How To Install Linux, Apache, MySQL, PHP (LAMP) on Debian 8

Files Structure:

• /srv
  • /mydomain.com
    • /.socks
    • /www
      • /cgi-bin
      • /logs
      • /public_html
      • /ssl
      • /tmp
    • /blog
      • /cgi-bin
      • /logs
      • /public_html
      • /ssl
      • /tmp

1. Installation of Apache 2.4

apt-get -y install apache2-mpm-prefork apache2-utils apache2-suexec

1.1. Configuration of Apache 2
We need to activate modules.
a2enmod suexec rewrite ssl actions include headers expires dav_fs dav auth_digest

2. Installation of MySQL

You can automate this step by following this tutorial.
apt-get install -y mysql-server

2.1 Securing the installation

To secure your installation of MySQL you have to use the command line mysql_secure_installation and remove all test tables and users.

3. Installation of PHP (FPM) + basic modules

apt-get install -y php5-fpm php-apc php5-mysql php5 php5-common php5-gd php5-mysql php5-imap php5-cli php5-cgi php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick php5-curl php5-intl php5-memcache php5-memcached php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl memcached

3.1 Enable PHP5 FPM for Apache2

a2enmod fastcgi

4. Configure your first website

#Create the user
/usr/sbin/useradd -M website1 -d /srv/mydomain.com/www/ -s /bin/false

#Create the structure
mkdir -p /srv/mydomain.com/.socks
chown -R root:root /srv/mydomain.com/.socks
chmod 1751 /srv/mydomain.com/.socks

mkdir -p /srv/mydomain.com/www/{cgi-bin,logs,public_html,ssl,tmp}
chown -R website1:website1 /srv/mydomain.com/www/
chown -R root:root /srv/mydomain.com/www/ssl
chown -R website1:website1 /srv/mydomain.com/www/cgi-bin
chown root:website1 /srv/mydomain.com/www/logs
chown root:root /srv/mydomain.com/www
chmod 1755 /srv/mydomain.com/www/
chmod 1700 /srv/mydomain.com/www/ssl
chmod 1750 /srv/mydomain.com/www/tmp
chmod 1750 /srv/mydomain.com/www/logs
chmod 1750 /srv/mydomain.com/www/cgi-bin

4.1 Non-SSL Virtual Host

Virtual Host folder: /etc/apache2/sites-available

Put the content below to /etc/apache2/sites-available/www.mydomain.com.conf
Don’t forget to change YOUR_SERVER_IP by your server IP Address!

<VirtualHost YOUR_SERVER_IP:80>
	ServerAdmin webmaster@mydomain.com
	ServerName  mydomain.com
	ServerAlias  www.mydomain.com
	DocumentRoot /srv/mydomain.com/www/public_html
	Options None
	<IfModule mod_fastcgi.c>
		<IfModule mod_php5.c>
			php_admin_flag engine off
		</IfModule>
		<FilesMatch \.php$>
			SetHandler php5-fcgi
		</FilesMatch>
		Alias /cgi-bin/ /srv/mydomain.com/www/cgi-bin/
		FastCgiExternalServer /srv/mydomain.com/www/cgi-bin/www.mydomain.com.external -socket /srv/mydomain.com/.socks/www.mydomain.com.sock
		AddHandler php5-fcgi .php
		Action php5-fcgi /cgi-bin/www.mydomain.com.external
		<Directory /srv/mydomain.com/www/cgi-bin>
			Require all granted
		</Directory>
	</IfModule>
	<Directory /srv/mydomain.com/www/public_html>
		Require all granted
		RewriteEngine on

		#Redirect all http traffic to https
		RewriteCond %{SERVER_PORT} 80
		RewriteRule ^(.*)$ https://www.mydomain.com/ [R=301,L]

		#Redirect non-www to www
		RewriteCond %{HTTP_HOST} ^([a-z.]+)?mydomain\.com$ [NC]
		RewriteCond %{HTTP_HOST} !^www\. [NC]
		RewriteRule .? http://www.%mydomain.com%{REQUEST_URI} [R=301,L]

		Options SymLinksIfOwnerMatch
		AllowOverride Indexes Limit Options AuthConfig FileInfo
	</Directory>
	# Log
	ErrorLog /srv/mydomain.com/www/logs/error.log
	LogLevel warn
	CustomLog /srv/mydomain.com/www/logs/access.log combined
</VirtualHost>

4.2 Configuration of PHP FPM

Pool configuration folder: /etc/php5/fpm/pool.d (one pool per Virtual Host)

Put the content below to /etc/php5/fpm/pool.d/www.mydomain.com.conf

; Pool name
[www.mydomain.com]
; On utilisera une socket
listen = /srv/mydomain.com/.socks/www.mydomain.com.sock
; Permission for the socket
listen.owner = website1
listen.group = website1
listen.mode = 0666
; User/Group for the process
user = website1
group = website1
; Process configuration
pm = dynamic
pm.max_children = 20
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 10
slowlog = /srv/mydomain.com/www/logs/php5-fpm.www.mydomain.com.log.slow
; Some PHP configuration directives (Change the way you want)
; If you enable open_basedir, upload_tmp_dir must be a child folder of the base_dir directory.
php_admin_value[open_basedir] = /srv/mydomain.com/www
php_admin_value[session.save_path] = /srv/mydomain.com/www/tmp
php_admin_value[upload_tmp_dir] = /srv/mydomain.com/www/tmp
php_admin_value[short_open_tag] = On
php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i
;Disable unsecure functions
php_admin_value[disable_functions] = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,exec,passthru,system,shell_exec,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source,fsocket,fsockopen,pfsockopen

4.3 Enable the new configuration

#Enable your new Apache Virtual Host
a2ensite www.mydomain.com
#Reload PHP5 FPM pools
service php5-fpm reload
#Reload Apache
service apache2 reload

Common Problems

If your PHP FPM won’t spawn your socket, check if you don’t have two pools with the same domain/subdomain [www.mydomain.com] (First or second line of your fpm pool configuration file)