Instaling LAMP On CentOS 7.x

Home » CentOS » Instaling LAMP On CentOS 7.x
CentOS 12 Comments

Have a CentOS 7 minimal openvz container I need to install a LAMP
setup on. Does anyone recommend anything and have a link too it? I
am guessing Mariadb is the new standard?

12 thoughts on - Instaling LAMP On CentOS 7.x

  • And beware that quite noticeable portion of attempts to hack your website aim at phpmyadmin ;-)

    ++++++++++++++++++++++++++++++++++++++++
    Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247
    ++++++++++++++++++++++++++++++++++++++++

  • Webmin works too. There is a new release 1.700 that deals with the switch to .service

    webmin.com

    john

  • One good reason to use non-standard ports and restrict access to a very tiny quantity of IP addresses.

  • So EPEL is preferred over rpmforge now days? In past to get clamav and some other packages seemed like I had to use rpmforge.

  • Just my opinion but rpmforge was great for CentOS 5 then epel was better for 6…..I haven’t tested 7 enough to know yet.

    Adam King IT Systems Administrator Skipton Girls High School
    01756 707600
    http://www.sghs.org.uk

    —– Original Message —

  • I used to use rpmforge/repoforge, now I use epel as my ‘primary’ goto repo for non-base packages.

  • For mysql in past I always added bind-address7.0.0.1 to my.cnf for bit additional security. This server is dual stacked with IPv4 and IPv6, should I put something else in there? How do I tell it ::1 or
    127.0.0.1?

  • I would advise that if you choose to use Webmin (and I do) then you should consider having it listen only on one IP address where more than one virtual IP is available. Further, the IP address and port (default is 10000) used by Webmin should be blocked by firewall settings to prevent direct access from the Internet. Instead you should use some form of tunnelling to establish a secure link to your LAN or to the host system itself. Even then you should only permit connections from known addresses from within your LAN.

    You should also enable and require TLS (https) connections for Webmin as otherwise privileged user credentials are exposed. There are configuration choices available in Webmin to do this but these present a chicken and egg problem as the default setup uses plain http. If this is an issue then you can get around this by manually changing the following configuration settings in /etc/webmin/miniserv.conf using an editor over an SSH connection after installing but before using Webmin:

    ssl=1
    ssl_redirect=1
    certfile=/etc/webmin/miniserv.pem # default set up with webmin install keyfile=/etc/webmin/miniserv.pem # default set up with webmin install

    Or you can use a one-time set of credentials and change them immediately after setting Webmin to use https.

    Regardless of how you set up Webmin’s https access you also require this Perl module to get Webmin over https to work:

    yum install perl-Net-SSLeay

    For remote access the simplest tunnel I have discovered employs SSH and Firefox proxied to use SOCKSV on localhost port 2001 (127.0.0.1:2001).

    Something like:

    ssh -p 22 \
    -o ServerAliveInterval0 \
    -o ServerAliveCountMax \
    user-id@internal.host.domain.tld \
    -D 2001;

    As a refinement I set up a specially configured sshd service that also listens on ports 80 and 443. This permits me to change the SSH port from 22 to 80 or
    443 whenever a network provider decides that SSH is not part of their service
    (Hello Westin. . .)

    If you are using PuTTY as the SSH client then you can do the same thing in the
    /Connection/SSH configuration by adding 2001 as a source port and selecting Dynamic as the destination type. You specify the SSH connection port in the Basic Options for the Session set up.

    HTH