Complete Guide Installing LAMP Stack on Debian 11

Introduction

A 'LAMP' stack is a group of open-source software that is commonly installed together to allow a server to host dynamic websites and web apps. This term stands for: Linux: the operating system, Apache: the web server, MariaDB: the database where website data is stored, PHP: the language used to create dynamic content.

While MySQL is often used as the database management system, some Linux distributions, like Debian, use MariaDB as a replacement. In this guide, you'll learn how to install a LAMP stack on a Debian 11 server, using MariaDB as the database management system.

Preparing Your Debian 11 Server

Before we start, make sure you have a Debian 11 server ready. You'll also need a user account with sudo privileges and a basic firewall set up. If you haven't done this yet, you can check our beginner's guide on setting up your Debian 11 server for help.

Step 1 - Apache Installation and Firewall Update

Apache is one of the most popular web servers worldwide. It's well-supported, has a large community, and has been used for hosting websites for a long time, making it a reliable choice.

Let's begin by updating the package manager cache. If this is your first time using 'sudo' in this session, you'll need to enter your password to confirm you have the necessary permissions to manage system packages with 'apt'.

sudo apt update	

Next, let's install Apache. You can do this by running the following command:

sudo apt install apache2

After running the installation command, you'll be asked to confirm if you want to install Apache. Simply type 'Y' and press ENTER to proceed. Once Apache is installed, we need to make sure our firewall allows web traffic. If you've followed our initial server setup guide and enabled the UFW firewall, you'll need to allow HTTP and HTTPS traffic through it.

On Debian 11, UFW has predefined profiles for applications. You can see the full list of these profiles by running:

sudo ufw app list

The WWW profiles you see listed are for controlling the ports that web servers use.

Output
Available applications:
. . .
WWW
WWW Cache
WWW Full
WWW Secure
. . .

If you check the details of the "WWW Full" profile using the command 'ufw app info', you'll see that it allows traffic to go through ports 80 and 443.

sudo ufw app info "WWW Full"

Output
Profile: WWW Full
Title: Web Server (HTTP,HTTPS)
Description: Web Server (HTTP,HTTPS)

Ports:
80,443/tcp

Now, let's enable incoming HTTP and HTTPS traffic for this profile:

sudo ufw allow in "WWW Full"

To confirm that everything is working correctly, open your web browser and visit your server's public IP address.

http://your_server_ip

You'll see the default Apache web page for Debian 11, which is there to give you some basic information and to test that Apache is working properly.

If you see this page in your browser, it means your web server is installed correctly and can be accessed through your firewall.

Finding Your Server's Public IP Address

Finding your server's public IP address is essential for accessing it from other devices or services. Here are some simple methods to do so: Using Command Line Tools: You can use the command line to find your IP address. One way is to utilize the iproute2 tools. Using Online Services: Alternatively, you can visit a website that displays your public IP address. Simply open your web browser and search for "what is my IP address," and you'll find various websites that provide this information.

Once you have your server's public IP address, you can use it to connect to your server through SSH or access it via a web browser.

ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's//.*$//'

When you run the command to find your server's IP address, you might see two or three lines of information. Each line represents a different address, but your computer may only use one of them. You can try each one to see which works.

Another way to find your IP address is by using the curl utility to ask an outside server. Here's how to do it:

curl http://icanhazip.com

Choose any method you like and use it to find your IP address. Then, enter this IP address into your web browser to check if your server is showing the default Apache page.

Step 2: Setting Up Your Database with MariaDB

Now that your website is live on the web server, you need a database system to store and organize data for your site.

In Debian 11, the package used to install MySQL server has been replaced by default-mysql-server, which actually installs MariaDB. MariaDB is a community version of MySQL. To put it simply, when you install default-mysql-server, you're getting MariaDB by default. It's the recommended choice for MySQL-compatible databases on Debian-based systems.

For better compatibility in the long run, it's suggested to install MariaDB directly using its actual package, which is called "mariadb-server".

To install MariaDB, simply enter the following command:

sudo apt install mariadb-server

Once the installation is complete, it's a good idea to run a security script that's included with MariaDB. This script helps to improve the security of your database by removing some insecure default settings and restricting access.To start the interactive security script, run the following command:

sudo mysql_secure_installation

This script will guide you through a series of questions to improve the security of your MariaDB setup. The first question will ask for the current database root password. It's important to note that this is not the same as the system root password. The database root user is an administrative user with full control over the database system. Since you've just installed MariaDB and haven't set a password yet, simply press ENTER when prompted.

Next, you'll be asked if you want to set a password for the database root user. MariaDB uses a secure authentication method for the root user by default, so you don't need to set a password at this time. Simply type 'N' for "No" and then press ENTER.

After that, you can press 'Y' and then ENTER to accept the default settings for the remaining questions. This will remove any anonymous users and the test database, disable remote root login, and apply these changes immediately so that MariaDB will enforce the new rules you've set.

Once you've completed the security script, you can log in to the MariaDB console.

sudo mariadb

When you run this command, it will connect you to the MariaDB server as the administrative user 'root'. This is implied by using 'sudo' with the command.You should see output similar to the following:

Output
Welcome to the MariaDB monitor.  Commands end with ; or g.
Your MariaDB connection id is 41
Server version: 10.5.15-MariaDB-0+deb11u1 Debian 11
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]>

You may have noticed that you didn't need to enter a password to connect as the root user. This is because the default way MariaDB authenticates the administrative user 'root' is through the system's authentication method, not with a password. While this might seem concerning initially, it actually enhances security. Only system users with sudo privileges can log in as the MariaDB root user, either directly from the console or through an application running with those same privileges. In simple terms, this means you won't be able to use the MariaDB root user to connect from a PHP application, which is a good security measure.

For better security, it's recommended to create separate user accounts with limited privileges for each database, especially if you're hosting multiple databases on your server.
To exit the MariaDB console, simply type:

exit

Now that your MariaDB server is all set up and secure, it's time to add the final part to our website-building process: PHP

Step 3 — Adding PHP to Your Server

Now that you have Apache to show your website and MariaDB to store your data, it's time to add PHP. PHP is like the behind-the-scenes worker of your setup. It takes care of processing code to show dynamic content on your website. It can run scripts, talk to your MariaDB databases to get information and then pass that information to your web server to display on the website.

You'll also need to install some extra stuff to make PHP work smoothly with your MariaDB database and Apache server. One thing is called php-mysql, which helps PHP talk to databases like MariaDB. Another thing is called libapache2-mod-php, which helps Apache handle PHP files. Don't worry too much about the technical details – just run this command to install everything you need:

sudo apt install php libapache2-mod-php php-mysql

After the installation finishes, you can check which version of PHP you have by using this command:

php -v

Output

PHP 7.4.30 (cli) (built: Jul  7 2022 15:51:43) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
  with Zend OPcache v7.4.30, Copyright (c), by Zend Technologies

Now that your LAMP stack is all set up and ready to go, before you try running any PHP scripts to test it, it's a good idea to create a special place on your server where all your website's files and folders will live. This special place is called an Apache Virtual Host.

Step 4 — Setting Up Your Website's Home on the Server

When you're working with the Apache web server, you can create something called virtual hosts. Think of them like separate compartments that hold settings for different websites on the same server. This lets you host multiple websites on one server. In this guide, we'll set up a pretend domain called "your_domain." But when you do this for your own website, make sure to use your actual domain name instead of "your_domain.

By default, Apache shows its content from a folder at /var/www/html and uses the settings in a file called /etc/apache2/sites-available/000-default.conf. Instead of changing the default website settings at /var/www/html, we'll make a new "virtual host" for testing your PHP setup. Virtual hosts let you manage multiple websites on one Apache server. We'll also make a new folder structure inside /var/www for your_domain website. Don't worry, we'll leave /var/www/html as it is, so it will still show the default page if someone tries to access your server without specifying a particular site.

To start, let's create the main folder for your_domain website:

sudo mkdir /var/www/your_domain

Next, let's make sure you have control over the directory by giving it to you, the user who's currently using the system. We'll use a special code ($USER) that stands for your username on the computer.

sudo chown -R $USER:$USER /var/www/your_domain

Now, let's create a new file where we'll put some settings for our website. We'll use a program called nano, which lets us edit files from the command line.

sudo nano /etc/apache2/sites-available/your_domain.conf

This will make a new empty file. Now, let's put some basic settings in it for our website. You can replace "your_domain" with your actual domain name.

<VirtualHost *:80>
  ServerName your_domain
  ServerAlias www.your_domain 
  ServerAdmin webmaster@localhost
  DocumentRoot /var/www/your_domain
  ErrorLog $ {APACHE_LOG_DIR}/error.log
  CustomLog $ {APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Once you've finished adding the configuration, save and close the file. If you're using nano, you can do this by pressing CTRL + X, then Y, and finally ENTER.

With this VirtualHost setup, you're instructing Apache to display your website, called your_domain, using the directory /var/www/your_domain as the main place for website files. If you want to try Apache without a specific domain name, you can deactivate the ServerName and ServerAlias options by adding a "#" symbol at the start of each line.

Now, let's activate this virtual host using a command called a2ensite:

sudo a2ensite your_domain

if you're not using a custom website address (domain name) and want to make sure your own website shows up correctly, you should turn off Apache's default website. To do this:

1. Open your Apache settings
2. Look for a default website that comes with Apache.
3. Turn it off or disable it.

This helps ensure that your website, instead of the default one, is the one people see when they visit your web server.

sudo a2dissite 000-default

To check if you've made any mistakes in your configuration file, use the following command: Run this to make sure everything is set up correctly and there are no errors in your settings.

sudo apache2ctl configtest

Lastly, refresh Apache to apply these updates: This makes sure that any changes you've made to Apache are put into action

sudo systemctl reload apache2

Now, let's make a simple PHP test to check if PHP is working on your server: You're going to create a small PHP script to make sure everything is set up correctly.

Step 5 — Checking if PHP is Working on Your Website

Now that you've set up a special place to keep all your website stuff, let's make a little test to be sure Apache can handle PHP files.

Start by making a new file called info.php in the special folder you created for your website:

nano /var/www/your_domain/info.php

The file is empty right now. Let's add some text to it. Copy and paste the following lines into the file. These lines are like a secret code that PHP understands:

<?php
phpinfo();

After adding the text, save and close the file.

Now, let's check if everything is working. Open your web browser and type in your server's address or IP, followed by the script's name, which is info.php in this case:

http://your_domain/info.php

Now, if everything is set up correctly, you should see a simple PHP web page. It's like a default example page that shows PHP is working on your server.

This page tells you things about your server using PHP. It helps find and fix issues and makes sure your settings are working right.

If you can view this page in your web browser, it means PHP is working just like it should on your server.

After you've looked at the PHP server details on that page, it's a good idea to delete the file you made. It has some private info about your PHP setup and your server. Just use 'rm' to delete it:

sudo rm /var/www/your_domain/info.php

If you ever need to see that information again, don't worry. You can make this page again whenever you want.

Step 6 — Optional: Verifying Database Connection with PHP

If you're curious about whether PHP can talk to MariaDB (a type of database) and ask it questions, you can do a little test. First, we need to set up a place to test things out, called a 'test database,' and make a special user who can use it. Let's do that first.

Let's create a database called 'example_database' and a user called 'example_user.' You can use different names if you like.

To start, open up the MariaDB console using the root account:

sudo mariadb

To make a new database, just type this command into your MariaDB console:

CREATE DATABASE example_database;

Now, let's make a special user and give them permission to do everything in the database you made.

Use this command to make a new user called 'example_user.' We're setting their password as 'password' for now, but you should pick a strong password of your own:

CREATE USER 'example_user'@'%' IDENTIFIED BY 'password';

After creating the user, you'll want to give them access to the 'example_database' database:

GRANT ALL ON example_database.* TO 'example_user'@'%';

This step ensures that 'example_user' has complete control over the 'example_database' and can't mess with any other databases on your server.

Now, let's make sure these changes are saved and ready to use in the current session:

FLUSH PRIVILEGES;

After completing those steps, you can exit the MariaDB shell by:

exit

Now, let's check if everything is working by logging into the MariaDB console with the new user details you just created:

mariadb -u example_user -p

Make sure to use the -p flag when you run this command. It will ask for the password you set when creating the 'example_user' user. After you're logged in, check if you can access the 'example_database' database:

SHOW DATABASES;

This will show you some information on the screen:

Output
+--------------------+
| Database           |
+--------------------+
| example_database   |
| information_schema |
+--------------------+
2 rows in set (0.000 sec)

Now, let's make a test table called 'todo_list.' In the MariaDB console, type in the following and press Enter:

CREATE TABLE example_database.todo_list (
item_id INT AUTO_INCREMENT,
content VARCHAR(255),
PRIMARY KEY(item_id)
);

Now, let's add some information to our test table. Type the following command into the MariaDB console a few times, each time with different values, to fill up your test table:

INSERT INTO example_database.todo_list (content) VALUES ("My first important item");

To make sure your table has the information you added, type this command:

SELECT * FROM example_database.todo_list;

This will show you some information on the screen:

Output
+---------+--------------------------+
| item_id | content                  |
+---------+--------------------------+
|       1 | My first important item  |
|       2 | My second important item |
|       3 | My third important item  |
|       4 | and this one more thing  |
+---------+--------------------------+
4 rows in set (0.000 sec)

Once you've checked that your test table has the right information, you can leave the MariaDB console:

exit

Now, let's make a PHP script that talks to MariaDB and asks for your data. Open up your custom web folder and create a new PHP file using the text editor you like:

nano /var/www/your_domain/todo_list.php

This PHP script connects to the MariaDB database and fetches the information from the 'todo_list' table, showing the results in a list. If something goes wrong with connecting to the database, it will let you know by throwing an exception.

Copy and paste the following code into your 'todo_list.php' script. Don't forget to change the 'example_user' and 'password' values to your own:

<?php
$user = "example_user";
$password = "password";
$database = "example_database";
$table = "todo_list";

try {
$db = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
echo "<h2>TODO</h2><ol>"; 
foreach($db->query("SELECT content FROM $table") as $row) {
  echo "<li>" . $row['content'] . "</li>";
}
echo "</ol>";
} catch (PDOException $e) {
  print "Error!: " . $e->getMessage() . "<br/>";
  die();
}

After making changes, save and close the file.

Now, open your web browser and go to your website's address or IP, followed by '/todo_list.php'. This will take you to the page you just created.

http://your_domain/todo_list.php

This webpage will show the information you added to your test table to anyone who visits it:

This tells you that your PHP setup is all set to talk and work with your MariaDB server.

Conclusion:

In this guide, you've set up a solid base for hosting PHP websites and apps. You used Apache for the web server and MariaDB for the database. Now, let's make sure your website is secure by setting up HTTPS. You can do this with Let's Encrypt. Also, if you want to manage dependencies and packages in PHP, check out our guide on How to Install and Use Composer.

Ready to secure your website and manage dependencies? Follow our guides to learn how!