Open in app

Sign in

Write

Sign in

Setup an Ubuntu 14.04 LTS based LAMP stack on Rackspace

Matthias Gattermeier
Rackspace Magic
Published in
3 min readNov 11, 2014

A little howto to set up a Ubuntu server on Rackspace, configure firewall, setup LAMP and configure vhosts.

As a few prerequisites to follow these instructions you should:

  • be comfortable with terminal and basic Linux commands
  • know to work with your favorite text editor on terminal
  • have basic knowledge of the LAMP stack

Assuming you have already spun up an Ubuntu 14.04 LTS server from the Rackspace backend, let’s get started by opening terminal and ssh into your server:

ssh root@your.ip.address

Software installs

First let’s get the system up to date & run:

apt-get update
apt-get upgrade

Then let’s install what we will be needing for our LAMP stack:

apt-get install mysql-server apache2 php5 php5-mysql php5-gd

In all likelihood you will want to activate mod_rewrite:

a2enmod rewrite

Also, install your preferred text editor. My favorite is vim

apt-get install vim

User access management

We don’t want to login as root all the time, that’s bad practice. So, let’s add a new administrator user. And please.. try not to use the same password as the root ;)

adduser admin

And add the new admin to sudoers & apache group:

useradd -G sudo,www-data admin

Run ‘visudo’ and confirm that you see following:

%sudo ALL=(ALL:ALL) ALL

Now this should allow you to ssh into your server with your newly created admin user and start a root session via:

sudo su -

To make sure we don’t allow root to connect, in /etc/ssh/sshd_config edit set “PermitRootLogin yes” to “no”

Time to configure the firewall.

There are 2 easy ways to do that: IP Tables or UFW. We will go for IP tables and most of this section you find on the Rackspace pages. First let’s allow already established traffic (our current ssh connection):

iptables -A INPUT -m state —state ESTABLISHED,RELATED -j ACCEPT

Then we set a rule to allow ssh connections and incoming http traffic (port 80):

iptables -A INPUT -p tcp —dport ssh -j ACCEPT

iptables -A INPUT -p tcp —dport 80 -j ACCEPT

That’s all we need for now and we should decline all other incoming traffic to the server:

iptables -A INPUT -j DROP

To allow internal loopback traffic for inter-server communication:

iptables -I INPUT 1 -i lo -j ACCEPT

Now we need to save those rules with:

iptables-save > /etc/iptables.rules

And make sure they are loaded when we boot our server. For this we create two executable bash / shell scripts. First a new startup file with vim called iptablesload:

vim /etc/network/if-pre-up.d/iptablesload

and add:

#!/bin/sh
iptables-restore < /etc/iptables.rules
exit 0

Make the new file executable with chmod:

chmod +x /etc/network/if-pre-up.d/iptablesload

Create another file iptablessave with vim:

vim /etc/network/if-post-down.d/iptablessave

and add:

#!/bin/sh
iptables-save -c > /etc/iptables.save
if [ -f /etc/iptables.downrules ]; then iptables-restore < /etc/iptables.downrules
fi
exit 0

Again make the file executable:

chmod +x /etc/network/if-post-down.d/iptablessave

That’s it. Best we reboot the server and the login with our new admin account.

shutdown -r now

Virtual Hosts

Once we are back up and ssh’d in let’s get cracking on vhosts and such ☺

You will notice that when we installed apache a basic index.html file was created: /var/www/html/index.html

That is the file you will see when you type in your IP address in your browser. If you don’t want to proceed setting up virtual hosts (see below) it might be a good idea to change this file to some generic placeholder index file you find appropriate, or start building your website there ☺

Otherwise, let’s proceed with vhosts and create a new folder

vim /etc/apache2/vhost.d

Then open the apache config file

vim /etc/apache2/apache2.conf

At the bottom of the file add:

Include vhost.d/*.conf

When working this vhost configuration it is important to remember that apache decides on the default vhost for the IP alphabetically. You should prefix the file in vhost.d that you want to use as default with ‘000-default-’ to make sure this will be the first one in the alphabet.

Let’s assume the first vhost entire will be our default and create a standard vhost config file for this:

vim /etc/apache2/vhost.d/000-default-mydomain.com.conf

And add:

<VirtualHost *:80> 
DocumentRoot /var/www/html/mydomain 
ServerName mydomain.com
ServerAlias www.mydomain.com
<Directory “/var/www/html/mydomain”>
  AllowOverride all
</Directory>
CustomLog /var/log/apache2/mydomain.com-access.log forwarded
ErrorLog /var/log/apache2/mydomain.com.at-error.log
LogLevel warn
</VirtualHost>

Time to restart apache so that all those changes we made go into effect.

service apache2 restart

You are all set.

--

--

Matthias Gattermeier
Rackspace Magic

Written by Matthias Gattermeier

379 Followers
Editor for

Software Engineer at The New York Times.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams