Instalacija LAMP i phpMyAdmina na CentOS 7

U ovom uputstvu na CentOS 7 minimal instalaciji na nekom tamo VPS-u ćemo instalirati LAMP (Apache, MariaDB, PHP) kao i phpMyAdmin, postaviti osnovnu zaštitu kao što su promena ssh porta, osnovna firewall zaštita. U ovom primeru pretpostavićemo da je u pitanju jedan sajt, pa se nećemo igrati virtualnim hostovima i slično.

# Ažuriranje sistema yum update -y # Dodavanje non-root korisnika, zabrana logina za root, promena porta useradd kompjuteras passwd kompjuteras gpasswd -a kompjuteras wheel su - kompjuteras sudo sed -i s/"#PermitRootLogin yes"/"PermitRootLogin no"/g /etc/ssh/sshd_config sudo sed -i s/"#Port 22"/"Port 53535"/g /etc/ssh/sshd_config sudo systemctl reload sshd # Zamena firewalld sa iptables: https://kompjuteras.com/kako-zameniti-firewalld-sa-iptables-om-na-centos-7/########################################################################################################## vi FIREWALL.sh # Dodati u fajl ovo ispod do tarabica #!/bin/sh service iptables stop iptables -F iptables -X service iptables save # Javni portovi        ------------------------------------------------------------------- iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 53535 -j ACCEPT # Per IP izmene ----------------------------------------------------- iptables -A INPUT -s 222.222.222.222 -p ICMP --icmp-type 8 -j ACCEPT # promeni svojom IP # OSTALO -              ------------------------------------------------------------------ iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A INPUT -s 127.0.0.1 -j ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT # Drop svega sto nije ovo gore i reload iptables -A INPUT -j DROP service iptables save service iptables restart exit 0 ########################################################################################################### sudo chmod +x FIREWALL.sh sudo ./FIREWALL.sh # Instalacija LAMP i phpmyadmin sudo rpm -iUvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm sudo yum install httpd mariadb-server mariadb php php-mysql phpmyadmin vim sudo systemctl start httpd.service sudo systemctl enable httpd.service sudo systemctl start mariadb sudo mysql_secure_installation sudo systemctl enable mariadb.service sudo vim /etc/httpd/conf.d/phpMyAdmin.conf # Izmeniti pristupne adrese sudo systemctl restart httpd