Tag Archives: Linux

Install PHP CentOS From Source CentOS Linux

Install required tools for compilation

In order to compile PHP from source you need to install few tools and libraries. First you need EPEL repository to be enabled. This repository contains more recent version of packages.

sudo yum install epel-release -y

Once you have it installed execute following command to install required packages

yum install autoconf libtool re2c bison libxml2-devel bzip2-devel libcurl-devel libpng-devel libicu-devel gcc-c++ libmcrypt-devel libwebp-devel libjpeg-devel openssl-devel libxslt-devel -y

Download and unpack PHP Source code

Next step is downloading PHP source code. Easiest option is to download it from GitHub PHP releases. Choose the version you would like to install. In my case it’s 7.2.3. Copy link to tar.gz archive and execute following commands:

curl -O -L https://github.com/php/php-src/archive/php-7.1.18.tar.gz

tar -xvf php-7.1.18.tar.gz

cd php-src-php-7.1.18/

It will download the archive from GitHub, unpack the sources and change working directory to unpacked sources.

Compile PHP

Now it’s time to compile PHP. First we need to build configure command. In order to do that execute following command:

./buildconf --force

Once configure command is created we can use it to configure PHP installation. This process will enable certain PHP extensions such as PDO, FPM, OPCache, GD library etc. If you need any libraries that are not provided here, you can execute ./configure –help option and check if there is something you need. Following command will install PHP with most common extensions:

./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2/bin/apxs --with-freetype-dir=/usr/include/freetype2 --disable-short-tags --enable-xml --enable-cli --with-openssl --with-pcre-regex --with-pcre-jit --with-zlib --enable-bcmath --with-bz2 --with-curl --enable-exif --with-gd --enable-intl --with-mysqli --enable-pcntl --with-pdo-mysql --enable-soap --enable-sockets --with-xmlrpc --enable-zip --with-webp-dir --with-jpeg-dir --with-png-dir --enable-json --enable-hash --enable-mbstring --with-mcrypt --enable-libxml --with-libxml-dir --enable-ctype --enable-calendar --enable-dom --enable-fileinfo --with-mhash --with-incov --enable-opcache --enable-phar --enable-simplexml --with-xsl --with-pear

Apart from enabling extensions command above will also set where PHP will be installed. In my case it’s /usr/local/php location. If you will want to remove compiled PHP you will simply have to remove entire directory given under –prefix option.

Next it’s time to compile PHP. Please be aware that it takes few minutes:

make clean
make
make test

Install compiled PHP

Once PHP is compiled it is time to install it. Simply execute following command:

sudo make install

php.ini and OPCache configuration

Second thing is php.ini file. After installation php.ini file should located in /usr/local/php/lib. This is only the location. After compiling from source You won’t anything there so we need to copy it from uncompressed sources.

cd /usr/local/php/lib
cp /tmp/php-src-php-7.1.18/php.ini-development ./php.ini
vi php.ini

Add PHP to $PATH

We can do one more thing to make our life easier:) Add PHP executable to PATH, so we’ll be able to call php command from every directory.

echo 'pathmunge /usr/local/php/bin' > /etc/profile.d/php.sh

Execute such command, log out, log in and You’ll be able to execute:

php -v
Share

Setup GZIP compression CentOS Linux

GZIP compression has serious impact on performance and your website loading time. In order to use it make sure that mod_deflate and mod_filter are enabled.

First create new file that will contain GZIP settings for Apache:

sudo vi /usr/local/apache2/conf/extra/httpd-deflate.conf

Paste there following content and save the file:

<IfModule mod_deflate.c>
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE application/ecmascript
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml
</IfModule>
</IfModule>

It will add GZIP compression to most popular file types such as HTML, CSS, JS etc. If you need anything else that requires compressing, simply add more MIME types.

Now you need to include it to main Apache configuration. so open httpd.conf and Include httpd-deflate.conf.

vi /usr/local/apache2/conf/httpd.conf and make sure the following line is added.

Include conf/extra/httpd-deflate.conf

Share

Apache Shows PHP Code Instead Of Executing CentOS Linux

Make sure that PHP is installed and running correctly. An easy way to check is to run php -v from a command line and see if returns version information or any errors.

Make sure that the PHP module is listed and uncommented inside of your Apache’s httpd.conf

LoadModule php7_module modules/libphp7.so

Make sure that Apache’s httpd.conf file has the PHP MIME type in it. This should be something like AddType application/x-httpd-php .php. This tells Apache to run .php files as PHP. Search for AddType, and then make sure there is an entry for PHP, and that it is uncommented.

Share

Install Apache From Source Centos Linux

Follow the below steps to install apache in CentOS 7

Install EPEL Repository

In order to install EPEL repository execute following command:

sudo yum install epel-release -y

Install required tools for compilation

sudo yum install autoconf expat-devel libtool libnghttp2-devel pcre-devel -y

Download and unpack source code

Here are the links to the packages:

Apache httpd – https://github.com/apache/httpd/releases
APR – https://github.com/apache/apr/releases
APR-util https://github.com/apache/apr-util/releases

wget https://github.com/apache/httpd/archive/2.4.33.tar.gz
wget https://github.com/apache/apr/archive/1.6.3.tar.gz
wget https://github.com/apache/apr-util/archive/1.6.1.tar.gz
tar -zxvf 2.4.33.tar.gz
tar -zxvf 1.6.3.tar.gz
tar -zxvf 1.6.1.tar.gz

APR and APR-Util

Apache requires APR library for compilation. You need to copy the source codes to correct directory:

cp -r apr-1.6.3 httpd-2.4.33/srclib/apr
cp -r apr-util-1.6.1 httpd-2.4.33/srclib/apr-util

It’s important to not to include version number in APR directories. If you just copy apr-1.6.3 without changing the name, it will give you a warning about missing apr directory.

Compile source code

cd httpd-2.4.33
./buildconf
./configure --enable-so
make

Install HTTPD

sudo make install

Add Apache executables to PATH

If you try to type httpd -v in your command line, it will result in command not found. That’s because httpd is not on your $PATH. I’d like to have all executables from Apache available from everywhere. In order to achieve that, create file

sudo vi /etc/profile.d/httpd.sh

and paste there following contents:

pathmunge /usr/local/apache2/bin

Save the file, log out and log in from your current session to reload your profile. After that you should be able to use httpd -v command:)

Add Systemd entry

Starting, restarting, and enabling Apache on server start via systemctl command is very important thing. You need to create another file:

sudo vi /etc/systemd/system/httpd.service

and paste there following contents:

[Unit]
Description=The Apache HTTP Server
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/apache2/bin/apachectl -k start
ExecReload=/usr/local/apache2/bin/apachectl -k graceful
ExecStop=/usr/local/apache2/bin/apachectl -k graceful-stop
PIDFile=/usr/local/apache2/logs/httpd.pid
PrivateTmp=true

[Install]
WantedBy=multi-user.target

Save the file and reload the systemctl daemon

sudo systemctl daemon-reload

Now you can try to start your Apache httpd server with following command:

sudo systemctl start httpd

Create dedicated user and group for Apache

sudo groupadd www
sudo useradd httpd -g www --no-create-home --shell /sbin/nologin

Edit the httpd.conf file and update the user ad group.

User httpd
Group www

Now restart the server service httpd restart

So that’s it. You have fully working Apache httpd in latest version installed on your system .

This process might take some time, but you will have full control over httpd.

Share

Open Ports CentOS 7

To open up a new port (e.g., 80,21,22,3306 ) permanently, use these commands.

$ sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
$ sudo firewall-cmd --zone=public --add-port=3306/tcp --permanent
$ sudo firewall-cmd --zone=public --add-port=21/tcp --permanent
$ sudo firewall-cmd --zone=public --add-port=22/tcp --permanent

$ sudo firewall-cmd --reload

Without “–permanent” flag, the firewall rule would not persist across reboots.

Check the updated rules with

$ firewall-cmd --list-all
Share

SFTP User Creation CentOs

Step 1. Crate Group
groupadd sftponly

Step 2. Create user account
useradd -d /home/sftp/MYUSER -s /bin/false -G sftponly MYUSER

Step 3. Create a password for your username.
passwd MYUSER

Step 4. Ensure the following line is commented out in your sshd configuration file ( File Location: /etc/ssh/sshd_config )
# Edit the sshd_config file which holds the SSH/SFTP configuration
vi /etc/ssh/sshd_config
# Ensure this below Line has a hash symbol, # in front of it
#Subsystem sftp /usr/lib/openssh/sftp-server
# Ensure that this below line is added directly below the line you just commented out with a hash symbol #
Subsystem sftp internal-sftp

Step 5. Add the following to the bottom of the same file (it must be at the very bottom)
Match Group sftponly
ChrootDirectory %h
X11Forwarding no
AllowTCPForwarding no
ForceCommand internal-sftp

Step 6. Test the changes with sshd before restarting the service, please note it’s important you do this correctly, or may break your sshd configuration
sshd -t
service sshd restart

Step 7. Give proper ownership to the newly created folder
chown root:root /home/sftp/MYUSER

Step 8. Test SFTP credential is working:
# Connect to SFTP using the myuser, replace myuser with the user you’ve chosen
sftp myuser@localhost
myuser@localhost’s password:

Share