LHMP Stack - Linux, Hiawatha, MariaDB, PHP!
Essentials on setting up a LHMP Stack.
After the era of the NSA Leaks, decentralized systems and self managed servers are gaining more attention. Many system administrators are looking for ways to implement systems that are safe, secure, and easy to use. The common goals shared by all of them resolve around privacy and protection of end-users data.
With this in mind, if you are trying to move away from Apache Web Server or looking for a lightweight Web Server such as Nginx, here is what we recommend: Hiawatha Web Server. Designed with security in mind, Hiawatha is a lightweight and highly secure Web Server, in both: code and features. It is capable of handling large number of requests while protecting your back-end servers against SQL injections, XSS, CSRF attacks and exploit attempts. The Hiawatha Web Server is distributed under the GPL license version 2. If you are interested in viewing the list of features that Hiawatha Web Server offers please go to the following link.
In this tutorial we will present the essentials of setting up a LHMP Stack (Linux, Hiawatha, MariaDB, PHP) for hosting and serving web contents.
The component that constitute the LHMP Stack are:
Server: Virtual Machine or Virtual Node with at least: 1 Core Processor with 512MB of Memory, and 10GB of Disk Space.
Operating System: Any Linux Distribution will do, but in our tutorial we will use CentOS 7.
Hiawatha: The web Server that will handle requests and serve contents to the end-user.
MariaDB: An enhanced, drop-in replacement for MySQL relational database management system.
PHP: The server side scripting language. Usually systems administrators like to install PHP along with Perl and Python. In this tutorial we will install them all.
Note: A basic knowledge in Linux Administration is also required.
To complete this tutorial your server will need to have access to the internet. Besides if you do not have a copy of CentOS 7, you can download it from here.
Create a user with sudo privileges:
After you have installed CentOS 7 on your server, next we will create a non-root user and assign him to the Wheel Group, then give him sudo rights.
Note: Do not forget to change “newuser” with a name that makes more sense.
Then set a strong password that you will remember.
The above command assigns the user newuser to the Wheel group.
Then find the following line:
#auth required pam_wheel.so use_uid and remove the “#” to comment it out.
Finally run the following:
And comment out the following line:
# %wheel ALL=(ALL) ALL by removing the “#”.
Conclusion: In the previous section, we learned how to create a new user and grant him root privileges. In Linux, it is recommended to run commands as a non root user. Preferably use a non root user with sudo power. Now we can switch to our new user environment by running the following command:
In the course of this tutorial, we will use a number of packages that are not available in the official CentOS 7.0 repositories. Therefore we will need to add the following repositories:rpmforge.repo, epel.repo.
- First thing first, check the architecture of your platform (x86_64 or i686):
By running the above command we know if we need
x86_64 repositories or
- Protecting the CentOS 7 base repository:
Next, edit the CentOS-Base.repo:
Then add the following line in the [base] section:
Save and exit.
- Import and install rpmforge, and epel repositories for the
The commands above will install the rpmforge repository.
Next, we will install the Epel repository:
Next, edit the epel.repo:
Then add the following line in the [epel] section:
Save and exit. Now we can run the following command to update and reboot our server:
Conclusion: In the previous section, we learned how to extend our repository by adding additional repositories. We also protected our Base Repository by installing the plugin
sudo yum install yum-protectbase , and raised the priority level of the Epel repository by installing the plugin
sudo yum install yum-priorities.
Install Development Tools:
Run the following to install the development tools we would need later on to build Hiawatha Web Server:
Conclusion: In the previous section, we just installed the Development Tools that we would need to build our Hiawatha Web Server. In addition we installed perl, python, and ruby.
Install and Configure PHP:
PHP is mainly used to execute codes on the server side, therefore it is known as a server side scripting language. To install PHP and its dependencies, run the following:
Next, we will configure our PHP environment:
Then set the following line section to look like so:
Conclusion: In the previous section, we learned how to install and configure PHP. Some applications may require you to re-edit the
php.ini file. Do so, while being aware of security risks.
Install and Configure NTP Time Server:
NTP is install by default on the CentOS 7 minimal install. Now we just have to configure it. In case you do not have it install on your server just run:
sudo yum install ntp.
Next, we will configure our NTP server and synchronize the Time server with our current time zone (America/Chicago).
Then change the server pool to a pool of servers close to your location. In our case we used the following pool, instead of the default pool
Save and exit. Restart the NTP Server:
Next, we will Set up the Date module in PHP:
then comment out the line
date.timezone by removing the
; and set the line to look like so:
date.timezone = America/Chicago
Note: if you have a different time zone other than America/Chicago remember to change it accordingly.
Also run the following to synchronize the localtime on your server to the NTP Servers:
Finally we will verify if the Ntp Settings are working:
Conclusion: In the previous section, we installed and configure our NTP Time Server. Do not forget to change the time zone to fit your current location or the location of your server (if you are using a Virtual Machine).
Install and Configure MariaDB Database:
MariaDB is an enhanced Database server, designed to be a drop-in replacement for the MySQL relational database system. To install MariaDB run the following:
Next, start MariaDB:
To Configure and Secure MariaDB run the following:
Enter to answer
Yes to all the prompts. Do not forget to set a new strong password for the root database user. Then restart MariaDB:
Finally, for security reasons, it is also recommended to rename the default root user to something different. In our case the default
root user will be changed to
Conclusion: In the previous section, we installed and configure our Database Server. We also modified the default
root user to
newroot. If you want to tweak more your database, you may want to take a look at the
/etc/my.cnf configuration file.
Installing Hiawatha Wed Server:
To build Hiawatha Web Server, we woud need to have to create a Cmake environment, then configure PHP to work with Hiawatha.
- First, let download and install Cmake:
Note: At the time of this writing the latest version of Cmake was 3.0.2. Feel free to use the latest and current version.
- Next we will configure PHP to work with Hiawatha:
Then set the following line sections to look like so:
Save and exit out of the
php.ini configuration file.
- Now we can Download and install the latest version of Hiawatha:
If the latest command returns some error, try to run the following:
Then continue with the build:
- Starting and Stopping Hiawatha Web Server:
Verify that our Hiawatha Web Server is running:
Now you can direct your browser to http://serverIpaddress to view the welcome page from Hiawatha.
T stop our Hiawatha Web Server we would need the
hiawatha PID number. Once we have that run a
sudo kill -15 command. For example:
14219 is our current hiawatha PID number.
- Hiawatha Useful Commands:
General Conclusion: This marks the end of our Tutorial, Essentials on setting up a LHMP Stack. In a upcomming tutorial we will introduce more advanced topic such as creating VirtualHosts, Rewrite Rules, Fast-CGI, and more. So stay tuned!