// Tutorial //

How To Install Linux, Apache, MariaDB, PHP (LAMP) stack on Debian 10

Published on July 15, 2019 · Updated on January 23, 2023
Default avatar
How To Install Linux, Apache, MariaDB, PHP (LAMP) stack on Debian 10
Not using Debian 10?Choose a different version or distribution.
Debian 10

Introduction

A LAMP stack is a group of open-source software typically installed together to enable a server to host dynamic websites and web apps. This term is an acronym that represents the Linux operating system, with the Apache web server. The site data is stored in a MariaDB database, and dynamic content is processed by PHP.

Although this software stack typically includes MySQL as the database management system, some Linux distributions — including Debian — use MariaDB as a drop-in replacement for MySQL.

In this guide, you will install a LAMP stack on a Debian 10 server, using MariaDB as the database management system.

Prerequisites

To follow this tutorial, you will need to have a Debian 10 server with a non-root sudo-enabled user account and a basic firewall. This can be configured using our initial server setup guide for Debian 10.

Step 1 — Installing Apache and Updating the Firewall

The Apache web server is among the most popular web servers in the world. It’s well-documented and has been in wide use for much of the history of the web, which makes it a great default choice for hosting a website.

Start by updating the package manager cache. If this is the first time you’re using sudo within this session, you’ll be prompted to provide your user’s password to confirm you have the right privileges to manage system packages with apt:

  1. sudo apt update

Then install Apache with the following:

  1. sudo apt install apache2

This command prompts you to confirm Apache’s installation. Confirm by pressing Y, then ENTER. Once the installation is complete, you need to adjust your firewall settings. Assuming that you followed the initial server setup instructions to install and enable the UFW firewall, make sure that your firewall allows HTTP and HTTPS traffic.

On Debian 10, UFW comes loaded with app profiles that you can use to adjust your firewall settings. View the full list of application profiles by running:

  1. sudo ufw app list

The WWW profiles are used to manage ports used by web servers:

Output
Available applications: . . . WWW WWW Cache WWW Full WWW Secure . . .

If you inspect the WWW Full profile, it shows that it enables traffic to ports 80 and 443:

  1. sudo ufw app info "WWW Full"
Output
Profile: WWW Full Title: Web Server (HTTP,HTTPS) Description: Web Server (HTTP,HTTPS) Ports: 80,443/tcp

Allow incoming HTTP and HTTPS traffic for this profile:

  1. sudo ufw allow in "WWW Full"

You can verify that everything went as planned by visiting your server’s public IP address in your web browser:

http://your_server_ip

This will return the default Debian 10 Apache web page, which is there for informational and testing purposes:

Debian 10 Apache default

If your browser returns this page, then your web server is now correctly installed and accessible through your firewall.

How To Find Your Server’s Public IP Address

If you do not know what your server’s public IP address is, there are several ways you can find it. Usually, this is the address you use to connect to your server through SSH.

There are a few different ways to do this from the command line. First, you can use the iproute2 tools to get your IP address by running:

  1. ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'

This will return two or three lines back. They are all correct addresses, but your computer may only be able to use one, so feel free to try each one.

An alternative method is to use the curl utility to contact an outside party to tell you how it views your server. You can run the following command and ask a specific server what your IP address is:

Since Debian 10 does not have curl be default, you will need to install it first:

  1. sudo apt install curl

Then run the following command and ask a specific server what your IP address is:

  1. curl http://icanhazip.com

Regardless of the method, write your IP address into your web browser to verify that your server is running the default Apache page.

Step 2 — Installing MariaDB

Now that you have a web server up and running, you need to install the database system to be able to store and manage data for your site.

In Debian 10, the metapackage mysql-server, which was traditionally used to install the MySQL server, was replaced by default-mysql-server. This metapackage references MariaDB, a community fork of the original MySQL server by Oracle, and it’s currently the default MySQL-compatible database server available on Debian-based package manager repositories.

For longer-term compatibility, however, it’s recommended that instead of using the metapackage you install MariaDB using the program’s actual package, mariadb-server.

To install the MariaDB software, run:

  1. sudo apt install mariadb-server

When the installation is finished, it’s recommended that you run a security script that comes pre-installed with MariaDB. This script will remove some insecure default settings and lock down access to your database system. Start the interactive script by running:

  1. sudo mysql_secure_installation

This script will take you through a series of prompts where you can make some changes to your MariaDB setup. The first prompt will ask you to enter the current database root password. This is not to be confused with the system root. The database root user is an administrative user with full privileges over the database system. Since you recently installed MariaDB and haven’t made any configuration changes yet, this password will be blank, so press ENTER at the prompt.

The next prompt asks you whether you’d like to set up a database root password. Since MariaDB uses a special authentication method for the root user that is typically safer than using a password, you don’t need to set this now. Press N and then ENTER.

From there, you can press Y and then ENTER to accept the defaults for all the subsequent questions. This will remove anonymous users and the test database, disable remote root login, and load these new rules so that MariaDB immediately respects the changes you have made.

When you’re finished, log in to the MariaDB console:

  1. sudo mariadb

This will connect to the MariaDB server as the administrative database user root, which is inferred by the use of sudo when running this command. You should receive the following output:

Output
Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 42 Server version: 10.3.36-MariaDB-0+deb10u2 Debian 10 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>

Notice that you didn’t need to provide a password to connect as the root user. That works because the default authentication method for the administrative MariaDB user is unix_socket instead of password. Even though this might seem like a security concern at first, it makes the database server more secure because the only users allowed to log in as the root MariaDB user are the system users with sudo privileges connecting from the console or through an application running with the same privileges. In practical terms, that means you won’t be able to use the administrative database root user to connect from your PHP application.

For increased security, it’s best to have dedicated user accounts with less expansive privileges set up for every database, especially if you plan on having multiple databases hosted on your server.

You can exit the MariaDB console with the following:

  1. exit

Your MariaDB server is now installed and secured. Next, you will install PHP, the final component in the LAMP stack.

Step 3 — Installing PHP

You have Apache installed to serve your content and MariaDB installed to store and manage your data. PHP is the component of your setup that will process code to display dynamic content to the final user. It can run scripts, connect to your MariaDB databases to get information, and hand the processed content over to your web server to display.

In addition to the php package, you will need php-mysql, a PHP module that allows PHP to communicate with MySQL-based database, such as MariaDEB. You will also need libapache2-mod-php to enable Apache to handle PHP files. Core PHP packages will automatically be installed as dependencies.

To install these packages, run the following command:

  1. sudo apt install php libapache2-mod-php php-mysql

Once installation is complete, you can verify your PHP version with the following command:

  1. php -v
Output
PHP 7.3.31-1~deb10u2 (cli) (built: Dec 15 2022 09:39:10) ( NTS ) Copyright (c) 1997-2018 The PHP Group Zend Engine v3.3.31, Copyright (c) 1998-2018 Zend Technologies with Zend OPcache v7.3.31-1~deb10u2, Copyright (c) 1999-2018, by Zend Technologies

In most cases, you will want to modify the way that Apache serves files. Currently, if a user requests a directory from the server, Apache will first search for a file called index.html. To instruct the web server to prefer PHP files over others, you can set Apache to search for an index.php file first.

To do this, run the following command to open the dir.conf file in your preferred text editor with root privileges. In this example, we’re using nano:

  1. sudo nano /etc/apache2/mods-enabled/dir.conf

The contents will be as follows:

/etc/apache2/mods-enabled/dir.conf
<IfModule mod_dir.c>
    DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
</IfModule>

Move the PHP index file to the first position after the DirectoryIndex specification, like in the following:

/etc/apache2/mods-enabled/dir.conf
<IfModule mod_dir.c>
    DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
</IfModule>

When you are finished, save and close the file. If you’re using nano, you can do so by pressing CTRL+X, then Y and ENTER to confirm.

Now reload Apache’s configuration:

  1. sudo systemctl reload apache2

You can check on the status of the apache2 service with systemctl status:

  1. sudo systemctl status apache2
Sample Output
● apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: Active: active (running) since Fri 2023-01-20 22:21:24 UTC; 2min 12s ago Docs: https://httpd.apache.org/docs/2.4/ Process: 13076 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCC Process: 13097 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/ Main PID: 13080 (apache2) Tasks: 6 (limit: 4915) Memory: 13.7M CGroup: /system.slice/apache2.service ├─13080 /usr/sbin/apache2 -k start ├─13101 /usr/sbin/apache2 -k start ├─13102 /usr/sbin/apache2 -k start ├─13103 /usr/sbin/apache2 -k start ├─13104 /usr/sbin/apache2 -k start └─13105 /usr/sbin/apache2 -k start

At this point, your LAMP stack is fully operational, but before you can test your setup with a PHP script, it’s best to set up a proper Apache Virtual Host to hold your website’s files and folders. You will set this up in the next step.

Step 4 — Creating a Virtual Host for your Website

When using the Apache web server, you can create virtual hosts (similar to server blocks in Nginx) to encapsulate configuration details and host more than one domain from a single server. In this section, you’ll set up a domain called your_domain, but you should replace this with your own domain name.

Note: In case you are using DigitalOcean as a DNS provider, check out our product documentation for detailed instructions on how to set up a new domain name and point it to you server

By default, Apache serves its content from a directory located at /var/www/html, using the configuration contained in /etc/apache2/sites-available/000-default.conf. Instead of modifying the default website configuration file, you are going to create a new virtual host for testing your PHP environment. Virtual hosts enable you to keep multiple websites hosted on a single Apache server. You will also create a directory structure within /var/www for the your_domain site, leaving /var/www/html in place as the default directory to be served if a client request doesn’t match any other sites.

Begin by creating the root web directory for your_domain as follows:

  1. sudo mkdir /var/www/your_domain

Next, assign ownership of the directory with the $USER environment variable, which will reference your current system user:

  1. sudo chown -R $USER:$USER /var/www/your_domain

Then, open a new configuration file in Apache’s sites-available directory using your preferred text editor. nano is used in the following example:

  1. sudo nano /etc/apache2/sites-available/your_domain.conf

This creates a new blank file. Add in the following bare-bones configuration with your own domain name:

/etc/apache2/sites-available/your_domain
<VirtualHost *:80>
    ServerName your_domain
    ServerAlias www.your_domain 
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/your_domain
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

With this VirtualHost configuration, you’re telling Apache to serve your_domain using /var/www/your_domain as the web root directory. If you’d like to test Apache without a domain name, you can remove or comment out the options ServerName and ServerAlias by adding a pound sign (#) character in the beginning of each option’s lines.

Save and close the file when you’re done.

Now use a2ensite to enable this virtual host:

  1. sudo a2ensite your_domain

You might want to disable the default website that comes installed with Apache. This is required if you’re not using a custom domain name, because in this case Apache’s default configuration would overwrite your Virtual Host. To disable Apache’s default website, run:

  1. sudo a2dissite 000-default

To make sure your configuration file doesn’t contain syntax errors, you can run:

  1. sudo apache2ctl configtest

Finally, reload Apache so these changes take effect:

  1. sudo systemctl reload apache2

Next, you will create a PHP script to test that PHP is correctly installed and configured on your server.

Step 5 — Testing PHP Processing on your Web Server

Now that you have a custom location to host your website’s files and folders, create a PHP test script to confirm that Apache is able to handle and process requests for PHP files.

Start by creating a new file named info.php inside your custom web root folder:

  1. nano /var/www/your_domain/info.php

This will open a blank file. Add the following text, which is valid PHP code, inside the file:

/var/www/your_domain/info.php
<?php
phpinfo();

When you are finished, save and close the file.

To test the script, go to your web browser and access your server’s domain name or IP address, followed by the script name, which in this case is info.php:

http://your_domain/info.php

Here is an example of the default PHP web page:

Default PHP info

This page provides some basic information about your server from the perspective of PHP. It is useful for debugging and to ensure that your settings are being applied correctly.

If you receive this page in your browser, then your PHP installation is working as expected.

After checking the relevant information about your PHP server through that page, it’s best to remove the file you created as it contains sensitive information about your PHP environment and your Debian server. You can use rm to do so:

  1. sudo rm /var/www/your_domain/info.php

You can always recreate this page if you need to access the information again later.

Step 6 — Testing Database Connection from PHP (Optional)

If you want to test whether PHP is able to connect to MariaDB and execute database queries, you can create a test table with test data and query for its contents from a PHP script. Before you do that, you need to create a database and a new MariaDB user properly configured to access it.

First, connect to the MariaDB console using the root account:

  1. sudo mariadb

To create a new database, run the following command from your MariaDB console:

  1. CREATE DATABASE example_database;

Now create a new user and grant them full privileges on the custom database you’ve created.

The following command creates a new user named example_user that authenticates with a password. We’re defining this user’s password as password, but you should replace this value with a secure password of your own choosing:

  1. CREATE USER 'example_user'@'%' IDENTIFIED BY 'password';

Next, give this user permission over the example_database database:

  1. GRANT ALL ON example_database.* TO 'example_user'@'%';

This will give the example_user user full privileges over the example_database database, while preventing this user from creating or modifying other databases on your server.

Next, flush the privileges to ensure that they are saved and available in the current session:

  1. FLUSH PRIVILEGES;

Following this, exit the MariaDB shell:

  1. exit

You can test if the new user has the proper permissions by logging in to the MariaDB console again, this time using the custom user credentials:

  1. mariadb -u example_user -p

Note the -p flag in this command, which will prompt you for the password used when creating the example_user. After logging in to the MariaDB console, confirm that you have access to the example_database:

  1. SHOW DATABASES;

This will give you the following output:

Output
+--------------------+ | Database | +--------------------+ | example_database | | information_schema | +--------------------+ 2 rows in set (0.000 sec)

Next, create a test table named todo_list. From the MariaDB console, run the following statement:

  1. CREATE TABLE example_database.todo_list (
  2. item_id INT AUTO_INCREMENT,
  3. content VARCHAR(255),
  4. PRIMARY KEY(item_id)
  5. );

Insert a few rows of content in the test table. Repeat the next command a few times, using different values to populate your test table:

  1. INSERT INTO example_database.todo_list (content) VALUES ("My first important item");

To confirm that the data was successfully saved to your table, run:

  1. SELECT * FROM example_database.todo_list;

You will receive the following output:

Output
+---------+--------------------------+ | item_id | content | +---------+--------------------------+ | 1 | My first important item | | 2 | My second important item | | 3 | My third important item | | 4 | and this one more thing | +---------+--------------------------+ 4 rows in set (0.000 sec)

After confirming that you have valid data in your test table, you can exit the MariaDB console:

  1. exit

Now you can create the PHP script that will connect to MariaDB and query for your content. Create a new PHP file in your custom web root directory using your preferred editor. nano is used in this example:

  1. nano /var/www/your_domain/todo_list.php

The following PHP script connects to the MariaDB database and queries for the content of the todo_list table, exhibiting the results in a list. If there’s a problem with the database connection, it will throw an exception.

Add this content into your todo_list.php script, remembering to replace the example_user and password values with your own:

/var/www/your_domain/todo_list.php
<?php
$user = "example_user";
$password = "password";
$database = "example_database";
$table = "todo_list";

try {
  $db = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
  echo "<h2>TODO</h2><ol>"; 
  foreach($db->query("SELECT content FROM $table") as $row) {
    echo "<li>" . $row['content'] . "</li>";
  }
  echo "</ol>";
} catch (PDOException $e) {
    print "Error!: " . $e->getMessage() . "<br/>";
    die();
}

Save and close the file when you’re done editing.

You can now access this page in your web browser by visiting the domain name or public IP address for your website, followed by /todo_list.php:

http://your_domain/todo_list.php

This web page will reveal the content you’ve inserted in your test table to your visitor:

Example PHP todo list

That means your PHP environment is ready to connect and interact with your MariaDB server.

Conclusion

In this guide, you’ve built a flexible foundation for serving PHP websites and applications to your visitors, using Apache as a web server and MariaDB as the database system.

As an immediate next step, you should ensure the connections to your web server are secured, by serving them via HTTPS. To accomplish that, you can use Let’s Encrypt. You can also read our guide on How to Install and Use Composer for dependency and package management in PHP.

Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.

Learn more about us


About the authors
Default avatar
Manager, Developer Education

Technical Writer @ DigitalOcean


Default avatar
Developer Advocate

Dev/Ops passionate about open source, PHP, and Linux.


Still looking for an answer?

Ask a questionSearch for more help

Was this helpful?
 
6 Comments
Leave a comment...

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

hello there i use those insructions but you forget to change in host file

sudo nano hosts **** ADD THIS LINE *** 127.0.0.1 your_domain

On the todo list test page, it just says “TODO” without displaying anything from the database.

I am working thru this tutorial, but have run into a problem with the php installation.

When I run:

sudo apt install php libapache2-mod-php php-mysql

I get the following response:

Reading package lists... Done
Building dependency tree       
Reading state information... Done
E: Unable to locate package php
E: Unable to locate package libapache2-mod-php
E: Unable to locate package php-mysql

Any suggestions?

I figured out that it is not depends from ufw, because without ufw Apache sometimes works and sometimes not. I cannot get what is the problem. The start page of Apache server is loaded correctly but sudo systemctl status apache2.service command shows that server failed to start, and mariadb base is not loading by browser…

The problem repeated. But after I disabled ufw and rebooted system(Debian 10, 64 bit) apache server worked again. So any ideas how to configure ufw properly?

I created locally site and example database using this tutorial. It worked when accessing database by opening /localhost/todo_list.php(in my case table1.php), but after reboot I’m getting this:

r@prime:~$ sudo systemctl status apache2.service
[sudo] пароль для r: 
● apache2.service - The Apache HTTP Server
   Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: 
   Active: failed (Result: exit-code) since Mon 2019-11-18 19:12:18 EET; 40min a
     Docs: https://httpd.apache.org/docs/2.4/
  Process: 723 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILUR

ноя 18 19:12:18 prime apachectl[723]: AH00558: apache2: Could not reliably deter
ноя 18 19:12:18 prime apachectl[723]: (98)Address already in use: AH00072: make_
ноя 18 19:12:18 prime apachectl[723]: (98)Address already in use: AH00072: make_
ноя 18 19:12:18 prime apachectl[723]: no listening sockets available, shutting d
ноя 18 19:12:18 prime apachectl[723]: AH00015: Unable to open logs
ноя 18 19:12:18 prime apachectl[723]: Action 'start' failed.
ноя 18 19:12:18 prime apachectl[723]: The Apache error log may have more informa
ноя 18 19:12:18 prime systemd[1]: apache2.service: Control process exited, code=
ноя 18 19:12:18 prime systemd[1]: apache2.service: Failed with result 'exit-code
ноя 18 19:12:18 prime systemd[1]: Failed to start The Apache HTTP Server.
r@prime:~$

What am I missing?

Try DigitalOcean for free

Click here to Sign up and get $200 of credit to try our products over 60 days!