
dpkg-reconfigure tzdata
Alternate Method:
timedatectl list-timezones

Set time zone (example):
timedatectl set-timezone 'America/Los_Angeles'

Use 'date' command to check time.

Add New User
adduser example_user

Add to sudo:
adduser example_user sudo
From here on, all commands will be issues by tim (but w/sudo sometimes)

Skipping 'create authentication key-pair' (used to disallow SSH via password)

Install Apache 2.4
sudo apt install apache2

Install MySQL
sudo apt install mysql-server

Install PHP & Additional Dependencies/support
sudo apt install php7.2 libapache2-mod-php7.2

Optional supports can be added to or some removed, depending on your needs.  You may only need a few like mysql & curl.  I usually install all of these to cover bases:
sudo apt-get install php-pear php-curl php-dev php-gd php-mbstring php-zip php-mysql php-xml php-json php-cgi php-mysql
Configure Apache
KeepAlive On
MaxKeepAliveRequests 50
KeepAliveTimeout 5
sudo nano /etc/apache2/apache2.conf
(linode had the correct settings and didn't need modified)

mpm prefork module:
StartServers 4
MinSpareServers 3
MaxSpareServers 30
MaxRequestWorkers 150
MaxConnectionsPerChild 10000

sudo nano /etc/apache2/mods-available/mpm_prefork.conf

Disable event module & enable prefork:
sudo a2dismod mpm_event
sudo a2enmod mpm_prefork
(found that this was also not necessary as event was already disabled and prefork was already enabled)
Restart apache:
sudo systemctl restart apache2

Setup Virtual Hosts

Make copy of default configuration file, replacing with website:
sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/

Sudo nano /etc/apache2/sites-available/

Following lines need to be uncommented, added or edited:

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html/

        ErrorLog /var/www/html/
        CustomLog /var/www/html/ combined
You must create the public_html folder.  Also, something that Linode never mentions, you will need to allow yourself write permissions on the folder:

sudo mkdir -p /var/www/html/{public_html,logs}

sudo chown -R $USER:$USER /var/www/html/
The command above give the logged in user appropriate permissions.

That was also not ideal. Most of the people, myself included, that write Linux material have no clue when it comes to permissions.
So here's an alternative I'm trying...
sudo chown -R www-data:www-data /var/www/html/

...then add your username to www-data:
sudo adduser tim www-data

Link virtual hosts file from sites-available directory to sites-enabled directory:

Enable website
sudo a2ensite

Disable default virtual host
sudo a2dissite 000-default.conf

MySQL Setup
sudo mysql -u root

Create database & user:
GRANT ALL ON webdata.* TO 'webuser' IDENTIFIED BY 'password';
(change 'webuser' & 'password' appropriately)

Then exit:

sudo mysql_secure_installation
Answer yes to:
remove anonymous users
disallow root login remotely
remove test database & access to it
reload privilege tables now

Configure PHP

Edit configuration file:
sudo nano /etc/php/7.2/apache2/php.ini

Following should be set:
error_reporting = E_ALL
max_input_time = 30
error_log = /var/log/php/error.log

Note: for production, error reporting should be:
Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT

Create the log directory/file & give access to apache system user:
sudo mkdir /var/log/php
sudo chown www-data /var/log/php

Restart apache:
sudo systemctl restart apache2
Install PhpMyAdmin
sudo apt-get install mcrypt
sudo service apache2 restart
sudo apt-get install phpmyadmin

create symbolic link:
sudo ln -s /usr/share/phpmyadmin
curl -sL | sudo -E bash -
sudo apt-get install -y nodejs
sudo apt-get install -yq --no-install-recommends libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 libnss3





Comment (0) Hits: 1589

This is for Ubuntu 16.04/17.10, Nginx, MySQL & PHP (LEMP)

Restart Nginx
sudo systemctl restart nginx
sudo systemctl reload nginx (only reload config file)

Restart PHP
sudo systemctl restart php7.0-fpm

Nginx config file
sudo nano /etc/nginx/nginx.conf

PHP config file
sudo nano /etc/php/7.0/fpm/php.ini

PHP Hosts file (sites-available/default)
sudo nano /etc/nginx/sites-available/default

Check syntax
sudo nginx -t

Firewall Status
sudo ufw status

Extract .tar.gz
sudo tar -xvzf file.tar.gz
optionally add -C destination/
Comment (0) Hits: 1194

Install phpMyAdmin
sudo apt-get update
sudo apt-get install phpmyadmin
You'll get asked which system you want to install phpMyAdmin on. Nginx is not an option, so hit tab & enter to skip this.
Next you'll be asked if you want dbconfig-common to configure a database.  

Create a password for phpMyAdmin & it's database.

Create a symbolic link from the phpMyAdmin application to the public folder.
sudo ln -s /usr/share/phpmyadmin /var/www/html

Enable the mcrypt PHP module.
sudo phpenmod mcrypt

Restart PHP
sudo systemctl restart php7.0-fpm

phpMyAdmin is now set up at your domain or IP (ex:

ToADD: create symbolic link for security (obsure /phpmyadmin from public)
Comment (0) Hits: 1213
These instructions are specifically for Nginx.  Unlike Apache, Nginx doesn't contain a native PHP processor so PHP-FPM (PHP fastCGI processing manager), so it will need to be installed manually.

Install php-fpm, php-mysql, and other modules that may be needed.  Some of these can be left off if they won't be used.  But if not sure, it won't hurt to install all of them as so...
sudo apt-get install php-fpm php-mysql php-curl php-gd php-pear php-imagick php-imap php-mcrypt php-recode php-tidy php-xmlrpc

Php-fpm will need to be configured.  Open the configuration file and edit with nano.
sudo nano /etc/php/7.0/fpm/php.ini

Find cgi.fix_pathinfo.  It will be commented out with a semicolon like:

Uncomment it and change the value to 0.  This is required for the security of your PHP files.  It should look like this after:
Save and close the file.

Restart the PHP processor.
sudo systemctl restart php7.0-fpm

Configure Nginx to use the new PHP processor (php-fpm)

Open the Nginx default server configuration file with nano.
sudo nano /etc/nginx/sites-available/default
Below is an example of the most recent block regarding php-fpm in the file.  Don't forget to add index.php to the index...
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;

server_name [your ip should be here];

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;

# pass the PHP scripts to FastCGI server listening on ...
location ~ \.php$ {
include snippets/fastcgi-php.conf;

# With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.0-fpm.sock;

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
location ~ /\.ht {
deny all;
Comment (0) Hits: 1141
Code samples for installing MySQL on Ubuntu Server via SSH

Install MySQL
sudo apt-get install mysql-server

You'll be asked for a root password that you want to use for the MySQL system.

Secure the installation.

You'll need to enter the password you supplied for the MySQL system. Then you'll be asked if you want to VALIDATE PASSWORD PLUGIN.  This is optional, but if don't set it up, you should make sure to use secure passwords.  If you do set it up, be sure you don't have anything like software that tries to create DB credentials with non-secure/simple passwords or it will produce errors.  I personally don't set this up, but I make sure that future credentials use secure passwords.

Next you'll be asked if you want to remove anonymous users, the test database, and disable remote logins.  You can usually answer yes to these questions.  Then also enter 'yes' to enable these rules and MySQL will be setup.
Comment (0) Hits: 1189
These are the basic commands needed when SSHing into the server to install and configure Nginx.

Update the package manager unless it's already been done.
sudo apt-get update

Install the Nginx package.
sudo apt-get install nginx

If you have UFW(uncomplicated firewall) firewall installed, you'll need to allow connections to Nginx.
sudo ufw allow 'Nginx HTTP'

Verify that it worked.
sudo ufw status
You should see Nginx in the list.

You can test that it worked also by pointing a web browser to the IP or domain (and you should see 'Welcome to nginx!'.

Comment (0) Hits: 1166