Hack The Sec-Leading Resource Of Linux Tutorial: LAMP

How to install Centos Web Panel(CWP)

<div dir="ltr" style="text-align: left;" trbidi="on">
Install Centos Web Panel(CWP) 
 
<a href="http://www.hackthesec.co.in/search/label/Centos">CentOS</a> Web Panel – a Free Web Hosting control panel designed for quick and easy management of (Dedicated & VPS) servers minus the chore and effort to use ssh console for every time you want to do something, offers a huge number of options and features for server management in its control panel package. 
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8p7vt6DmQ-Xjn6bu3wt_SITsKjoA8fjzTQEqIbJ-6LO1963pmWpQBZAMYmqPgu0IRiLaZlR-dSscr76avLic-Q81y9wm_FXWRqWAXGT5RdHUoV1Bwzvplwgoftde1D1kiHa1Q0voIGTol/s1600/cwp_logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8p7vt6DmQ-Xjn6bu3wt_SITsKjoA8fjzTQEqIbJ-6LO1963pmWpQBZAMYmqPgu0IRiLaZlR-dSscr76avLic-Q81y9wm_FXWRqWAXGT5RdHUoV1Bwzvplwgoftde1D1kiHa1Q0voIGTol/s1600/cwp_logo.png" /></a></div>
 
System Requirements 
 
Make sure that you complete the following tasks before you start the installation process: 
 
1. Setup Hostname 
This hostname cannot be the same as any domain that is on your server (for example, if example.com is a domain on your server, use hostname.example.com as your fully qualified hostname). 
 
You can use the following command for hostname setup eg. srv1.hackthesec.co.in 
 
hostname srv1.example.com 
2. Setup Server IP addresses 
Define additional IP address, subnet address, and default gateway IP address for your server — your service provider can provide you with this information. 
 
3. Software Requirements 
You must have a clean/fresh installation of supported operating systems: 
CentOS 6, RedHat 6 or CloudLinux 6, MINIMAL installation and English version only! 
CentOS 7 is NOT supported. 
 
4. Hardware Requirements 
32 bit operating systems require a minimum of 512 MB RAM 
64 bit operating systems require a minimum of 1024 MB RAM (recommended) 
 
Recommended System: 4 GB+ RAM so you would have the full functionality such as Anti-virus scan of emails. 
 
FEATURES 
Here are our features and services at CentOS Web Panel: 
***currently including Admin and Client panel*** 
 
CWP automatically installs full <a href="http://www.hackthesec.co.in/search/label/LAMP">LAMP </a>on your desired server featuring: 
(apache,<a href="http://www.hackthesec.co.in/search/label/PHP">php</a>, phpmyadmin, webmail, mailserver…) 
 
 
What are the Installation and Configuration characteristics during Installation of CWP? 
- <a href="http://www.hackthesec.co.in/search/label/Apache">Apache </a>Web Server (Mod Security + OWASP rules optional) 
- PHP 5.4 (suPHP, SuExec + PHP version switcher) 
- <a href="http://www.hackthesec.co.in/search/label/Mysql">MySQL</a>/MariaDB + phpMyAdmin 
- Postfix + Dovecot + roundcube webmail (Antivirus, Spamassassin optional) 
- CSF Firewall 
- File System Lock (no more website hacking, all your files are locked from changes) 
- Backups (optional) 
- AutoFixer for server configuration 
 
3rd Party Aplications 
- CloudLinux + CageFS + PHP Selector 
- Softaculous – Script Installer (Free and Premium) 
 
CentOS Web Panel (CWP) 
- Setups Server for Web Hosting (websites like WordPress…) 
- API for easier account management, and whmcs billing api 
- NAT-ed version, support for NAT-ed IPs 
- Free Hosting Module, account activation provisioning for sites that have a free hosting 
 
Web Server 
- Varnish Cache server (improve your server performances up to three times) 
- Nginx Reverse Proxy (get you static files delivered in the fastest way) 
- Compiles Apache from source (improves performance up to 15%) 
- Apache reCompiler + Additional modules installation with one click 
- Apache server status, configuration 
- Apache Redirects Manager 
- Edit apache vhosts, vhosts templates, include configuration 
- Rebuild all apache Virtual hosts with one click 
- suPHP & suExec (improved security) 
- Mod Security + OWASP rules (one click install, easy management) 
- Tomcat 8 server management & install in one click 
- DoS protection from the Slow-Loris attacks 
- Apache with spamhaus RBL protection (Protecting http PUT,POST,CONNECT) 
- Perl cgi script support 
 
PHP 
- Compiles PHP from source (improves up to 20% on performances) 
- PHP Switcher (switch between PHP versions like: 5.2, 5.3, 5.4, 5.5, 5.6, 7.x) 
- PHP Selector select PHP version per user or per folder (PHP 4.4, 5.2, 5.3, 5.4, 5.5, 5.6, 7.x) 
- Simple php editor 
- Simple php.ini generator in the users panel 
- PHP addons with one click 
- PHP.ini editor & PHP info & List modules 
- php.ini per user account (you can add changes in /home/USER/php.ini) 
- FFMPEG, For Video streaming websites) 
- CloudLinux + PHP Selector 
- ioncube, php-imap … 
 
User Management 
- Add, List, Edit and Remove Users 
- User Monitoring (list users open files, listening sockets…) 
- Shell access management 
- User Limit Managment (Quota and Inodes) 
- Limit Processes: The maximum available number of processes per account. 
- Limit Open Files: The maximum available number of open files per account. 
- User FTP & File Manager 
- CloudLinux + CageFS 
- Dedicated IP per account 
 
DNS 
- FreeDNS (Free DNS Server, no need for additional IPs) 
- Add, Edit, List and Remove DNS zones 
- Edit nameserver IPs 
- DNS zone template editor 
- New Easy DNS Zone Manager (with ajax) 
- New DNS Zone list with Additional resolving information using google (also checking rDNS, nameservers….) 
 
Email 
- postfix & dovecot 
- MailBoxes, Alias 
- Roundcube webmail 
- Postfix Mail queue manager 
- rDNS Checker Module (check you rDNS records) 
- AntiSPAM (Spamhaus cronjob) 
- SpamAssassin, RBL checking, AmaViS, ClamAV, OpenDKIM 
- SPF & DKIM Integration 
- Many More.... 
 
System 
- Hardware Information (CPU core and clock info) 
- Memory Information (Memory usage info) 
- Disk Info (Detailed Disk status) 
- Software Info (kernel version, uptime…) 
- Services Status (Quick services restart eg. Apache, FTP,Mail…) 
- Many More... 
 
Monitoring 
- Live Monitoring (Monitor services eg. top, apache stats, mysql…) 
- Use Java SSH Terminal/Console within panel 
- Services Configuration (eg. Apache, PHP, MySQL…) 
- Run shell commands in screen/background 
 
Security 
- CSF Firewall (Best Linux Firewall) 
- SSL generator 
- SSL Certificate Manager (quick and easy installation of SSL Certs) 
- Letsencrypt, Free SSL certificates for all your domains 
- CloudLinux + CageFS 
- CSF/LFD BruteForce protection 
- IP access control 
- Mod Security + OWASP rules (one click install, easy management) 
- DoS protection from the Slow-Loris attacks (for Apache) 
- File System Lock (no more website hacking, all your files are locked from changes) 
- PHP now shows the script name and path in top or process lists 
- Apache is limiting number of php processes per user 
- Automated Backups 
- Hide system and other user processes 
- SFTP Security 
 
SQL 
 
Additional options 
- TeamSpeak 3 Manager (Voice servers) 
- Shoutcast Manager (Shoutcast streaming servers) 
- Auto-update 
- Backup manager 
- File Manager 
- Scripts folder “/scripts” over 15+ scripts 
- Virtual FTP users per domain 
- cPanel Account Migration (restores files, databases and database users) 
- Torrent SeedBox (one click install with Deluge WebGU) 
- SSH key generator 
 
and many many other options… 
 
 
 
to do List  
We plan to improve & add following soon 
- Server monitoring scripts (Load, Memory, Mail Queue, Security) 
- Live notifications (get notification in CWP about issues on the server) 
 
…and many others  
 
HOW TO INSTALL CWP 
 
 
Follow steps below to setup CentOS Web Panel on your server: 
 
Step 1 – Login to your server as root or as user with sudo privilege: 
 
Step 2 – Go to /usr/local/src directory and download CWP installer package there: 
<pre style="background: rgb(68, 68, 68); border-radius: 3px; border: 1px solid rgb(221, 221, 221); color: white; font-family: "Courier 10 Pitch", Courier, monospace; font-size: 15px; font-stretch: inherit; line-height: 19px; margin-bottom: 30px; margin-top: 30px; max-width: 100%; overflow-x: auto; overflow-y: hidden; padding: 18px 20px; vertical-align: baseline; word-wrap: normal;">cd /usr/local/src
wget http://centos-webpanel.com/cwp-latest</pre>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHCumkp8N-EKNmJ431ei3V3clDBLB5dOiXGEkVukFp8AuA1DkTgPzgkXZu0eo02G_UWvJW2IqvQxdpaWEB_WC9xIoE6NbIIA8-Zk4Vxi1o0pZrdbG3Y3W9hzsvhmTQ_7cyN-eodwOzKZax/s1600/cwp_download.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHCumkp8N-EKNmJ431ei3V3clDBLB5dOiXGEkVukFp8AuA1DkTgPzgkXZu0eo02G_UWvJW2IqvQxdpaWEB_WC9xIoE6NbIIA8-Zk4Vxi1o0pZrdbG3Y3W9hzsvhmTQ_7cyN-eodwOzKZax/s1600/cwp_download.png" /></a></div>
 
Step 3 – Once downloaded, issue one simple command below to start the installer: 
<pre style="background: rgb(68, 68, 68); border-radius: 3px; border: 1px solid rgb(221, 221, 221); color: white; font-family: "Courier 10 Pitch", Courier, monospace; font-size: 15px; font-stretch: inherit; line-height: 19px; margin-bottom: 30px; margin-top: 30px; max-width: 100%; overflow-x: auto; overflow-y: hidden; padding: 18px 20px; vertical-align: baseline; word-wrap: normal;">sh cwp-latest</pre>
The whole process is fully automatic. 
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSopw4SkzWe3Riuuzsz4sTRkinxzg3T2tQJHOss3rsWUG3oT5LWdHnoBx1yCMmgmt9eruHb3iFQ7nbCgv_j8iVsv1vTy0KbZfEg82frn6Rbs6sekewbh_4CQgOxRPaJRDr5LaIYF9p_-Ct/s1600/cwp-install-process.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSopw4SkzWe3Riuuzsz4sTRkinxzg3T2tQJHOss3rsWUG3oT5LWdHnoBx1yCMmgmt9eruHb3iFQ7nbCgv_j8iVsv1vTy0KbZfEg82frn6Rbs6sekewbh_4CQgOxRPaJRDr5LaIYF9p_-Ct/s1600/cwp-install-process.jpg" /></a></div>
The CWP installation progress will take some times because several software will be compiled from source (especially PHP) for improved performance, security and flexibility. In my case it is almost like installing WHM/cPanel.Once the process is done, you’ll see something like this: 
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkppCekvY8ZZ1HJ79of1ohnaCKjLCcLOlyg0DvBBYrku-jq5nDkiw2HerQBKt4yWKg3FsdeQfdVztT3_DhfQLcF1vgZlGQS1zTYyrgiFSWtkZl9RkUA_kTbH5IkuWpuJcCDuhTCcZiC-nA/s1600/cwp-installed.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkppCekvY8ZZ1HJ79of1ohnaCKjLCcLOlyg0DvBBYrku-jq5nDkiw2HerQBKt4yWKg3FsdeQfdVztT3_DhfQLcF1vgZlGQS1zTYyrgiFSWtkZl9RkUA_kTbH5IkuWpuJcCDuhTCcZiC-nA/s1600/cwp-installed.jpg" /></a></div>
 
Step 4 – Now hit Enter on your keyboard and your server should reboot automatically. Next time you try to login to your server via SSH, the display will be different. You will now see CWP welcome message. 
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjasChe2omZRknNfe_J0yitTgF1TyuoL4Qu90yMEXGfUh1Sj76zAOeh9TKNBkibQymExrUNUXraoajGTKC6lMSqHnH_6UTiBzVrbXm3mAGZYBTfCisNy2p7vY6XgLZPHMSQHeYx69jOTiB5/s1600/cwp-ssh.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjasChe2omZRknNfe_J0yitTgF1TyuoL4Qu90yMEXGfUh1Sj76zAOeh9TKNBkibQymExrUNUXraoajGTKC6lMSqHnH_6UTiBzVrbXm3mAGZYBTfCisNy2p7vY6XgLZPHMSQHeYx69jOTiB5/s1600/cwp-ssh.jpg" /></a></div>
Step 5 – Open up your favorite web browser (Firefox, Chrome, etc) and open your newly installed CWP admin GUI at one of these URLs: 
 
Log in to your CWP server using the link provided by the installer on your server 
CentOS WebPanel Admin GUI at http://SERVER-IP:2030/ 
Username: root 
Password: your root password 
 
- Setup nameservers 
- Setup shared ip (must be your public IP address) 
- Setup at least one hosting package (or edit default package) 
- Setup root email 
& now you are ready to host domains… 
 
For additional configuration instruction, please check our wiki/documentation site. 
<a href="http://wiki.centos-webpanel.com/">http://wiki.centos-webpanel.com/</a> 
 
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiyICwqS6FGNGMP9zqscuFGwh9yMFlQtUXWqs89yFShw_zEKV0tyvvqxnUVKFdWgLrl0YwgTu3Zcy8e7YZ1ZJTcUL9jQewDkQrfnq66pkgsytgTku7FCS7CBnQaJMgGMjydhTcJSbGw1ri-/s1600/cwp-login-page.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiyICwqS6FGNGMP9zqscuFGwh9yMFlQtUXWqs89yFShw_zEKV0tyvvqxnUVKFdWgLrl0YwgTu3Zcy8e7YZ1ZJTcUL9jQewDkQrfnq66pkgsytgTku7FCS7CBnQaJMgGMjydhTcJSbGw1ri-/s1600/cwp-login-page.jpg" /></a></div>
 
<a href="http://www.hackthesec.co.in/">www.hackthesec.co.in</a> 
<a class="g-profile" href="https://plus.google.com/113492055880844042777" target="_blank">+Linux Tutorial</a> 
@<a href="https://www.twitter.com/Hackthesecurity">hackthesec</a> 
 </div>

How to install Centos Web Panel(CWP)

Install Centos Web Panel(CWP) CentOS Web Panel – a Free Web Hosting control panel designed for quick and easy management of (Dedicated & VPS) servers minus the chore and effort to use ssh console for…

24 Nov 2016

How To Install Apache MySQL PHP (LAMP Stack) on Ubuntu 16.04

<div dir="ltr" style="text-align: left;" trbidi="on">
<h1 class="title single-title title20" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; line-height: 38px; margin: 0px 0px 5px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
Install Apache MySQL PHP (LAMP Stack) on Ubuntu 16.04</h1>
LAMP (Linux, <a href="http://www.hackthesec.co.in/search/label/Apache">Apache</a>, <a href="http://www.hackthesec.co.in/search/label/Mysql">MySQL</a> and <a href="http://www.hackthesec.co.in/search/label/PHP">PHP</a> ) Stack is the most popular environment in PHP website development and hosting. Linux is the operating system, Apache is the popular web server developed by Apache Foundation. MySQL is relational database management system used for storing data and PHP is an development language. 
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwnkOIr_CHTw6vQAio2IC-HSSqa_bk0X-wqBLor3cpjG_P_AE5NmM34X2UnUF6eiblHGbtmPMniFdzS5EfEMtltIcIcSB1JbBNs4StXM4TrHXNHYJwkqiZyIekFi_I8T3-wkK0awY69AkQ/s1600/LAMP_CENTOS_www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwnkOIr_CHTw6vQAio2IC-HSSqa_bk0X-wqBLor3cpjG_P_AE5NmM34X2UnUF6eiblHGbtmPMniFdzS5EfEMtltIcIcSB1JbBNs4StXM4TrHXNHYJwkqiZyIekFi_I8T3-wkK0awY69AkQ/s1600/LAMP_CENTOS_www.hackthesec.co.in.jpg" /></a></div>
<a href="http://www.hackthesec.co.in/2016/01/how-to-install-php-54-apache-22-and.html" itemprop="url" style="background-color: white; display: block; font-family: 'Open Sans', serif, sans-serif; font-size: 18.6px; font-weight: 600; text-decoration: none;"></a> 
<ul style="text-align: left;">
<li><a href="http://www.hackthesec.co.in/2016/01/how-to-install-php-54-apache-22-and.html" itemprop="url" style="display: inline !important; font-size: 18.6px; text-decoration: none;">How to Install PHP 5.4, Apache 2.2 and MySQL on Ubuntu(LAMP) 14.10, 14.04, 12.04 LTS</a></li>
</ul>
 
Step 1: – Install PHP 
PHP 7 is the default available packages in <a href="http://www.hackthesec.co.in/search/label/Ubuntu">Ubuntu </a>16.04 repositories. Simply use the following commands to update apt cache and install PHP packages on your system.  
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">$ sudo apt update
$ sudo apt install -y php</pre>
Verify installed PHP version using following command. 
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">root@hackthesec:~$ php -v

PHP 7.0.4-7ubuntu2 (cli) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
 with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies</pre>
Step 2: – Install Apache2 
 
Installation of Apache2 in your system. Also required to install libapache2-mod-php module to work PHP with Apache2. 
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">$ sudo apt install apache2 libapache2-mod-php</pre>
Step 3: – Install MySQL 
 
Install mysql-server packages for MySQL database and install php-mysql package to use MySQL support using php. 
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">$ sudo apt install mysql-server php-mysql</pre>
Installer will prompt for root password, This password will work for your MySQL root user. After installing MySQL execute following command for initial settings of MySQL server. You will she that script will prompt about more settings than earlier mysql versions like password validation policy etc. 
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">$ sudo mysql_secure_installation</pre>
Step 4: – Restart Apache2, MySQL Services 
 
After installing all services on your system, start all required services. 
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">$ sudo systemctl restart apache2.service
$ sudo systemctl restart mysql.service</pre>
Step 5: – Open Access in Firewall 
 
If you are using iptables, Use following commands to open port 80 for public access of webserver. 
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">$ sudo iptables -A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT</pre>
And For UFW follow the bellow command 
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">$ sudo ufw allow 80/tcp</pre>
Step 6: – Test Setup 
 
After completing all setup. Let's create a info.php file website document root with following content. 
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><?php
 phpinfo();
?></pre>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><a href="http://www.hackthesec.co.in/">www.hackthesec.co.in</a></pre>
</div>

How To Install Apache MySQL PHP (LAMP Stack) on Ubuntu 16.04

Install Apache MySQL PHP (LAMP Stack) on Ubuntu 16.04 LAMP (Linux, Apache, MySQL and PHP ) Stack is the most popular environment in PHP website development and hosting. Linux is the operating system,…

20 Apr 2016

Automated Linux Apache MySQL PHP or Nginx PHP-FPM MYSQL installation and configuration

<div dir="ltr" style="text-align: left;" trbidi="on">
<h1 class="entry-title" itemprop="headline" style="background-color: white; box-sizing: border-box; font-family: Oswald, Lato, Arial, sans-serif; line-height: 50px; margin: 0px 0px 5px; padding: 0px;">
Linux Apache MySQL PHP or Nginx PHP-FPM MYSQL </h1>
<div>
<div style="background-color: white; box-sizing: border-box; font-size: 16px; line-height: 1.8em; margin-bottom: 0.9em; margin-top: 0.9em;">
This is auto-installer for automatically install and configure apache or nginx with MySQL and <a href="http://www.hackthesec.co.in/search/label/PHP" target="_blank">PHP</a>. On install time Apache or nGinx script will ask about virtual host domain name. On install time for MySQL database script will ask questions about <a href="http://www.hackthesec.co.in/search/label/Mysql" target="_blank">MySQL </a>root pass, new database name, new username and password for the new user.</div>
<div style="background-color: white; box-sizing: border-box; font-size: 16px; line-height: 1.8em; margin-bottom: 0.9em; margin-top: 0.9em;">
Main script is: ap-ng-vhost.py</div>
<div style="background-color: white; box-sizing: border-box; margin-bottom: 0.9em; margin-top: 0.9em;">
<div style="font-size: 16px; line-height: 1.8em;">
Requirements:</div>
<ol style="box-sizing: border-box; font-size: 16px; line-height: 25.6px; margin: 0px 0px 15px 30px; padding: 0px;">
<li style="box-sizing: border-box;"><a href="http://www.hackthesec.co.in/search/label/Centos" target="_blank">CentOS</a> 6.7 or higher(or any yum based Linux).</li>
<li style="box-sizing: border-box;">Python2.7 must be installed to your Linux server.</li>
<li style="box-sizing: border-box;">Download all files to the Linux server and execute ap-ng-vhost.py script. </li>
</ol>
Just download all files from this <a href="http://www.mediafire.com/download/9nyzv6l6stjoy1u/engapng-mysql.zip" style="-webkit-tap-highlight-color: transparent; background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: 0px 0px; background-repeat: initial; background-size: initial; box-sizing: border-box; font-size: 16px; line-height: 28.8px; text-decoration: none; transition: background 0.2s ease-out, color 0.2s ease-out;" target="_blank">link</a> to your Linux folder and execute ap-ng-vhost.py script. For clean everything you must use./cleaner.sh script. <a href="http://www.mediafire.com/download/9nyzv6l6stjoy1u/engapng-mysql.zip" target="_blank">Download Here</a></div>
</div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEial5ntIbqgcrwNb7jiagyV2aMhgXoZcfEwe4xsr0YSeWk6SpKOISPl1Nhc1I1qWdTwfUMushld9H3yuA0dD8oxgy4G8-ih0d5LDzndK-yW_zqiZFnt_g7WHJYsKNW3E6hu3F9bViVyr-Sn/s1600/Automatic_LAMP_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="332" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEial5ntIbqgcrwNb7jiagyV2aMhgXoZcfEwe4xsr0YSeWk6SpKOISPl1Nhc1I1qWdTwfUMushld9H3yuA0dD8oxgy4G8-ih0d5LDzndK-yW_zqiZFnt_g7WHJYsKNW3E6hu3F9bViVyr-Sn/s640/Automatic_LAMP_www.hackthesec.co.in.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
 </div>
After that goto the unzipped folder and run this script : - 
 
<div style="background-color: white; color: #333333; line-height: 19.2px;">
</div>
 
<div style="background-color: white; line-height: 19.2px;">
<pre style="background-attachment: scroll; background-clip: initial; background-color: #3c3c3c; background-image: none; background-origin: initial; background-position: 0px 0px; background-repeat: repeat; background-size: initial; border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">$ python ap-ng-vhost.py</pre>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXOY8NX86KaZTMC8oAG5h8c_fraeTp4JwvoxoeM_sGEZMX-KqMV3bUNXWD258YqAjj_m1qKHKlw-2IY_EHRuzPQ8bo5OTmN1HzY89os_HoxuehzzuUonlWPZhFSTMxepOeLcpYX9qh4HlA/s1600/LAMP_Select-www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="150" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXOY8NX86KaZTMC8oAG5h8c_fraeTp4JwvoxoeM_sGEZMX-KqMV3bUNXWD258YqAjj_m1qKHKlw-2IY_EHRuzPQ8bo5OTmN1HzY89os_HoxuehzzuUonlWPZhFSTMxepOeLcpYX9qh4HlA/s640/LAMP_Select-www.hackthesec.co.in.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
 </div>
<div class="separator" style="clear: both; text-align: left;">
Write Virtual Domain Name </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTJ2dWcpmr3QNn9AmM5H5W86TcVi_lBw9KMzQ1-jStTtF91Xz5ESoU8mqzk8v3sZ6u3DUQWVgKlDAsdbyU6Eae9DOW8NcxvK2u3hAxnHBMeJ6EAeFbIXn4gmogpO34DT6xDOfuWgFCbcgN/s1600/virtual_domain_selection-www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="176" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTJ2dWcpmr3QNn9AmM5H5W86TcVi_lBw9KMzQ1-jStTtF91Xz5ESoU8mqzk8v3sZ6u3DUQWVgKlDAsdbyU6Eae9DOW8NcxvK2u3hAxnHBMeJ6EAeFbIXn4gmogpO34DT6xDOfuWgFCbcgN/s640/virtual_domain_selection-www.hackthesec.co.in.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
 After that select PHP and Mysql Option 1</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhscq2jEYxsI9x5HiP4AX22tq9RrNm-9dbw9WKqsPPME-9HJf52Mx1q0o34BOTM6sjhOq1wWNvj-X5xylrmqk8FhI7HnYyIJ3r1lRckpeC3xIqWxXEZJBZzNlNg9NQrvlh-5p5GBKvmHIzQ/s1600/mysql_php_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="94" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhscq2jEYxsI9x5HiP4AX22tq9RrNm-9dbw9WKqsPPME-9HJf52Mx1q0o34BOTM6sjhOq1wWNvj-X5xylrmqk8FhI7HnYyIJ3r1lRckpeC3xIqWxXEZJBZzNlNg9NQrvlh-5p5GBKvmHIzQ/s640/mysql_php_www.hackthesec.co.in.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
 </div>
<div class="separator" style="clear: both; text-align: left;">
Set a MySql Server Password</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbaXVElP48FDzSm7WbLLhEXlOFFDSfXGsQmJsIe1MDISBoCVDc0pn-GjvWKtwOjl8TUQqgbzxEACUurwJdCFe8J2FlVh8bq05T9OtcV0ilglTrgp9ndYZkv4Yzf4JrppSD0UUjjUuRTtD1/s1600/mysql_password-www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="348" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbaXVElP48FDzSm7WbLLhEXlOFFDSfXGsQmJsIe1MDISBoCVDc0pn-GjvWKtwOjl8TUQqgbzxEACUurwJdCFe8J2FlVh8bq05T9OtcV0ilglTrgp9ndYZkv4Yzf4JrppSD0UUjjUuRTtD1/s640/mysql_password-www.hackthesec.co.in.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhx56eT5ULu7k9l2ryzkzBrz8ibHHMw3Slk6YgUEh0fZ91IsWGrx0X3PioYO8ETkIwQ2hKc8S0-fhmsnNAPkdc5WP0Qo8Vn_TmAB478Lu7claCIizyN0hYws2j3XAxRL5x7iPZXmX70yPfL/s1600/apache_installation-www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="324" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhx56eT5ULu7k9l2ryzkzBrz8ibHHMw3Slk6YgUEh0fZ91IsWGrx0X3PioYO8ETkIwQ2hKc8S0-fhmsnNAPkdc5WP0Qo8Vn_TmAB478Lu7claCIizyN0hYws2j3XAxRL5x7iPZXmX70yPfL/s640/apache_installation-www.hackthesec.co.in.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
 After That Done Now Select 2nd Option</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
 
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM8FpyiNffOKM00q_ktbHbo0UyOckpE79LQDo_RtpQMfAM3nxHzD-vWE7NkAjGKssrGUe_t_0cfcpc7A97g67-I6IDVNBtnKJYvybwQAzeCt9RVa6RSESPczvIDYPgvEuE5q-4cQEErCoA/s1600/nginx_installation-www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="122" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM8FpyiNffOKM00q_ktbHbo0UyOckpE79LQDo_RtpQMfAM3nxHzD-vWE7NkAjGKssrGUe_t_0cfcpc7A97g67-I6IDVNBtnKJYvybwQAzeCt9RVa6RSESPczvIDYPgvEuE5q-4cQEErCoA/s640/nginx_installation-www.hackthesec.co.in.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
 </div>
<div class="separator" style="clear: both; text-align: center;">
Write Virtual Domain Name </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1ALZKaFro1Y6c2LMQj3_BxhVvuemY9jZcGfjjO_XC4qB1LkfDS_jCmzxV2MwwWY4PjJ3nSoGqTE2uHyCwDzHNDqzLqPF6wApiRsKeVQmu3ZqNlJuKv-0IgPYUsTeIj4kX_7H-3EwPgtei/s1600/nginx_virtual_domain-www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="100" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1ALZKaFro1Y6c2LMQj3_BxhVvuemY9jZcGfjjO_XC4qB1LkfDS_jCmzxV2MwwWY4PjJ3nSoGqTE2uHyCwDzHNDqzLqPF6wApiRsKeVQmu3ZqNlJuKv-0IgPYUsTeIj4kX_7H-3EwPgtei/s640/nginx_virtual_domain-www.hackthesec.co.in.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
 </div>
<div class="separator" style="clear: both; text-align: center;">
After that select PHP and Mysql Option 1</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifvR8o4zPofAy4kOKig5RqLiZ5IsJkuBvJqy9mKfWCnflmbsl_lCT2YlqB1U0gAyqCCWtYUXsB9H6P7PEES7u3WV4KP8ZlS7t6jXn3QU2pb8PV0nrC4Y0C2ZlKuDa3dIhxGdKNeZ-0MrdG/s1600/PHP-FPM_nginx-www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="124" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifvR8o4zPofAy4kOKig5RqLiZ5IsJkuBvJqy9mKfWCnflmbsl_lCT2YlqB1U0gAyqCCWtYUXsB9H6P7PEES7u3WV4KP8ZlS7t6jXn3QU2pb8PV0nrC4Y0C2ZlKuDa3dIhxGdKNeZ-0MrdG/s640/PHP-FPM_nginx-www.hackthesec.co.in.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
 </div>
<div class="separator" style="clear: both; text-align: center;">
Installation Done</div>
<div class="separator" style="clear: both; text-align: center;">
 </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYDf5OSuAQrg4Uo__selyxgu50MCgoIajx2OqhjCOn5ogz692jkEmLg6FpFY0T5ZT1YXoFnjf6bjN6vd_ikdplHDEo9XCbsi7kePQnlUROoCPlQbasD-ZPIfFMoz0xO0mDB0-gNeG4UgpX/s1600/nginx_done-www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYDf5OSuAQrg4Uo__selyxgu50MCgoIajx2OqhjCOn5ogz692jkEmLg6FpFY0T5ZT1YXoFnjf6bjN6vd_ikdplHDEo9XCbsi7kePQnlUROoCPlQbasD-ZPIfFMoz0xO0mDB0-gNeG4UgpX/s640/nginx_done-www.hackthesec.co.in.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
 </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhubVfjXXXvWd_FHMReQIl1uBWmiwJpb-3DYoYpqUfhnahcDOQFC99adQ38CmUJzVnIrC5glvMVuqAjr76oGAhCbNkgkKyobp6GqZ_zeeX5nrelKD8ijvcxMmXGYNMbWTAAhSo32jsUtW3l/s1600/nginx-installation-www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhubVfjXXXvWd_FHMReQIl1uBWmiwJpb-3DYoYpqUfhnahcDOQFC99adQ38CmUJzVnIrC5glvMVuqAjr76oGAhCbNkgkKyobp6GqZ_zeeX5nrelKD8ijvcxMmXGYNMbWTAAhSo32jsUtW3l/s640/nginx-installation-www.hackthesec.co.in.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.hackthesec.co.in/" target="_blank">www.hackthesec.co.in</a> <a href="http://www.twitter.com/hackthesec.co.in">www.twitter.com/hackthesec.co.in</a> <a href="http://www.hackthesec.co.in/p/about-us.html" target="_blank">http://www.hackthesec.co.in/p/about-us.html</a></div>
</div>
</div>

Automated Linux Apache MySQL PHP or Nginx PHP-FPM MYSQL installation and configuration

Linux Apache MySQL PHP or Nginx PHP-FPM MYSQL This is auto-installer for automatically install and configure apache or nginx with MySQL and PHP. On install time Apache or nGinx script will ask about…

22 Feb 2016

How to Install PHP 7.0 Apache 2.4, and MySQL 5.6 on CentOS / RHEL 7.1 and 6.7

<div dir="ltr" style="text-align: left;" trbidi="on">
<h2 class="title single-title title20" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 28px; line-height: 38px; margin: 0px 0px 5px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
Install PHP 7.0, Apache 2.4, & MySQL 5.6 on CentOS / RHEL 7.1 & 6.7</h2>
<div>
Few days ago most awaited PHP version 7.0 has been released. which has many number of changes and improvements than over version 5.X. This article will help you to install PHP 7 Apache 2.4 and MySQL 5.6 on CentOS / RHEL 7.1 & 6.7 operating systems. This tutorial has been tested with CentOS 7.1, so all the services command are used with systemctl, For CentOS 6 users change all systemctl command correspondence service command.</div>
<div>
<ul style="text-align: left;">
<li><a href="http://www.hackthesec.co.in/2016/01/how-to-install-epel-repo-on-centos-and.html" target="_blank">How To Install EPEL REPO On CENTOS/RHEL7</a></li>
</ul>
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJoeYZS4TciTZ5h8zPyk6yAgWN1nXSqVQg7-7vOdGXLov424LOczDnrhYh50_DIAVe7jh361YvtW5siZOLgvU5h2dah0smgKJrtxEDc3_Iz04dCEBe20YO0HUlFeXOZrNNMaAvzH27V7Bv/s1600/LAMP_CENTOS_www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="204" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJoeYZS4TciTZ5h8zPyk6yAgWN1nXSqVQg7-7vOdGXLov424LOczDnrhYh50_DIAVe7jh361YvtW5siZOLgvU5h2dah0smgKJrtxEDc3_Iz04dCEBe20YO0HUlFeXOZrNNMaAvzH27V7Bv/s320/LAMP_CENTOS_www.hackthesec.co.in.jpg" width="320" /></a></div>
<div>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
1. Setup Yum Repository</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
In the first step install all the required yum repositories in your system used in remaining tutorial for various installations. You are adding REMI, <a href="http://www.hackthesec.co.in/2016/01/how-to-install-epel-repo-on-centos-and.html" target="_blank">EPEL</a>, Webtatic & MySQL community server repositories in your system.</div>
<h3 class="heading2" style="background-color: white; border: 0px; color: #0379bf; font-family: 'Roboto Slab'; font-size: 20px; font-weight: bolder; line-height: 30px; margin: 0px 0px 8px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
CentOS / RHEL 7</h3>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># yum install epel-release
# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
# rpm -Uvh http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm
</pre>
<h3 class="heading2" style="background-color: white; border: 0px; color: #0379bf; font-family: 'Roboto Slab'; font-size: 20px; font-weight: bolder; line-height: 30px; margin: 0px 0px 8px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
CentOS / RHEL 6</h3>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># yum install epel-release
# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
# rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm
# rpm -Uvh http://repo.mysql.com/mysql-community-release-el6-5.noarch.rpm
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
2. Install PHP 7</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Now install php 7 packages from webtatic rpm repository using following command.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># yum install php70w
</pre>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Now install required php modules. Use following command to list available modules in yum repositories.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># yum search php70w
</pre>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Now check all listed modules in above command and install required modules like below.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># yum install php70w-mysql php70w-xml php70w-soap php70w-xmlrpc 
# yum install php70w-mbstring php70w-json php70w-gd php70w-mcrypt
</pre>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
After installing php and other php modules restart Apache service.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># systemctl <orange>restart</orange> httpd.service
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
3. Install Apache 2.4</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Apache (HTTPD) is the most popular web server used on Linux systems. Let’s install Apache web server using following command with enabling epel and remi yum repositories.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># yum --enablerepo=<orange>epel,remi</orange> install httpd
</pre>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Now start httpd service and enable to start on boot using below commands.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># systemctl <orange>start</orange> httpd.service
# systemctl <orange style="color: orange;">enabel</orange> httpd.service
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
4. Install MySQL 5.6</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
In step 1 we already have installed required yum repository in your system. Lets use following command to install MySQL server on your system.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># yum <orange>install</orange> mysql-server
</pre>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Apply security on mysql and also set root user password.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># systemctl <orange style="color: orange;">start</orange> mysqld.service
# mysql_secure_installation
</pre>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Now restart MySQL service and enable to start on system boot.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># systemctl <orange style="color: orange;">restart</orange> mysqld.service
# systemctl <orange style="color: orange;">enable</orange> mysqld.service
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
5. Open Port in Firewall</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Finally open firewall ports for http (80) and https (443) services using following command.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># firewall-cmd --permanent --zone=public --add-service=<orange style="color: orange;">http</orange> 
# firewall-cmd --permanent --zone=public --add-service=<orange style="color: orange;">https</orange> 
# firewall-cmd --reload
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
6. Check Installed Version</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Let’s check the installed versions of packages on system using following commands one by one.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># <orange style="color: orange;">php -v</orange>

<orange style="color: orange;">PHP 7.0.0</orange> (cli) (built: Feb 2 2016 20:42:32) ( NTS )
Copyright (c) 1997-2015 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2015 Zend Technologies

</pre>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># <orange style="color: orange;">httpd -v</orange>

Server version: <orange style="color: orange;">Apache/2.4.6</orange> (CentOS)

</pre>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># <orange style="color: orange;">mysql -V</orange>

mysql Ver 14.14 Distrib <orange style="color: orange;">5.6.28</orange>, for Linux (x86_64) using EditLine wrapper
</pre>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Now you have successfully configured LAMP setup on your CentOS / RHEL 7.1 & 6.7 system.</div>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<a href="http://www.hackthesec.co.in/" target="_blank">www.hackthesec.co.in</a> <a href="http://www.twitter.com/hackthesecurity">www.twitter.com/hackthesecurity</a></div>
</div>
</div>

How to Install PHP 7.0 Apache 2.4, and MySQL 5.6 on CentOS / RHEL 7.1 and 6.7

Install PHP 7.0, Apache 2.4, & MySQL 5.6 on CentOS / RHEL 7.1 & 6.7 Few days ago most awaited PHP version 7.0 has been released. which has many number of changes and improvements than over version 5.…

09 Feb 2016

Best Security Tips for LAMP Stack (Apache, MySQL and PHP) on Linux

<div dir="ltr" style="text-align: left;" trbidi="on">
<h2 class="title single-title title20" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 28px; line-height: 38px; margin: 0px 0px 5px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
Best Security Tips for LAMP Stack (Apache, MySQL and PHP) on Linux</h2>
<div>
Many of new system administrators forgot to apply security, when configuring web hosting environment for production use with Apache, MySQL and PHP. I am trying to include all those security tips which we must be considered while preparing a new system for production use or any existing LAMP setup.</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIZhiLjnflSl4yeA02RL_fY2tb19f5CHDIw1dLKcr5t4v3ae1i9M2RGy7QFgLSu1yh1wzXjRprgRIbsffqIqNP1ppK5uDb0kQoeBTHfGqveFJxYf-QcItYXlViWhNzCRrv2IRwgOYS7hWY/s1600/lamp-stack-www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIZhiLjnflSl4yeA02RL_fY2tb19f5CHDIw1dLKcr5t4v3ae1i9M2RGy7QFgLSu1yh1wzXjRprgRIbsffqIqNP1ppK5uDb0kQoeBTHfGqveFJxYf-QcItYXlViWhNzCRrv2IRwgOYS7hWY/s1600/lamp-stack-www.hackthesec.co.in.jpg" /></a></div>
<div>
 </div>
<div>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
All the configuration changes are used in this article will be updated in following configuration files as per your operating systems. In some cases configuration files path may change. So make change in appropriate files. After making changes restart related services to change take effect. 
 
<ul style="font-family: Verdana, Geneva, sans-serif; font-size: 12px; line-height: 19.2px;">
<li><a href="http://www.hackthesec.co.in/2016/01/how-to-install-linux-apache-mysql-and.html" style="text-decoration: none;">Installing LAMP Stack on RHEL based systems</a></li>
<li><a href="http://www.hackthesec.co.in/2016/01/how-to-install-lamp-apache-24-mysql-56.html" style="text-decoration: none;" target="_blank">Installing LAMP Stack on RHEL 7</a></li>
<li><a href="http://www.hackthesec.co.in/2016/01/how-to-install-php-54-apache-22-and.html" style="text-decoration: none;" target="_blank">Install Apache2, MySQL and PHP5 on Ubuntu and Debian System</a></li>
</ul>
</div>
<h4 style="background-color: white; border: 0px; font-size: 20px; line-height: 26px; margin: 0px 0px 15px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
For Ubuntu, Debian & LinuxMint:</h4>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Apache2: /etc/apache2/apache2.conf PHP5: /etc/php5/apache2/php.ini MySQL: /etc/mysql/my.cnf</div>
<h4 style="background-color: white; border: 0px; font-size: 20px; line-height: 26px; margin: 0px 0px 15px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
For CentOS, RedHat & Fedora:</h4>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
<span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Apache: /etc/httpd/conf/httpd.conf <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">PHP: /etc/php.ini <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">MySQL: /etc/my.cnf</div>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
1. Hiding Version and OS Identity (Apache)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
The <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">ServerTokens directive controls whether Server response header field which is sent back to clients. The ServerSignature configures the footer on server-generated documents. Edit Apache configuration file and update following directives as following.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"> ServerTokens <orange style="color: orange;">Prod</orange>
</pre>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"> ServerSignature <orange style="color: orange;">Off</orange>
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
2. Disable Directory Listing (Apache)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
If directory listing is enabled in Apache. Then all the files and directories list will be shown on web page if no default document exists. Add following configuration in Apache to disable directory listing server wide.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><Directory />
 Options <orange style="color: orange;">-Indexes </orange>
</Directory>
</pre>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
After that you can enable listing per directory basis if required.</div>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
3. Restricting File and Directory Access (Apache)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Restricting access on basis of Directory, File and Location in Apache.</div>
<h4 class="heading3" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 17px; font-weight: bolder; line-height: 28px; margin: 0px 0px 4px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
Restrict Directory</h4>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
To restrict directory and files access from users, It will only allowed the ips are defined with Allow from.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><Directory "/home/user/public_html">
 Order <orange style="color: orange;">Deny,Allow</orange>
 Deny from <orange style="color: orange;">all</orange>
 Allow from <orange style="color: orange;">192.168.0.0/24</orange>
 Allow from <orange style="color: orange;">.hackthesec.co.in</orange>
</Directory>
</pre>
<h4 class="heading3" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 17px; font-weight: bolder; line-height: 28px; margin: 0px 0px 4px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
Restrict File</h4>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
We can also restrict specific file using File directive like below.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><File data.xml>
 Order <orange style="color: orange;">deny,allow</orange>
 Deny from <orange style="color: orange;">all</orange>
</File>
</pre>
<h4 class="heading3" style="background-color: white; border: 0px; font-size: 17px; font-weight: bolder; line-height: 28px; margin: 0px 0px 4px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
Restrict Location</h4>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
The Location directive limits the scope of the enclosed directives by URL.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><Location /admin>
 Order <orange style="color: orange;">Deny,Allow</orange>
 Deny from <orange style="color: orange;">all</orange>
 Allow from <orange style="color: orange;">192.168.0.0/24</orange>
 Allow from <orange style="color: orange;">.hackthesec.co.in</orange>
</Location>
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
4. Disable Server Side Includes and CGI Execution (Apache)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
We can simply disable server-side includes and CGI execution by defining directory tag. Add below in Apache virtual host configuration file.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><Directory "/home/user/public_html">
 Options <orange style="color: orange;">-Includes -ExecCGI</orange>
</Directory>
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
5. Restrict PHP Information Leakage (PHP)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
By Default PHP installation exposes to the world that PHP is installed on the server, which includes the PHP version within the HTTP header (Eg:, X-Powered-By: PHP/5.4.20). Read More</div>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
To hide this values from header edit php.ini and update below directive to Off</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">expose_php = <orange style="color: orange;">Off</orange>
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
6. Disable Remote Code Execution (PHP)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
If allow_url_fopen is enabled on your setup, It allows ile functions like file_get_contents() and the include and require statements which can retrieve data from http or ftp remote locations and execute their code.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"> allow_url_fopen=<orange style="color: orange;">Off</orange>
 allow_url_include=<orange style="color: orange;">Off</orange>
 
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
7. Disabling Dangerous PHP Functions (PHP)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
We can disable any php function using disable_functions directive in php configuration file. Disable all the functions which can be harmful and not used in applications.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">disable_functions =exec,shell_exec,passthru,system,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source,proc_open,pcntl_exec
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
8. Limit PHP Access To File System (PHP)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
The open_basedir directive set the directories from which PHP is allowed to access files</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"> open_basedir="<orange style="color: orange;">/home/user/public_html</orange>"
 
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
9. Disable Unused PHP Modules (PHP)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
PHP supports “Dynamic Extensions” to load in php environment. We can disable any unused module to load in system by changing configuration file name.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"># cd /etc/php.d/
# mv oci8.ini oci8.ini.disable

</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
10. Enable Limits in PHP (PHP)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
To allow users to upload files of maximum size, update following configuration value.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"> upload_max_filesize = <orange style="color: orange;">2M</orange> <green style="color: green;"># Maximum 2M of file user can upload</green>
</pre>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Maximum execution time of each script</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"> max_execution_time = <orange style="color: orange;">30</orange> <green style="color: green;"># seconds</green>
</pre>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Maximum amount of time each script may spend parsing request data</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">max_input_time = <orange style="color: orange;">60</orange> <green style="color: green;"># seconds</green>
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'roboto slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">

11. Restrict Remote MySQL Access (MySQL)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
If your application environment do not required to access database remotely, then disable all remote connections for database server. The easier way to do it force MySQL server to listen only on 127.0.0.1 (localhost).</div>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Edit MySQL configuration file and update following value.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"> bind-address=<orange style="color: orange;">127.0.0.1</orange>
 
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">

12. Disable use of LOCAL INFILE (MySQL)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Enabling LOCAL INFILE can be dangerous for you system security. If LOCAL INFILE is enabled on server, a user can load any file ( like /etc/passwd, /etc/shadow ) to a table easily.</div>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
To disable this edit MySQL configuration file and add following value under [mysqld] section.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">[mysqld]
local-infile=<orange style="color: orange;">0</orange>
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
13. Create Application Specific User in MySQL (MySQL)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
Do not use mysql ‘root’ user for accessing database through application. It can be dangerous for your system. So make sure to create and use application specific user with limited access on application database only. To create mysql account use following command.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">root@hackthesec:~# <orange style="color: orange;">mysql -u root -p </orange>

mysql> CREATE USER '<orange style="color: orange;">myusr</orange>'@'<orange style="color: orange;">localhost</orange>' IDENTIFIED BY '<orange style="color: orange;">password</orange>';
mysql> GRANT SELECT,INSERT,UPDATE,DELETE ON <orange style="color: orange;">mydb</orange>.* TO '<orange style="color: orange;">myusr</orange>'@'<orange style="color: orange;">localhost</orange>' IDENTIFIED BY '<orange style="color: orange;">password</orange>';
mysql> FLUSH PRIVILEGES;
</pre>
<h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;">
14. Improve Security with mysql_secure_installation (MySQL)</h2>
<div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;">
After installing MySQL mysql_secure_installation command is very useful for securing MySQL server. This command will also enable password protection on root user.</div>
<pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; font-size: 0.9em; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;">root@hackthesec:~# <orange style="color: orange;">mysql_secure_installation </orange>

"Only required output is showing below. In actual you will see more output on-screen"

Change the root password? [Y/n] <orange style="color: orange;">y</orange>
New password: **********
Re-enter new password: **********

Remove anonymous users? [Y/n] <orange style="color: orange;">y</orange>
Disallow root login remotely? [Y/n] <orange style="color: orange;">y</orange>
Remove test database and access to it? [Y/n] <orange style="color: orange;">y</orange>
Reload privilege tables now? [Y/n] <orange style="color: orange;">y</orange>

Best Security Tips for LAMP Stack (Apache, MySQL and PHP) on Linux

Best Security Tips for LAMP Stack (Apache, MySQL and PHP) on Linux Many of new system administrators forgot to apply security, when configuring web hosting environment for production use with Apache,…

24 Jan 2016

Load more posts