Digital Development
Web Design

The following tutorial is a step by step guide to installing an Apache server with support for PHP and MySQL on your EC2 Instance. In order to get started you should already have signed up with Amazon Web Services (AWS) and should have basic knowledge of using command line. When complete you should have an Apache server up and running on your EC2 Instance and will be set up to host a dynamic website or application.

Create a Key Pair

A key pair enables you to connect to a Linux instance through SSH. If you launch your EC2 Instance without a key pair, then you can't connect to it. This can be created through the Amazon EC2 console under the Network & Security menu. Its important to select a region for your Key Pair. While resources can be shared globally, Key Pairs are restricted by region. Your region can be selected from the navigation bar. Its best to name your file using your username and your region. Save the file in a safe location on your computer and set permission so only you have read access:

$ chmod 400 your_user_name-key-pair-region_name.pem

Create a Security Group

Imagine the security group as a firewall, controlling inbound and outbound traffic for your EC2 Instance. Rules are added to a security group enabling connection to your instance from your IP address using SSH. Rules may also be added to allow inbound and outbound HTTP and HTTPS access from anywhere.

  • Enter Security Groups under the Network & Security menu in the EC2 console and click Create Security Group.
  • Specify your_user_name_SG_region_name as the name of the security group, and provide a description. Click Yes, Create.
  • Selecting only the security group that you just created, on the Inbound tab select HTTP from the Create a new rule list, make sure that Source is 0.0.0.0/0, and then click Add Rule. Repeat for HTTPS.
  • Select SSH from the same list. In the Source box, specify the public IP address of your computer in CIDR notation, and then click Add Rule. For example if your IP address is 203.0.113.25, specify 203.0.113.25/32. If you don't know your IP address you there are many site which can feedback this information, its a simple Google search away.

Launch an Amazon EC2 Instance

An Amazon EC2 Instance is a virtual server which you will custom build to suit your needs for dynamic website or application hosting. Setting up your Instance is really straightforward if you follow these steps.

  • Click Launch Instance on your AWS EC2 console. This will present you with a list of basic configurations called Amazon Machine Images (AMIs) that serve as templates for your instance. Select the 64-bit Amazon Linux AMI ("Free Tier Eligible").
  • Next select the hardware configuration of your instance (t1.micro instance is selected by default). Click Review and Launch to let the wizard complete other configuration settings.
  • Under Security Groups, click Edit Security Groups, ensure Select an Existing Security Group is selected and select your security group from the list of existing security groups. Click Review and Launch.
  • On the Review Instance Launch page, click Launch and, when prompted to choose your Key Pair, select the Key Pair you created earlier.
  • Click View Instances to close the confirmation page and return to the console. At this point, if using the free tier, I recommend setting up a billing alert to notify you of any charges you may incur at a later stage.

Install a LAMP Web Server

In order to run a dynamic website from your EC2 Instance you need to install the Apache web server with PHP and MySQL support. To do this you first need to connect to your Instance using an SSH client. What I describe here is the procedure used via Terminal for Mac users, if you're not using a Mac have a look here.

Connect to your Instance using ssh

ssh -i /path/key_pair.pem ec2-user@public_dns_name

Update software packages

[ec2-user ~]$ sudo yum update -y

Install Apache with PHP and MySQL support

[ec2-user ~]$ sudo yum groupinstall -y "Web Server" "MySQL Database" "PHP Support"

Install PHP & MySQL package

[ec2-user ~]$ sudo yum install -y php-mysql

Start Apache server

[ec2-user ~]$ sudo service httpd start

Use the chkconfig command to configure the Apache web server to start at each system boot

[ec2-user ~]$ sudo chkconfig httpd on

If successful, you can enter your public DNS name into the browser and you should be greeted by the Apache test page. Good job!

Next we need to allow the ec2-user to manipulate files in the Amazon Linux AMI Apache document root. To accomplish this we add a www group to your Instance, give this group ownership of the /var/www directory and add write permissions for the group. Any members of that group will then be able to add, delete, and modify files for the web server.

View files in the Amazon Linux AMI Apache document root (/var/www/html)

[ec2-user ~]$ ls -l /var/www

Add www group to the Amazon Linux AMI Apache document root

[ec2-user ~]$ sudo groupadd www

Add ec2-user to the www group

[ec2-user ~]$ sudo usermod -a -G www ec2-user

You next need to log out and then log back in again and verify your membership in the www group

[ec2-user ~]$ exit

Reconnect to your Instance

ssh -i /path/key_pair.pem ec2-user@public_dns_name

Check for the group you just created

[ec2-user ~]$ groups

Change the group ownership of /var/www and its contents to the www group

[ec2-user ~]$ sudo chown -R root:www /var/www

Change the directory permissions of /var/www and its subdirectories to add group write permissions

[ec2-user ~]$ sudo chmod 2775 /var/www

Set the group ID on future subdirectories

[ec2-user ~]$ find /var/www -type d -exec sudo chmod 2775 {} +

Change the file permissions of /var/www and its subdirectories to add group write permissions

[ec2-user ~]$ find /var/www -type f -exec sudo chmod 0664 {} +

Now ec2_user (and any future members of the www group) can add, delete, and edit files in the Apache document root, i.e. you can add content, such as a static website or a PHP application. In order to test that your server is up and running use the following command to.

Create a simple PHP file in your root directory

[ec2-user ~]$ echo "Hello World!" > /var/www/html/hello.php

Entering your root url into the browse. You should be greeted by your new page.
http://my.public.dns.amazonaws.com/hello.php

Secure the MySQL server

The installed MySQL server is setup for testing and development, for production servers such features need to be removed. The following commands allow you to set a root password and removes the insecure features from your installation.

Start the MySQL server so that you can run mysql_secure_installation

[ec2-user ~]$ sudo service mysqld start

Run MySQL Secure Installation

[ec2-user ~]$ sudo mysql_secure_installation

When prompted for a password,press Enter as no password has been set. Type Y to set a password, and enter a secure password twice.

  1. Type Y to remove the anonymous user accounts.
  2. Type Y to disable remote root login.
  3. Type Y to remove the test database.
  4. Type Y to reload the privilege tables and save your changes.

Your MySQL server is now secure and you should have a fully functional LAMP web server.