What is a LAMP stack?
A LAMP stack is the classic open-source platform for serving dynamic websites and web applications. The acronym stands for four layers working together:
- Linux — the operating system (Ubuntu, in this guide)
- Apache — the web server that handles HTTP requests
- MySQL — the relational database that stores your data
- PHP — the language that generates dynamic pages
This tutorial walks you through a complete, hardened installation on Ubuntu 24.04 LTS (the steps also apply cleanly to 22.04 LTS and the newer 26.04 LTS). By the end you will have a working web server with a tested virtual host, a secured database, and PHP processing pages.
If you are running this on a VPS or cloud server in the Kingdom, keeping your data in-Kingdom helps with PDPL data-residency requirements while delivering low latency to users in Riyadh, Jeddah, and Dammam.
Prerequisites
- An Ubuntu 24.04 server (a Skyline Cloud VPS works well).
- A non-root user with
sudoprivileges. - SSH access to the server.
Start by refreshing the package index:
sudo apt update
sudo apt upgrade -y
Step 1 — Install Apache and configure the firewall
Install the Apache web server:
sudo apt install apache2 -y
Ubuntu ships with the UFW firewall, and Apache registers application profiles with it on install. List them:
sudo ufw app list
You will see Apache, Apache Full, and Apache Secure. Allow Apache Full to open both HTTP (80) and HTTPS (443). If UFW is not yet active, allow SSH first so you do not lock yourself out:
sudo ufw allow OpenSSH
sudo ufw allow 'Apache Full'
sudo ufw enable
Confirm Apache is running:
sudo systemctl status apache2
Now visit http://your_server_ip in a browser. You should see the default Apache landing page.
Step 2 — Install MySQL and secure it
Install the MySQL database server:
sudo apt install mysql-server -y
The service starts automatically. Next, run the built-in hardening script, which removes insecure defaults:
sudo mysql_secure_installation
The script prompts you to:
- Optionally enable the VALIDATE PASSWORD component (choose a policy level if you want enforced password complexity).
- Remove anonymous users — answer Y.
- Disallow remote root login — answer Y.
- Remove the test database — answer Y.
- Reload privilege tables — answer Y.
On a fresh install the root account uses auth_socket, so you log in from the shell without a password:
sudo mysql
For applications, never use root. Create a dedicated user and database instead:
CREATE DATABASE app_db;
CREATE USER 'app_user'@'localhost' IDENTIFIED BY 'a_strong_password';
GRANT ALL PRIVILEGES ON app_db.* TO 'app_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;
Step 3 — Install PHP
Install PHP, the Apache PHP module, and the MySQL connector:
sudo apt install php libapache2-mod-php php-mysql -y
Most applications also need a few common extensions:
sudo apt install php-cli php-curl php-gd php-mbstring php-xml php-zip -y
Check the installed version:
php -v
Step 4 — Tell Apache to prefer PHP files
By default Apache serves index.html before index.php. To make PHP applications work as expected, raise the priority of index.php. Open the directory-index config:
sudo nano /etc/apache2/mods-enabled/dir.conf
Move index.php to the front of the list:
<IfModule mod_dir.c>
DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
</IfModule>
Save, then reload Apache:
sudo systemctl reload apache2
Step 5 — Create a virtual host
Virtual hosts let one server host multiple sites. Create a document root and a config file for your domain (replace example.com):
sudo mkdir -p /var/www/example.com
sudo chown -R $USER:$USER /var/www/example.com
sudo nano /etc/apache2/sites-available/example.com.conf
Add the following:
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
ServerAdmin webmaster@example.com
DocumentRoot /var/www/example.com
ErrorLog ${APACHE_LOG_DIR}/example.com_error.log
CustomLog ${APACHE_LOG_DIR}/example.com_access.log combined
</VirtualHost>
Enable your site, disable the default site, and reload:
sudo a2ensite example.com.conf
sudo a2dissite 000-default.conf
sudo systemctl reload apache2
If you plan to use clean URLs (common in WordPress and Laravel), enable the rewrite module:
sudo a2enmod rewrite
sudo systemctl restart apache2
Step 6 — Test PHP processing
Create a test file in your document root:
nano /var/www/example.com/info.php
Add:
<?php
phpinfo();
Visit http://example.com/info.php (or your server IP). You should see the PHP information page, confirming Apache is handing .php files to PHP. Delete this file immediately afterward — it exposes server details:
rm /var/www/example.com/info.php
Quick command reference
| Task | Command |
|---|---|
| Restart Apache | sudo systemctl restart apache2 |
| Reload Apache config | sudo systemctl reload apache2 |
| Test Apache config syntax | sudo apache2ctl configtest |
| Restart MySQL | sudo systemctl restart mysql |
| Log in to MySQL | sudo mysql |
| View Apache error log | sudo tail -f /var/log/apache2/error.log |
Next steps
Your LAMP server is ready. Recommended follow-ups:
- Add HTTPS. Issue a free Let's Encrypt certificate with Certbot, or use a managed SSL option so traffic is encrypted.
- Point a domain. Connect a
.saor other domain via managed DNS so users reach your site by name. - Set up business email. Pair your site with reliable business email hosting on your own domain.
- Schedule backups. Automate cloud backups of
/var/wwwand regularmysqldumpexports of your databases.
Want a server with this stack ready to go, in-Kingdom data residency, and local Arabic support? Sign up for Skyline Cloud and spin up your VPS in minutes.
Comments
0 total · 0 threads