LAMP Solution Installation

BTS SIO SISR technical procedure - Debian 11

Home Next →

Objective

Deploy a complete web server with Apache, MariaDB and PHP on Debian 11. This infrastructure allows hosting dynamic web applications and constitutes the foundation for many web services.

Prerequisites

  • Debian 11 server installed and functional
  • Root access or user with sudo rights
  • Active and configured network connection
  • Domain name or accessible IP address (for testing)

Complete Procedure

Step 1: System Update

Before any installation, update the package list and the system:

apt update && apt upgrade -y
Explanation: This command updates the available packages database and installs the latest security versions. The -y option automatically confirms installations.

Step 2: Apache Installation

Apache is the web server that will process HTTP requests:

apt install apache2 -y

Enable Apache at system startup:

systemctl enable apache2

Start the Apache service:

systemctl start apache2

Check the service status:

systemctl status apache2
Test: Open a browser and access http://SERVER_IP_ADDRESS
You should see the default Apache page "Apache2 Debian Default Page".

Step 3: MariaDB Installation

MariaDB is the database management system:

apt install mariadb-server -y

Enable MariaDB at startup:

systemctl enable mariadb

Start the service:

systemctl start mariadb

Secure the MariaDB installation:

mysql_secure_installation
Recommended answers for mysql_secure_installation:
  • Enter current password for root : [Press Enter]
  • Switch to unix_socket authentication : N
  • Change the root password? : Y → [Enter a strong password]
  • Remove anonymous users? : Y
  • Disallow root login remotely? : Y
  • Remove test database? : Y
  • Reload privilege tables? : Y

Step 4: PHP Installation

Installation of PHP and necessary modules:

apt install php php-mysql php-cli php-curl php-gd php-xml php-mbstring -y
PHP modules detail:
  • php : PHP interpreter
  • php-mysql : PHP connection to MySQL/MariaDB
  • php-cli : PHP command-line interface
  • php-curl : Data transfers via URL
  • php-gd : Image manipulation
  • php-xml : XML processing
  • php-mbstring : Multi-byte string handling

Restart Apache to load PHP:

systemctl restart apache2

Step 5: PHP Testing

Create a PHP test file:

nano /var/www/html/phpinfo.php

Content of phpinfo.php file:

<?php
phpinfo();
?>

Save and exit (Ctrl+O, Enter, Ctrl+X)

Test: Access http://SERVER_IP_ADDRESS/phpinfo.php
A detailed page displaying the complete PHP configuration should appear.
CRITICAL SECURITY
Delete the phpinfo.php file immediately after testing, as it exposes sensitive information about the server configuration.

Delete the test file:

rm /var/www/html/phpinfo.php

Verifications

Services verification

systemctl status apache2
systemctl status mariadb

Both services must be "active (running)"

Ports verification

ss -tulpn | grep -E '(apache|mysql)'

Expected result:

  • Apache: port 80 (HTTP) and possibly 443 (HTTPS)
  • MySQL/MariaDB: port 3306

MariaDB connection test

mysql -u root -p

Enter the root password set during mysql_secure_installation

Once connected, test an SQL command:

SHOW DATABASES;
EXIT;

PHP version verification

php -v

Displays the installed PHP version (typically PHP 7.4.x on Debian 11)

Simple PHP page test

Create a basic test file:

echo "<?php echo 'LAMP is working correctly!'; ?>" > /var/www/html/test.php

Access http://SERVER_IP_ADDRESS/test.php

Security and Limitations

Essential security measures

Firewall configuration (UFW): 
apt install ufw -y
ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp
ufw enable

Web files permissions

chown -R www-data:www-data /var/www/html
chmod -R 755 /var/www/html

Disable PHP error display in production

Edit the PHP configuration file:

nano /etc/php/7.4/apache2/php.ini

Modify the following directives:

display_errors = Off
log_errors = On
error_log = /var/log/php/error.log

Secure MariaDB

Additional configuration in /etc/mysql/mariadb.conf.d/50-server.cnf:

nano /etc/mysql/mariadb.conf.d/50-server.cnf

Verify that the following directive is present (to prevent remote connections):

bind-address = 127.0.0.1

Technical limitations (BTS level)

This configuration is NOT production-grade:
  • No SSL/TLS certificate configured (HTTPS)
  • No automatic backup system
  • No advanced monitoring
  • No database replication
  • No CDN or advanced cache
  • No high availability system
  • Minimal configuration for test/development environment

Important points

  • Always delete test files (phpinfo.php, test.php)
  • Use strong passwords for MySQL root
  • Keep the system regularly updated
  • Monitor logs: /var/log/apache2/ and /var/log/mysql/
  • Create specific MySQL users per application (never use root)

Important Files and Directories

Path Description
/var/www/html/ Web files root directory
/etc/apache2/ Apache configuration
/etc/mysql/ MariaDB/MySQL configuration
/etc/php/7.4/ PHP configuration
/var/log/apache2/ Apache logs (access.log, error.log)
/var/log/mysql/ MariaDB logs

Key Points for BTS Oral Exam

  • LAMP = Linux + Apache + MySQL/MariaDB + PHP
  • Apache: HTTP web server listening on port 80
  • MariaDB: community fork of MySQL (100% compatible)
  • PHP: server-side scripting language for dynamic content
  • systemctl: service manager under systemd (Debian 11)
  • Mandatory security: mysql_secure_installation, firewall, permissions
  • This stack allows hosting WordPress, Nextcloud, GLPI, etc.