This guide will walk you through setting up a Debian EC2 instance on AWS, configuring either a LAMP (Linux, Apache, MySQL/MariaDB, PHP) or LEMP (Linux, Nginx, MySQL/MariaDB, PHP) stack, and installing phpMyAdmin. We'll also cover securing your MariaDB installation and setting up SSL with Let's Encrypt for your domains.
1. EC2 Instance Setup
Before you begin, you need to launch an EC2 instance:
-
Launch Instances: Choose a Debian image.
-
Key Pair: Create a new key pair or select an existing one. This is crucial for connecting to your instance.
-
Network Settings: Ensure you Allow HTTP and HTTPS traffic in your security group settings.
2. Connect to Your EC2 Instance
Once your instance is running, you can connect to it using SSH.
2.1. Key Pair Permissions
First, ensure your key pair file has the correct permissions (read-only for the owner):
chmod 400 "/Users/sk_arnov/Documents/Cloud Computing/AWS/example.com.pem"
(Note: Adjust the path to your key file)
2.2. SSH Connection
Connect to your instance using the following command. Replace the key pair path and IP address with your own:
ssh -i "/home/shaik/Software Development/Amazon Web Services/Key Pairs/Personal Server.pem" admin@180.15.259.230
(Note: The default user for Debian is typically admin or debian. If admin doesn't work, try debian.)
3. Update Your System
After connecting, it's good practice to update your system packages:
sudo apt update && sudo apt upgrade -yOption A: LEMP Stack (Nginx) Setup
This section details the setup using Nginx as your web server.
4. Install Nginx
sudo apt install nginx -y
sudo systemctl enable nginx
sudo systemctl start nginx
Verify Nginx status:
sudo systemctl status nginx5. Install PHP-FPM and Required PHP Extensions
sudo apt install php-fpm php-mysql php-cli php-curl php-mbstring php-xml php-zip php-bcmath unzip -y
Confirm PHP version:
php -v
6. Install MariaDB
sudo apt install mariadb-server mariadb-client -y
sudo systemctl enable mariadb
sudo systemctl start mariadb
6.1. Secure MariaDB Installation
This is a crucial step for security. You will be prompted to set a root password and configure other security options.
sudo mysql_secure_installation
Follow the prompts:
-
Enter current password for root (enter for none): Press Enter (if no password is set initially)
-
Switch to unix_socket authentication [Y/n]: n
-
Change the root password? [Y/n]: n (You can set it later or directly in phpMyAdmin)
-
Remove anonymous users? [Y/n]: Y
-
Disallow root login remotely? [Y/n]: n (If you need remote access, otherwise Y for stricter security)
-
Remove test database and access to it? [Y/n]: Y
-
Reload privilege tables now? [Y/n]: Y
Check MariaDB status:
sudo systemctl status mariadb
7. Install phpMyAdmin (Manual Installation for Custom URL)
Installing phpMyAdmin manually allows you to serve it from a specific domain (e.g., database.obydullah.com).
cd /var/www/
sudo mkdir phpmyadmin
cd phpmyadmin
sudo wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.tar.gz
sudo tar -xvzf phpMyAdmin-*-all-languages.tar.gz
sudo mv phpMyAdmin-*-all-languages/* .
sudo rm -rf phpMyAdmin-*-all-languages*
sudo chown -R www-data:www-data /var/www/phpmyadmin
8. Configure Nginx for phpMyAdmin (database.obydullah.com)
Create a new Nginx server block configuration for your phpMyAdmin domain:
sudo nano /etc/nginx/sites-available/db.example.com
Paste the following configuration:
server {
listen 80;
server_name db.example.com;
root /var/www/phpmyadmin;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
Enable the site and test Nginx configuration:
sudo ln -s /etc/nginx/sites-available/db.example.com /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
9. Point Domain DNS to EC2 (Mandatory)
Go to your domain registrar (e.g., Namecheap, GoDaddy) and create A records pointing to your EC2 instance's public IP:
-
obydullah.com -> Your EC2 Public IP
-
database.obydullah.com -> Your EC2 Public IP
Propagation can take up to 30 minutes.
10. Optional: Install SSL with Let's Encrypt (after domain resolves)
Once your domain DNS has propagated, you can install SSL certificates using Certbot.
sudo apt install certbot python3-certbot-nginx -y
Obtain SSL for your phpMyAdmin domain:
sudo certbot --nginx -d database.obydullah.com11. Troubleshooting phpMyAdmin Login (No Password Allowed)
If you encounter a "No password allowed" error when logging into phpMyAdmin, here are solutions:
11.1. Option 1: Set a Password for the MariaDB User (Recommended)
sudo mariadb
Check current users:
SELECT user, host, password FROM mysql.user;
Set a password for the root user (replace your_secure_password):
ALTER USER 'root'@'localhost' IDENTIFIED BY 'your_secure_password';
FLUSH PRIVILEGES;
EXIT;
Now, log into phpMyAdmin using: Username: root Password: your_secure_password
11.2. Option 2: Allow No Password (Not Recommended for Production)
Only use this for development environments.
sudo nano /var/www/phpmyadmin/config.inc.php
Add or modify the following line:
$cfg['Servers'][$i]['AllowNoPassword'] = true;
Save and exit (Ctrl+O, Enter, Ctrl+X). Then restart PHP-FPM and reload Nginx:
sudo systemctl restart php8.2-fpm sudo systemctl reload nginx
This section details the setup using Apache as your web server.
4. Install Apache
sudo apt install -y apache2
sudo systemctl enable apache2
sudo systemctl start apache2
5. Install PHP 8.2 and Required Extensions
sudo apt install -y php8.2 php8.2-fpm php8.2-mysql php8.2-mbstring php8.2-xml php8.2-bcmath php8.2-zip php8.2-curl
5.1. Enable PHP-FPM in Apache
sudo a2enmod proxy_fcgi setenvif
sudo a2enconf php8.2-fpm
sudo systemctl restart apache25.2. Enable and start PHP-FPM
sudo systemctl enable php8.2-fpm
sudo systemctl start php8.2-fpm6. Install MariaDB
sudo apt install -y mariadb-server
sudo systemctl enable mariadb
sudo systemctl start mariadb
6.1. Secure MariaDB Installation
This is a crucial step for security. You will be prompted to set a root password and configure other security options.
sudo mysql_secure_installation
Follow the prompts (similar to the Nginx section, but repeated for clarity):
-
Enter current password for root (enter for none): Press Enter (if no password is set initially)
-
Switch to unix_socket authentication [Y/n]: n
-
Change the root password? [Y/n]: n (You can set it later or directly in phpMyAdmin)
-
Remove anonymous users? [Y/n]: Y
-
Disallow root login remotely? [Y/n]: n (If you need remote access, otherwise Y for stricter security)
-
Remove test database and access to it? [Y/n]: Y
-
Reload privilege tables now? [Y/n]: Y
Check MariaDB status:
sudo systemctl status mariadb
7. Install phpMyAdmin (via apt)
sudo apt-get install phpmyadmin -y
During the installation, you will be prompted:
-
Select Apache (Use spacebar to select, then Enter)
-
Configure database for phpmyadmin with dbconfig-common?: Choose Yes
8. Setup Virtual Host for obydullah.com
First, create the document root and set permissions:
sudo mkdir -p /var/www/example.com
sudo chown -R www-data:www-data /var/www/example.com
sudo chmod -R 755 /var/www/example.com
Create the Apache Virtual Host configuration for obydullah.com:
sudo tee /etc/apache2/sites-available/example.com.conf > /dev/null <<EOF
<VirtualHost *:80>
ServerName example.com
DocumentRoot /var/www/example.com
<Directory /var/www/example.com>
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/example.com_error.log
CustomLog ${APACHE_LOG_DIR}/example.com_access.log combined
</VirtualHost>
EOF
Enable the site and restart Apache:
sudo a2ensite example.com.conf
sudo systemctl restart apache2
9. Configure Virtual Host for database.obydullah.com (phpMyAdmin)
Create a symbolic link for phpMyAdmin's files:
sudo mkdir -p /var/www/db.example.com
sudo ln -s /usr/share/phpmyadmin /var/www/db.example.com/phpmyadmin
Create the Apache Virtual Host configuration for db.example.com:
sudo tee /etc/apache2/sites-available/db.example.com.conf > /dev/null <<EOF
<VirtualHost *:80>
ServerName db.example.com
DocumentRoot /var/www/db.example.com
<Directory /var/www/db.example.com>
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/db.example.com_error.log
CustomLog ${APACHE_LOG_DIR}/db.example.com_access.log combined
</VirtualHost>
EOF
Enable the site and restart Apache:
sudo a2ensite db.example.com.conf
sudo systemctl restart apache2
10. Specify The Server Name on Debian (Apache)
To avoid warnings, add a ServerName directive to your apache2.conf:
sudo nano /etc/apache2/apache2.conf
Add the following line at the end of the file:
ServerName localhost11. Point Domain DNS to EC2 (Mandatory)
Go to your domain registrar (e.g., Namecheap, GoDaddy) and create A records pointing to your EC2 instance's public IP:
-
example.com -> Your EC2 Public IP
-
db.example.com -> Your EC2 Public IP
Propagation can take up to 30 minutes.
12. Optional: Install SSL with Let's Encrypt (after domain resolves)
Once your domain DNS has propagated, you can install SSL certificates using Certbot.
sudo apt update && sudo apt upgrade -y
sudo apt install certbot python3-certbot-apache -y
Obtain SSL for your main domain:
sudo certbot --apache -d example.com -d www.example.com
Obtain SSL for your phpMyAdmin domain:
sudo certbot --apache -d db.example.com
13. Verify Installations (Both Nginx and Apache)
Check the status of your services:
systemctl status apache2 # For Apache setup
systemctl status nginx # For Nginx setup
systemctl status php8.2-fpm
systemctl status mariadb