In this post i attempt to explain how to install MySQL, lighttpd, enable fastcgi and mysql support for php5 on a CentOS 6 x64 box. Finally I go onto explain how to install wordpress.
Versions of Software used in this post.
1. Part I: Installing MySQL
2. Part II: Installing and configuring lighttpd
3. Part III: Installing PHP and configuring MySQL support in PHP
4. Part IV: Installing and configuring WordPress
5. Part V: Credits
Part I: Installing MySQL
1. Install MySQL
[root@testserver /]# yum install mysql mysql-server
2. Create Startup links
Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:
[root@testserver /]# chkconfig --levels 235 mysqld on
[root@testserver /]# /etc/init.d/mysqld start
3. Create root password
Create a password for the MySQL user root (replace yourrootsqlpassword with the password you want to use):
[root@testserver /]# mysqladmin -u root password yourrootsqlpassword
4. Check where MySQL is listening
Then check with
netstat -tap | grep mysql on which addresses MySQL is listening.
[root@testserver /]# netstat -tap | grep mysql
If you see something like
tcp 0 0 localhost.localdo:mysql *:* LISTEN 3147/mysqld
then you are safe which means MySQL is listening on localhost.localdomain only, then you're safe with the password you set before. But if the output looks like this:
tcp 0 0 *:mysql *:* LISTEN 3147/mysqld
then you should set a MySQL password for your hostname, too, because otherwise anybody can access your database and modify data:
[root@testserver /]# mysqladmin -h testserver -u root password yourrootsqlpassword
You are done!!!.
Part II: Installing and configuring lighttpd
What is lighttpd?
“Security, speed, compliance, and flexibility — all of these describe lighttpd (pron. lighty) which is rapidly redefining efficiency of a webserver; as it is designed and optimized for high performance environments. With a small memory footprint compared to other web-servers, effective management of the cpu-load, and advanced feature set (FastCGI, SCGI, Auth, Output-Compression, URL-Rewriting and many more) lighttpd is the perfect solution for every server that is suffering load problems.” For more information, refer
http://www.lighttpd.net
Ref:
http://www.kernelhardware.org/lighttpd-and-centos-5/
The installation process of lighttpd is described below:
1. Install lighttpd via YUM
Lighttpd is not available from the official CentOS 5.0 repositories, but from the RPMforge repositories (see http://dag.wieers.com/rpm/FAQ.php#B2 for instructions). We install the RPMforge package for RHEL 5 which works for CentOS 6.0 as well:
1.1 RPMForge Install
1.1.1 RPMForge i386 install
[root@testserver /]# rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
[root@testserver /]# rpm –Uhv http://apt.sw.be/redhat/el6/en/i386/rpmforge/RPMS/rpmforge-release-0.5.2-2.el6.rf.i686.rpm
1.1.2 RPMForge x86_64 or 64bit install
[root@testserver /]# rpm --import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
[root@testserver /]# rpm –Uhv http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
2. Install lighttpd
[root@testserver /]# yum install lighttpd
(OR)
1.2 Direct Install
1.2.1 Get the lighttpd RPM
[root@testserver /]# wget http://pkgs.repoforge.org/lighttpd/lighttpd-1.4.28-2.el6.rf.x86_64.rpm
1.2.2. Install the rpm
[root@testserver /]# rpm -ivh lighttpd-1.4.28-2.el6.rf.x86_64.rpm
warning: lighttpd-1.4.28-2.el6.rf.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 6b8d79e6: NOKEY
Preparing... ########################################### [100%]
1:lighttpd ########################################### [100%]
3. Create Startup links
Create the system startup links and configure Lighttpd to startup automatically when system starts/boots
[root@testserver /]# chkconfig --levels 235 lighttpd on
4. Check status
[root@testserver /]# /etc/init.d/lighttpd status
lighttpd is stopped
5. Create required run directory and give user lighttpd permission. (typically if your yum install of lighttpd server is not working this is the fix to the problem)
[root@testserver /]# mkdir -p /var/run/lighttpd
[root@testserver /]# chown lighttpd:lighttpd /var/run/lighttpd
[root@testserver /]#
6. Make sure Port 80 is free
Verify that Apache is running on a different port.
[root@testserver /]# service httpd status (or) [root@testserver lighttpd]# /etc/init.d/ httpd status
httpd is stopped
Or a better way to check is to see if any webserver us running on Port 80 as follows:
[root@testserver /]# netstat -tulpn | grep 80
[root@testserver /]#
This command returns nothing, which means, port 80 is free.
If apache is running, then stop it by running the command
[root@testserver /]# /etc/init.d/httpd stop [ OK ]
7. Verify Lighttpd config file syntax
[root@testserver /]# lighttpd -t -f /etc/lighttpd/lighttpd.conf
Syntax OK
[root@testserver /]#
8. Start lighttpd
[root@testserver /]# /etc/init.d/lighttpd start
Starting lighttpd: 2011-07-30 06:52:41: (server.c.722) couldn't set 'max filedescriptors' Permission denied
[FAILED]
You might get this error above, this error is an SELinux Error.If you do not get this error, then skip to point 11.
Check lighttpd is listening for connections
[root@testserver /]# netstat -tap |grep lighttpd
tcp 0 0 *:http *:* LISTEN 2922/lighttpd
10. Disabling SELinux
There are 2 ways to turnoff/switch off SELinux
Permissive - switch the SELinux kernel into a mode where every operation is allowed. Operations that would be denied are allowed and a message is logged identifying that it would be denied. The mechanism that defines labels for files which are being created/changed is still active.
Disabled - SELinux is completely switched off in the kernel. This allows all operations to be permitted, and also disables the process which decides what to label files & processes with.
a. Permissive mode:
Temporary switch off enforcement. Run the command to temporarily switch of enforcement
[root@testserver /]# setenforce 0
The method switches off enforcement temporarily - until you reboot the system. If you want the system to always start in permissive mode, then check “b. Permanently Permissive”.
b. Permanently Permissive:
This method switches off enforcement permanently, then here is how you do it.
Edit
/etc/selinux/config and change just change
SELINUX=enforcing to
SELINUX=permissive, and you're done.
c. Fully disabling SELinux:
Edit
/etc/selinux/config and change just change
SELINUX=enforcing to
SELINUX=permissive, and you're done.
Check this article for more details on SELinux:
http://www.crypt.gen.nz/selinux/disable_selinux.html
11. Start lighttpd again
[root@testserver /]# /etc/init.d/lighttpd start
Starting lighttpd: [ OK ]
[root@testserver /]#
This verifies that lighttpd started properly.
12. Check Status of lighttpd
Check the status of lighttpd process, just to be sure its running properly.
[root@testserver /]# /etc/init.d/lighttpd status
lighttpd (pid 3049) is running...
[root@testserver /]#
13. Creating the index.html page
In my installation, I did not have an index.html page, so needed to create one, incase you already have an index page, then you can skip this step.
a. Find the Document Root/Home directory.
Find
lighttpd.conf file. Usually it is in
/etc/lighttpd/lighttpd.conf
Search for the variables
server_root and
document-root:
Concatenating your
server_root and
document-root gives you your Home DirectoryDocument root.
1: var.server_root = "/srv/www"
2:
3: ##
4: ## Document root
5: ##
6: server.document-root = server_root + "/lighttpd"
So, this means, your Document root/home directory is /srv/www/lighttpd
b.Check if index.html exists
[root@testserver /]# ls /srv/www/lighttpd
If this returns nothing, then you need to create the index.html file as follows
c. Creating your index.html file in the home directory.
[root@testserver /]# vi /srv/www/lighttpd/index.html
1: <html>
2: <title>lighttpd test page</title>
3: <head> </head>
4: <body>
5: <h1>CONGRATULATIONS!!!, <br>You are running lighttpd...</h1>
6: </body>
7: </html>
Save and Exit.
14. Check if lighttpd is running
Open
http://192.168.1.17/ in the browser, you should see your test page which you just created.
Congrats!!! you have lighttpd running.
Note: Lighttpd default paths
Directory Root (where to put your website files): /srv/www/lighttpd/
Lighttpd Config File: /etc/lighttpd/lighttpd.conf
Lighttpd log files: /var/log/lighttpd/
Part III: Installing PHP and configuring MySQL Support in PHP
15. Install PHP with yum
[root@testserver /]# yum install lighttpd-fastcgi php-cli
16. Configuring Lighttpd and PHP5
To enable PHP5 in Lighttpd, we must modify two files,
/etc/php.ini and
/etc/lighttpd/lighttpd.conf.
16.1 Modifying
/etc/php.ini
First we open
/etc/php.ini and add the line
cgi.fix_pathinfo = 1 right at the end of the file:
[root@testserver /]# vi /etc/php.ini
16.2 Find and uncomment module "mod_fastcgi"
For this, we need to find the server.modules section
server.modules = (
# "mod_rewrite",
# "mod_redirect",
# "mod_alias",
"mod_access",
# "mod_cml",
# "mod_trigger_b4_dl",
# "mod_auth",
# "mod_status",
# "mod_setenv",
"mod_fastcgi",
# "mod_proxy",
# "mod_simple_vhost",
# "mod_evhost",
# "mod_userdir",
# "mod_cgi",
# "mod_compress",
# "mod_ssi",
# "mod_usertrack",
# "mod_expire",
# "mod_secdownload",
# "mod_rrdtool",
"mod_accesslog" )
The server.modules is sometimes located in
/etc/lighttpd/lighttpd.conf or
/etc/lighttpd/modules.conf. Since this section was found in
/etc/lighttd/modules.conf, i will proceed taking this as the path.
Edit
/etc/lighttpd/modules.conf, find and uncomment the line
#include "conf.d/fastcgi.conf"
[root@testserver /]#vi /etc/lighttpd/modules.conf
Your config file should look like this
##
## FastCGI (mod_fastcgi)
##
include "conf.d/fastcgi.conf"
Save and Exit.
16.3 Changes in
conf.d/fastcgi.conf
Edit conf.d/fastcgi.conf and find the section "fastcgi.server"
[root@testserver /]#vi /etc/lighttpd/conf.d/fastcgi.conf
Find the following section
#fastcgi.server = ( ".php" =>
# ( "php-local" =>
# (
# "socket" => socket_dir + "/php-fastcgi-1.socket",
# "bin-path" => server_root + "/cgi-bin/php5",
# "max-procs" => 1,
# "broken-scriptfilename" => "enable",
# )
# ),
# ( "php-tcp" =>
# (
# "host" => "127.0.0.1",
# "port" => 9999,
# "check-local" => "disable",
# "broken-scriptfilename" => "enable",
# )
# ),
#
# ( "php-num-procs" =>
# (
# "socket" => socket_dir + "/php-fastcgi-2.socket",
# "bin-path" => server_root + "/cgi-bin/php5",
# "bin-environment" => (
# "PHP_FCGI_CHILDREN" => "16",
# "PHP_FCGI_MAX_REQUESTS" => "10000",
# ),
# "max-procs" => 5,
# "broken-scriptfilename" => "enable",
# )
# ),
# )
Things to do in this section
a. Uncomment the entire section
b. Verify your
php-cgi directory and change the directory from
/cgi-bin/php5 to
/usr/bin/php-cgi in sections
"php-local" and
"php-num-procs"
c. Change
socket_dir from
/var/lib/lighttpd to /var/run/lighttpd in
/etc/lighttpd/lighttpd.conf
Verify the socket directory
[root@testserver ]# grep -r 'home_dir' 'socket_dir' /etc/lighttpd
/etc/lighttpd/lighttpd.conf:var.home_dir = "/var/lib/lighttpd"
/etc/lighttpd/lighttpd.conf:#var.home_dir = "/lib/lighttpd"
/etc/lighttpd/lighttpd.conf:var.socket_dir = home_dir + "/sockets"
/etc/lighttpd/conf.d/scgi.conf:# "TMP" => home_dir + "/rails/someapp",
/etc/lighttpd/conf.d/trigger_b4_dl.conf:trigger-before-download.gdbm-filename = home_dir + "/trigger.db"
/etc/lighttpd/conf.d/webdav.conf: webdav.sqlite-db-name = home_dir + "/webdav.db"
/etc/lighttpd/conf.d/fastcgi.conf:# "TMP" => home_dir + "/rails/someapp",
/etc/lighttpd/conf.d/fastcgi.conf:# "TMP" => home_dir + "/rails/someapp1",
/etc/lighttpd/conf.d/fastcgi.conf:# "TMP" => home_dir + "/rails/someapp2",
[root@testserver ]#
Notice that the
socket_dir =
/var/lib/lighttpd/sockets
Edit
/etc/lighttpd/lighttpd.conf
[root@testserver ]# vi /etc/lighttpd/lighttpd.conf
Find the line
"var.socket_dir = home_dir + "/sockets" and change it to
var.socket=/var/run/lighttd
After the change,
/etc/lighttpd/lighttpd.conf should look like this
##
## Base directory for sockets.
##
## used in:
## conf.d/fastcgi.conf
## conf.d/scgi.conf
##
var.socket_dir = /var/run/lighttd"
Why we do this: because creating the socket in /tmp/ is a bad idea. This might have been the default in the included example a while back and the current still reads: "socket" => "/var/lib/lighttpd/php-fastcgi.socket"
d. Verify whether
/var/run/lighttpd exists, id it does not, create it
[root@testserver ]# mkdir -p /var/run/lighttpd
Your final
fastcgi.server section should look like this
fastcgi.server = ( ".php" =>
( "php-local" =>
(
"socket" => socket_dir + "/php-fastcgi-1.socket",
"bin-path" => "/usr/bin/php-cgi",
"max-procs" => 1,
"broken-scriptfilename" => "enable",
)
),
( "php-tcp" =>
(
"host" => "127.0.0.1",
"port" => 9999,
"check-local" => "disable",
"broken-scriptfilename" => "enable",
)
),
( "php-num-procs" =>
(
"socket" => socket_dir + "/php-fastcgi-2.socket",
"bin-path" => "/usr/bin/php-cgi",
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "16",
"PHP_FCGI_MAX_REQUESTS" => "10000",
),
"max-procs" => 5,
"broken-scriptfilename" => "enable",
)
),
)
Then we restart Lighttpd:
[root@testserver ]#/etc/init.d/lighttpd restart
Check whether lighttpd is running properly
[root@testserver ]#/etc/init.d/lighttpd status
Check if /var/log/lighttd/error.log is clean
[root@testserver ]#cat /var/log/lighttpd/error.log
2011-08-04 00:14:45: (server.c.1512) server stopped by UID = 0 PID = 2403
2011-08-04 00:14:49: (log.c.166) server started
[root@testserver lighttpd]#
But, if you see errors something like
2011-08-03 22:48:36: (log.c.166) server started
2011-08-03 22:48:36: (mod_fastcgi.c.978) bind failed for: unix:/var/lib/lighttpd/sockets/php-fastcgi-1.socket-0 Permission denied
2011-08-03 22:48:36: (mod_fastcgi.c.1399) [ERROR]: spawning fcgi failed.
2011-08-03 22:48:36: (server.c.938) Configuration of plugins failed. Going down.
To fix this issue:
[root@testserver ]# mkdir /var/run/lighttpd
[root@testserver ]# touch /var/run/lighttpd/php-fastcgi-1.socket
[root@testserver ]# touch /var/run/lighttpd/php-fastcgi-2.socket
[root@testserver ]# chown -R lighttpd:lighttpd /var/run/lighttpd
16.4 Creating a sample PHP script
Since the document root of the default web site is /srv/www/lighttpd, we will now create a small PHP file (info.php) in that directory and call it in a browser. The file will display lots of useful details about our PHP installation, such as the installed PHP version.
[root@testserver ]# vi /srv/www/lighttpd/info.php
Now we call that file in a browser (e.g.
http://192.168.1.17/info.php):
As you see, PHP5 is working, and it's working through FastCGI, as shown in the Server API line. If you scroll further down, you will see all modules that are already enabled in PHP5. MySQL is not listed there which means we don't have MySQL support in PHP5 yet.
17. MySQL Support in PHP 5
[root@testserver ]# yum search php
Pick the ones you need and install them like this:
[root@testserver ]# yum install php-mysql php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc
Now restart Lighttpd:
[root@testserver ]# /etc/init.d/lighttpd restart
Now reload
http://192.168.1.17/info.php in your browser and scroll down to the modules section again to find the "MySQL" section. You should now find lots of new modules there, including the MySQL module:
Part IV: Installing and configuring WordPress
Based on the scenario, there are different ways to install wordpress, but in this part, i will explain how to install wordpress on a server to which you have shell access.
1. Download and unzip WordPress
a. Download wordpress from
http://www.wordpress.org/
[root@testserver tmp]# wget http://wordpress.org/latest.tar.gz
b. Unzip WordPress
[root@testserver tmp]# tar -xzvf latest.tar.gz
The WordPress package will extract into a folder called wordpress in the same directory that you downloaded latest.tar.gz
c. Move the
wordpress folder to webroot
[root@testserver tmp]# mv wordpress/ /srv/www/lighttd/
2. Create the database and User using MySQL Client
For convenience, in this post, i am assuming the following values
Parameter | Value |
Databasename | wordpressdb |
WordPress Username | wordpressuser |
WordPress Password | wordpresspasswd |
Hostname | localhost |
WordPress Installation directory | /srv/www/lighttpd/wordpress |
a. Login to MySQL
[root@testserver tmp]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.1.52 Source distribution
Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL v2 license
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
b. Create the database
mysql> create database wordpressdb;
Query OK, 1 row affected (0.00 sec)
Replace databasename with a valid database name.
c. Granting privileges
mysql> GRANT ALL PRIVILEGES ON wordpressdb.* TO "wordpressuser"@"localhost" IDENTIFIED BY "wordpresspwd";
Query OK, 0 rows affected (0.00 sec)
d. Flush all Provileges and exit.
mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
mysql> EXIT
Bye
3. Setup wp-config.php
By default wordpress package does not come with a wp-config.php file but it does have a sample wp-config-sample.php, the easiest way is to copy wp-config-sample.php to wp-config.php
[root@testserver wordpress]#cp wp-config-sample.php wp-config.php
Then, edit wp-config.php
[root@testserver wordpress]#cp wp-config-sample.php wp-config.php
Replace DB_USER, DB_PASSWORD, DB_PASSWORD and DB_HOST with actual values. The final configuration should should look something like this
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'wordpressdb');
/** MySQL database username */
define('DB_USER', 'wordpressuser');
/** MySQL database password */
define('DB_PASSWORD', 'wordpresspwd');
/** MySQL hostname */
define('DB_HOST', 'localhost');
/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');
/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');
Security Keys
In Version 2.6, three (3) security keys, AUTH_KEY, SECURE_AUTH_KEY, and LOGGED_IN_KEY, were added to ensure better encryption of information stored in the user's cookies. (These collectively replaced a single key introduced in Version 2.5.) In Version 2.7 a fourth key, NONCE_KEY, was added to this group. When each key was added, corresponding salts were added: AUTH_SALT, SECURE_AUTH_SALT, LOGGED_IN_SALT, and NONCE_SALT.
You don't have to remember the keys, just make them long, random and complicated -- or better yet, use the
the online generator. You can change these at any point in time to invalidate all existing cookies. This does mean that all users will have to login again.
Example (don't use these!): Your final config file should look somewhat like this
/**#@+
* Authentication Unique Keys and Salts.
*
* Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
*
* @since 2.6.0
*/
A
secret key makes your site harder to hack and access harder to crack by adding random elements to the password.
4. Run the install script
Point your browser to
http://192.168.1.17/wordpress/wp-admin/install.php
Wordpress looks for a /srv/www/lighttpd/wordpress/wp-config.php and if found, it picks takes the settings from there (which we setup earlier), else it creates wp-config.php
Since we already set it up, we should see a page like this.
If this page appears, this means that wordpress is configured and is able to integrate with MySQL.
Part V: Credits
The following sites were very helpful and helped me complete this post. Thanks to all.
http://www.howtoforge.com/lighttpd_php5_mysql_centos5.0
http://www.howtoforge.com/lighttpd_php5_mysql_centos5.0_p2
http://www.kernelhardware.org/lighttpd-and-centos-5/
http://redmine.lighttpd.net/boards/2/topics/1717
http://codex.wordpress.org/Installing_WordPress