The LAMP stack (Linux, Apache, MySQL/MariaDB, PHP) is a classic web development environment. This guide walks through installing and configuring each component on Debian, along with essential optimizations and security measures.
Before installing any software, update your system to ensure you have the latest security patches and package versions:
sudo apt update && sudo apt upgrade -y Apache is the most widely used web server for Debian. Install it with:
sudo apt install apache2 -y After installation, Apache starts automatically. Verify its status:
sudo systemctl status apache2 You should see active (running). To confirm Apache is accessible, open a browser and navigate to your server’s IP address—you’ll see the default Apache welcome page.
Debian uses MariaDB as the default MySQL alternative. Install it with:
sudo apt install mariadb-server -y Run the security script to harden your database:
sudo mysql_secure_installation Follow the prompts to:
Install PHP and common extensions for web development (e.g., MySQL support, JSON parsing):
sudo apt install php libapache2-mod-php php-mysql php-cli php-fpm php-gd php-mbstring php-curl php-xml -y Key extensions:
php-mysql: Enables PHP to interact with MySQL/MariaDB.php-fpm: Improves performance for handling PHP requests (recommended for high-traffic sites).php-gd/php-mbstring: Support for image manipulation and multibyte characters.Edit the PHP configuration file to adjust settings like memory limit and upload size. For PHP running under Apache:
sudo nano /etc/php/8.2/apache2/php.ini (Uncomment and modify these lines as needed—adjust values based on your server’s resources):
memory_limit = 256M upload_max_filesize = 10M post_max_size = 10M max_execution_time = 300 For PHP-FPM (if installed), edit the pool configuration:
sudo nano /etc/php/8.2/fpm/pool.d/www.conf Ensure the following lines are uncommented and set correctly:
listen = /run/php/php8.2-fpm.sock listen.owner = www-data listen.group = www-data Restart services to apply changes:
sudo systemctl restart apache2 sudo systemctl restart php8.2-fpm # Only if using PHP-FPM Create a test file in Apache’s default document root to verify PHP is working:
sudo nano /var/www/html/info.php Add the following content:
<?php phpinfo(); ?> Save the file and access it in your browser at http://your_server_ip/info.php. You should see a detailed PHP information page—this confirms PHP is correctly installed and integrated with Apache.
Virtual hosts allow you to host multiple websites on a single server. Create a new configuration file for your site:
sudo nano /etc/apache2/sites-available/example.com.conf Add this template (replace example.com with your domain and /var/www/example.com with your document root):
<VirtualHost *:80> ServerAdmin webmaster@example.com ServerName example.com ServerAlias www.example.com DocumentRoot /var/www/example.com ErrorLog ${APACHE_LOG_DIR}/example.com_error.log CustomLog ${APACHE_LOG_DIR}/example.com_access.log combined <Directory /var/www/example.com> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> </VirtualHost> Enable the site and disable the default site:
sudo a2ensite example.com.conf sudo a2dissite 000-default.conf Reload Apache to apply changes:
sudo systemctl reload apache2 HTTPS encrypts traffic between your server and users. Install Certbot (a tool for obtaining free SSL certificates) and the Apache plugin:
sudo apt install certbot python3-certbot-apache -y Obtain a certificate for your domain:
sudo certbot --apache -d example.com -d www.example.com Certbot will automatically configure Apache to use HTTPS and set up automatic renewal. Verify HTTPS works by accessing https://your_domain.com in your browser (you should see a padlock icon).
Use ufw (Uncomplicated Firewall) to allow only necessary traffic (HTTP/HTTPS). Install ufw if not already installed:
sudo apt install ufw -y Allow Apache and HTTPS traffic:
sudo ufw allow 'Apache Full' Enable the firewall:
sudo ufw enable Check the status to confirm rules are applied:
sudo ufw status mysql_secure_installation).www-data for Apache) and permissions (e.g., 755 for directories, 644 for files).sudo apt update && sudo apt upgrade -y weekly to patch vulnerabilities.rsync or cloud backups to regularly back up your website files and database.By following these steps, you’ll have a secure, functional LAMP environment on Debian ready for web development. Adjust configurations (e.g., PHP versions, virtual hosts) based on your project requirements.
