In this tutorial you'll learn how to install LAMP stack on Amazon Linux 2. LAMP is an acronym for Linux, Apache, PHP and MySQL.

You'll install Apache web server with PHP and MariaDB. You can use this server to host a static website or dynamic PHP application (ex. Wordpress).

Prerequisites

Before started, I assume you have an Amazon Linux 2 EC2 instance and you have connected to it. Also, your instance's security group must be configured to allow SSH (port 22) and HTTP (port 80). If you don't have, follow my previous tutorial Creating Your First Amazon EC2 Linux Instance.

Getting Started

First, you need to connect to your EC2 instance.

Ensure that all of your software packages are up to date:

sudo yum update -y

Install LAMP Stack

Install lamp-mariadb10.2-php7.2 and php7.2 Amazon Linux Extras repositories to get the latest versions of LAMP MariaDB and PHP packages for Amazon Linux 2:

sudo amazon-linux-extras install -y lamp-mariadb10.2-php7.2 php7.2

Install Apache web server and MariaDB:

sudo yum install -y httpd mariadb-server

Start the Apache web server:

sudo systemctl start httpd

Enable the Apache Web Server so it can start each time the system boot:

sudo systemctl enable httpd

Test your web server. Open a web browser and type the public IPv4 DNS address or the public IPv4 address of your instance. You should see the Apache test page:

Update Apache File Permissions

Apache httpd serves files that are kept in a directory called Apache Document Root which by default /var/www/html and owned by root.

To allow ec2-user to work with this directory, you need to modify the ownership and permissions of this directory.

First, add ec2-user (or your user) to apache group:

sudo usermod -aG apache ec2-user 

Change the group ownership of /var/www directory and its contents to the apache group:

sudo chown -R ec2-user:apache /var/www

Add group write permissions to /var/www directory and its future subdirectories:

sudo chmod 2775 /var/www && find /var/www -type d -exec sudo chmod 2775 {} \;

Add group write permissions to /var/www directory files recursively:

find /var/www -type f -exec sudo chmod 0664 {} \;

Logout and login again to pick the new group permissions.

Now, any member of the apache group (ex. ec2-user) can add, delete and edit files in the Apache Document Root.

To test your LAMP server, create a PHP file in the Apache Document Root:

echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php

Open a web browser, type your instance public IPv4 DNS address or public IPv4 address followed by the file you just created http://[public-dns-address]/phpinfo.php, you should see the PHP information page:

Delete the phpinfo.php file as it shouldn't be exposed to the Internet because it exposes information about your server:

rm /var/www/html/phpinfo.php

Now you have a fully functional Apache web server that's configured with PHP and MariaDB installed.

Secure the MariaDB Server

The default installation of the MariaDB server is great for testing and development, but for production servers you need to secure your database. There's a command mysql_secure_installation that walks you through the process of securing your MariaDB server.

Start the MariaDB Server:

sudo systemctl start mariadb

Enable the MariaDB Server so it can start each time the system boot:

sudo systemctl enable mariadb

Run mysql_secure_installation:

sudo mysql_secure_installation

By default, the root account doesn't have a password. press Enter:

Enter current password for root (enter for none):

Enter Y to set the root password:

OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y

Type your root password twice:

New password: 
Re-enter new password:

Enter Y to remove anonymous user:

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y

Enter Y to prevent root user to login remotely:

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y

Enter Y to remove the test database:

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y

Enter Y to reload table privileges:

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y

Congratulations🎉🎉 You have successfully installed the LAMP web server. In the next tutorial you'll learn how to host a Wordpress website on your LAMP web server.

Thank you for following through this tutorial. If you have any questions and/or if you want me to write about anything related to AWS please let me know.