Posted tagged ‘tutorial’

Ultimate guide to setting up the LAMP stack on CentOS 6 (Apache, PHP, MySQL)


Brace for awesome!

This is a tutorial that covers the entire process of setting up CentOS 6 and installing/configuring Apache, PHP, MySQL, SELinux and iptables, as well as securing the server. This tutorial will give you a base setup for running static as well as dynamic web sites using PHP and MySQL. This tutorial suits VPS or other low-memory configuration as well as dedicated servers.


This tutorial assumes basic knowledge of shell/console usage and knowledge of one text editor.

You need a freshly installed CentOS 6 installation to proceed (Minimal installation is recommended) Once you’re in a root shell, start reading below!

Step 1 – Choose a text editor

Nano is very simple to use and has on-screen help at all times.

Vim is a good editor, but has a slightly steeper learning curve. Here is a good tutorial.

If you find it hard to choose, install and try them both by installing thei via Yum, the CentOS package manager!

yum install vim nano

Since this is your first installation using Yum you may be prompted about importing a GPG key. Enter Y followed by the Enter key to accept.

Step 2 – Configure your network

Attempt to ping an external server, such as google:

ping -c 4

If you receive a response, skip the rest of this section as you have connectivity. If it fails, keep reading.

Not having connectivity is most often due to the lack of a DHCP server running on the network to issue an IP to your server. If that is the case, you need to configure the IP manually.

Here is a useful step-by-step tutorial for setting up static IP address on CentOS 6.

Step 3 – Update your system

After a fresh CentOS 6 install, run:

yum update

Select all updates and let it complete, now run:

cat /etc/*release*

You should see your CentOS version, at the time of writing this, that version is:
CentOS release 6.4 (Final)

Step 4 – Configure (or disable) SELinux

I usually disable SELinux as it makes for some cryptic errors when running the LAMP stack. If you would like to have a go at running SELinux enabled with LAMP, here is a good article to get you started.

To disable SELinux:

vim /etc/selinux/config

Change the SELINUX= line to disabled, like so:


Now reboot your machine

shutdown -r now

Step 5 – Add the EPEL repo

EPEL is an extra software repository with a lot of useful software that is not in the base repo. We will need it later, so let’s add it to our CentOS install! Go to this page to get the most up to date EPEL version. Copy the link from the text epel-release-6-x.noarch and use it in the command below:

rpm -Uvh

Depending on the version of CentOS installed, you might need to change x86_64 to i386 in the URL to the repo.

Step 6 – Install Apache, MySQL and PHP

Issue the command:

yum install mysql mysql-server mysql-devel httpd php-common php-gd php-mcrypt php-pear php-pecl-memcache php-mysql php-xml php php-mcrypt php-mbstring php-devel gcc pcre-devel

Enable Apache and MySQL on startup

chkconfig httpd on
chkconfig mysqld on

Start Apache and MySQL

service httpd start
service mysqld start

After starting mysqld, you will receive a prompt to change your MySQL root user password. The dialogue will read…

To do so, start the server, then issue the following commands:

Two commands will be presented to you, run them both. You will need to use your server name in the second command, as the help prompt instructs you. The base commands are:

/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h your-hostname password 'new-password'

Your web server should now be reachable via http://<your-server-ip&gt; in a web browser. If you have started Apache but the server is not visible, you probably need to configure iptables.

Step 7 – Configure iptables

Load up the iptables config file

vim /etc/sysconfig/iptables

Below the :OUTPUT ACCEPT [0:0] line, add

-A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT

If you are going to be changing your SSH port (see separate section below), now is a suitable step to allow connections to the new SSH port.

If we are changing SSH to port 4711, this line should also be added:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 4711 -j ACCEPT

Step 8 – Change SSH port

Changing your SSH port makes it harder for hackers to find information about your server via port scanning. To change the port (in our case to 4711), open the sshd config file:

vim /etc/ssh/sshd_config

Search for the line “#Port 22”, change it to:

Port 4711

(Note the removal of the hash sign.)

Make sure you have added the iptables rules for your new port! (See section above.)

Restart sshd by issuing:

service sshd restart

If you are currently on a SSH console, log out and log back on to your server using the new port.

Step 9 – Install extra “nice-to-have” packages if desired

This section is optional, go to Step 10 to continue if you don’t want any extra packages.

Good replacement for top.

yum install htop

curl and wget
Simplifies file retrieval from the command line. You should install at least one of these. They are often included in your CentOS installation.

yum install curl wget

This package allows you to unzip files

yum install unzip

Manuals for commands. Sometimes not included in minimal installations.

yum install man

Step 10 – Reboot!

Now is a great time to reboot, issue the command

shutdown -r now

If your server is not accessible with SSH/HTTP after reboot, there might be something amiss with the iptables settings.

Step 11 – Install phpmyadmin

phpMyAdmin is a powerful tool for manipulating MySQL databases, let’s install it!

cd /var/www/html
mv phpMyAdmin-3.5.6-english phpmyadmin
rm -f

Now you can browse to:

Add blowfish_secret for security

cd phpmyadmin

Add a secret key to $cfg[‘blowfish_secret’] so it looks like below:

$cfg['blowfish_secret'] = 'your-secret-key';

According to this site, your password may contain up to 46 characters.

It’s also a good idea to protect phpMyAdmin behind another layer, HTTP authentication.

You can find out how to do that in this excellent tutorial.

Step 12 – Add extra users

useradd username
passwd username

Allow your new user to sudo
sudo allows a user to temporarily take on the role as root.

vim /etc/sudoers

Note: If you are getting a blank text file (not found) in this step, install sudo with
yum install sudo

Find the line:

root    ALL=(ALL)       ALL

Under this line, add a new one to allow your newly created user to use sudo:

username ALL=(ALL)       ALL

Save the file (it’s read-only, so you need to force the write using :wq! in Vim)

Step 13 – Configure Apache

Let’s make some sane modifications to the Apache configuration to improve default behaviour and lower the memory consumption. I am configuring this for a 512MB server, if you have more memory you may retain these values at their original settings or adjust them differently.

vim /etc/httpd/conf/httpd.conf

Allow for .htaccess overrides

Search for the AllowOverride directive in the configuration file.

Change the instances of:

AllowOverride None


AllowOverride All

You will also need to uncomment the general AllowOverride declaration by removing the hashtag (#) in front of it.

Before (commented out):

# AllowOverride All

After (Correct version):

AllowOverride All

Change the amount of workers spawned

Find the IfModule prefork.c directive and change according to the example below.

<IfModule prefork.c>
 StartServers       8
 MinSpareServers    5
 MaxSpareServers   20
 ServerLimit      256
 MaxClients       256
 MaxRequestsPerChild  4000

This reduces the memory footprint of Apache, in exchange for slower responses under heavy load.

Enabling KeepAlive

Change the KeepAlive directive from Off to On.

Enabling KeepAlive improves the speed at which pages load, but may make your server crash under heavy load. See this blog post for some interesting etails.

Step 14 – Configure PHP

Let’s edit the PHP configuration file:

vim /etc/php.ini

Increase the maximum upload file size

I like to set this pretty high, as you can limit the upload filesize in a PHP script should you need it.

upload_max_filesize = 128M

You will also need to change the post_max_size restriction:

post_max_size = 128M

Increase the memory limit of PHP

This limit controls the maximum amount of memory a single script is allowed to use. The default (128M) is sensible, but you can increase it if you have a good amount of memory.

memory_limit = 256M

Increase the maximum execution and input time

The default maximum script execution time is a measly 30 seconds. You can easily bump this to 300 seconds.

max_execution_time = 300

The default maximum time to wait for POST and GET data is 60 seconds. File uploads are counted into this, so it is desirable to increase this to avoid errors when uploading large files.

max_input_time = 300

Enable the short_open_tag directive, to support shorthand syntax such as <?=$var?>. Here’s how to enable it:

short_open_tag = On

Now we can restart httpd and the changes will be active

service httpd restart

Install opcode cache

Speed up your PHP applications by installing the Alternative PHP Cache (APC).

First we need to install some dependencies, then we will compile APC using PECL.

yum install make
pecl channel-update
pecl install apc-3.1.13

Press enter multiple times when prompted to select options (this will pick the defaults.).
Add the APC extension to the PHP configuration:

vim /etc/php.ini

Under the line [PHP] add:

Adjust size of cache:

vim /etc/php.d/apc.ini

We are setting the cache to use 256MB:


(The file apc.ini does not exist at this point, simply write your changes and APC will pick up on it.)

Restart Apache and we’re done!

service httpd restart

Optional: APC comes with a small web-based control panel. It’s included in the installation but you need to copy it to your web root to use it:

cp /usr/share/pear/apc.php /var/www/html

Now you can navigate to /apc.php on your server to see the cache stats.

Step 15 – Configure MySQL

Save your default password for mysqldump

To run mysqldump in a cron job (read more about cron jobs in Step 17), you need to set a username and password to the MySQL configuration file.

Open up the file:

vim /etc/my.cnf

Add the following lines at the bottom of it:

 user = mysql-user
 password = your-password

It is not advisable to use the root user here, instead, you may use an account with global read privileges.

(Optional) Disable InnoDB

If you want to use save memory (about 60-100 MB) and don’t need InnoDB tables, you may disable them by editing the MySQL configuration file.

vim /etc/my.cnf

Under the [mysqld] directive, add the following line:


Step 16 – Add virtual hosts to Apache

Virtual hosts allow multiple web sites to be served from a single Apache installation.

The virtual hosts can be added to the end of the Apache configuration file.

Here is an example configuration with two web hosts:

NameVirtualHost *:80

<VirtualHost *:80>
DocumentRoot "/var/www/html"

<VirtualHost *:80>
DocumentRoot "/var/www/html/"

Step 17 – Set up cron jobs

Setting up cron jobs is useful for scheduling tasks. For this we’re going to install CRON and Crontab.

yum install crontabs
chkconfig crond on

To see the local user crontab issue:

crontab -e

Here is a great resource for learning how to manipulate the crontab file.

Remember that the scheduled commands are run as the user whos crontab they are in. For cron jobs that require elevated privileges, using the root crontab or changing file permissions may be necessary.

Setting up a cron job to backup all mysql databases

First start editing the crontab:

crontab -e

Now add a new line, which will run our command:

0 0 * * * mysqldump --all-databases > /root/sqldump.sql

This simple command will back up all databases to the file /root/sqldump.sql at midnight every day.
Note: This requires you to set a [mysqldump] user, as advised in Step 15.

You’re done!

Congratulations on setting up CentOS 6 with LAMP. The section below contains useful commands and other tweaks you can perform.

Test disk speed

Disk speed indicative of performance, different tests test different things, different on virtual environments (such as OpenVZ and KVM) and dedi, some tests might be better for some of them.

dd if=/dev/zero of=test bs=64k count=16k conv=fdatasync

How to judge your result (note that this is only accurate for the exact test above)

  • 0-25 MB/s -> Garbage
  • 25-70 MB/s -> Acceptable
  • 70-120 MB/s -> Good
  • >120 MB/s -> Excellent

Miscellaneous: Quick reference of useful commands

Check disk usage

df -h

Disable or enable iptables

chkconfig iptables on/off

Dump all your MySQL databases to a file (suitable for backup, in crontab or similar)

In Step 15 we saved our MySQL username and password in the MySQL configuration file /etc/my.cnf

Now we can use mysqldump without a password. To dump all databases into a file, issue:

mysqldump --all-databases > /root/sqldump.sql

Listing services that automatically run at startup, and their runlevels

chkconfig --list

Miscellaneous: Setting appropriate file permissions for PHP sites

We’d like for Apache to have as little access to the files it serves as possible. This limits the effects PHP and Apache exploits.

To accomplish this, let’s run an example with a fictional site residing in the folder:


To secure this site we are going to put up the following restrictions:

  • Files can only be read
  • Directories can only be read and executed (this is required for PHP to work)
  • Apache is the owner of all files

To do this, we invoke:

chown -R apache:apache /var/www/html/yoursite
chmod -R 400 /var/www/html/yoursite
chmod -R a+X /var/www/html/yoursite


That’s it for this tutorial! I appreciate any feedback you might have, so if something is unclear or can be improved, feel free to leave a comment!

Sources and additional information

How-to: Fix a Nintendo DS Lite that won’t turn on


A while ago I dropped my DS Lite on the floor. It wasn’t a particularly long fall, but it landed completely flat, and it really didn’t sound good when it fell. Much to my dismay, after this incident it did not start again. Sliding the power switch did absolutely nothing. Trying to charge it there was no light at all, and it did not turn on with the charger plugged in. So I figured that I might as well open it up and take a look to see if perhaps it was something simple. I’m sure there are a number of things that can break when you drop your DS, so I can’t guarantee that this will work for you, but I did find this thread about a person having a similar issue.

Open it up
For opening the DS Lite, please go to this great thread over at GBAtemp. I followed the intructions and it was pretty easy. Just don’t make the same mistake I did and forget to take the Slot 2 card out of the DS before unscrewing the back, and remember you’ll need both a small phillips head and trigram screwdriver.

As soon as I took the backplate off, I noticed a little piece falling out – meet the resistor fuse!

This is a small surface-mounted component that had fallen off the PCB, and armed with that knowledge I started looking around trying to find where it once was. The hi-res photos of the DS Lite PCB over at the GBAtemp thread were of great help. After some time, I located the place of the component.

The fix
Since the component was very small (about 0.2-0.3cm in length) I was unsure if I would be able to solder it back onto the PCB directly, so I opted for the more cumbersom, but safer approach – soldering it to two pieces of wire and then soldering the wires to the PCB. Here’s how it turned out:

Wires, the component attached to them.

Close-up of joints on the PCB. Not the prettiest solder joints around, but considering the small size it’s still quite the accomplishment for me. 🙂

At this point I tried to turn the DS on by pressing the battery against the battery connectors on the back. If it turns back on, like mine did – congratulations, your joints are working and you’ve got the DS back to life!

Tidying it up
Using electrical tape, I affixed the component to the PCB to make sure it doesn’t wiggle around.

I actually had to go back after this picture and remove some tape because it was just so much that I could barely fit the backplate on. I also attached a tiny piece of tape between the connectors on the PCB, since I didn’t want them to short out if the cable twisted in some weird way.

Quite a fun project. This did take probably 4-5 hours with internet research, diagnosing and soldering, but it was very rewarding. Let me know if you’ve had this problem and the fix worked for you!

In other news

Just a couple of days left before the first Professor Layton movie comes out abroad, and with the third game coming out in English just last week I have Layton fever!

Dreamcast battery replacement mod (2xAAA)



I recently got a Dreamcast to play some of the unique games on the console (mainly Seaman and Samba De Amigo) and quickly noticed that the internal battery was drained which would cause the internal clock to reset every time I powered the console off. To play certain games (including Seaman) your clock needs to be fully working, so I set out to find a replacement.

Google that!
Finding information about how to replace it seemed to be simple enough, but many people seem to disagree on what kind of battery is actually in there, some claimed it to be a normal CR2032, the ones in the VMU; others claimed it was a rechargeable version, the ML2032. When I opened mine up it turned out to be a ML2430 (datasheet) which seems roughly equivalent to the ML2032. A problem is that these batteries are insanely expensive, and I’m not even sure they’re being manufactured anymore. However, we can use two cheap rechargeable AAA batteries for the same effect.

The mod

Disassembling the Dreamcast member shredhead posted a simple tutorial, all credits to him, I’m just adding my additional pictures and experience. If you’re looking for the long version, go ahead and read the linked post.

You start out by disassembling your Dreamcast. There are four screws on the back and when they’re out the top slips right off. You’ll have something looking like this (click image for larger version):


First, you need to unscrew the power supply unit (the left circuit in the picture) and lift it out. It usually sits pretty tight, so be firm but careful. It’s attached with six pins (‘A1’ in the image) which you need to be careful not to break when you pull it. It will still be attached to the power button, so you can just leave it hanging on the side.

Then unscrew the controller ports module, detach the ribbon cable carefully (‘B’ and ‘B1’, respectively) and lift out the module. Also note the battery at ‘C’.

Now things should be looking like the image below.


Now that we have the controller module, let’s get started on assembling  the battery pack. Wire the two rechargeable AAA batteries according to the guide below.

“Crap wiring guide”, kindly borrowed from the original post below:


Here’s how my pack turned out. first soldered and then bundled together with electrical tape:


Soldering on batteries isn’t the easiest of things, so I’d recommend buying special batteries suitable for soldering.  (usually available in well-stocked hardware stores) but they might end up costing you as much as a replacement battery, so if you’re handy and quick with the soldering iron you’ll probably manage it just fine. Remember not to expose the batteries to the heat of the soldering iron for a prolonged time, as this can decrease the voltage you get out of them. Mine went down from about 2.5v to just below 2v (tested with multimeter.) but everything still works just fine.

Assembling the battery pack and controller.
Note the picture of the controller board upside down, it shows the polarities that you will need to connect. You will only need to solder one of the positive connectors. You will need to remove the old battery first by applying your soldering iron to the three points while wiggling the battery until it comes loose.


Finished result after soldering and assembling everything again:


(Yes, I screwed up the cable colors, the black one is positive and the yellow one is negative!)

The pack fits snuggly between the GDROM drive and the ribbon cable, I used another piece of electrical tape to make sure it sticks.

Final word
Best of luck with this mod, may it give you a reason to dust off your Dreamcast!

Building a HTPC Media Center Using Windows XP and MediaPortal


user53582_pic234_1233029457MediaPortal running the Bleazle skin

As of recently, I hadn’t taken the step into a full-fledged HDTV experience. For me, the Xbox continued to serve as the best media center there ever was. But since my plasma is HD-ready at 720p, I decided it was finally time to upgrade.
The PC
I had some old pieces from my former stationary laying around, and decided to build it into a HTPC! The motherboard was an old Socket 754 with an AMD Athlon64 3000+ running at 2ghz, which is really pushing it in terms of processing power when it comes to decoding h.264 (the most common video format used in conjunction with high definition video), but there was nothing to lose by trying either! So I put in 1GB worth of RAM and an ATI Radeon 9200se graphic adapter. I was lucky to have a TV with VGA in, so I didn’t have to use any form av HDMI/DVI adapters or the like.

coreavcwc9The OS and software
After installing Windows XP on it I immediately installed the windows port of XBMC, but was very sad to see that regular playback of a h.264-encoded 720p file was running the processor at a good 80-95%, and that’s without any excessive motion on the screen, unfortunately finding a hi-def video that tried to push the CPU to its fullest proved to be a difficult task, but it was pretty clear that the poor soldier wasn’t going to make it. I had heard of CoreAVC, and decided to see if it performed better, as I was told that it was a far more efficient decoder than the one mplayer (which is what XBMC uses for playback) was using. Unfortunately, XBMC does not support the use of CoreAVC, and so with a little tear in my eye I set out to find a suitable replacement. I was earlier told of a windows-only fork called MediaPortal, and lo and behold – the 1.0.0 stable release had just come out! The software installed nicely, and you could select CoreAVC as the renderer for h.264 content. Now MediaPortal has its own flaws – despite being a direct fork of the XBMC project it has no support for playback from uncompressed RAR files. Also, subtitle support is simply broken in this particluar release, as you can not change the color or the size of the subtitles (they’re really miniscule by default!) which is outright embarrassing for a big release like this. Performing new tests on the same videos now showed a CPU usage ranging from 40-60%, which was an incredible improvement, and at 7.95 USD CoreAVC was definitely worth the cost for bringing flawless 720p playback to an old struggling computer.


The remote control
A remote control is something no media center should be without. MediaPortal has  support for multiple brands of remote controls, amongst them the Windows MCE Remote. Since they’re discontinued I couldn’t find a Swedish reseller and so I looked on eBay for some knockoffs, but I was afraid that there might be something that prevented it from working and that I’d have a nice 20 USD paper-weight (which wasn’t even especially heavy!) After some inspection of the market I decided that a full-fledged wireless keyboard would be out of the question too, seeing as they started at around 80 USD unless you wanted the low-end models. I was briefly looking at the Ione Scorpius P20 but was told that it had very bad syncing issues, where the receiver would lose contact with the unit itself after reboots, which would be very difficult to tolerate in the long run. Finally I arrived at my decision, a resonably priced Logitech Cordless Number Pad! Not only is it a quality product, it actually has somewhat of a remote control form factor thing going on, and it’s pretty stylish, although several people have said that it “looks like a calculator”, which truth be told isn’t really a compliment!


Remap hell
I had some hopes that the pad would run in “no num-lock mode” and would simply convert the numbers to corresponding arrows which works great for controls in MediaPortal, but that was not the case. The solution Logitech has implemented is actually very brutal. If you don’t have num lock enabled the drivers enable them for a split second on any attached keyboards when you press a button on the unit, which you can notice as the num lock icon flashes briefly on the secondary attached keyboard. I tried using the MediaPortal configuration utility, but even after removing all mapping to the 1-9 keys it was still giving me trouble with using them as controls. After some googling I found that the easiest way would be to remap keys under windows, but the key mapping software I tried (not naming any names) did not work properly. Finally I stumbled upon the Windows Server 2003 Resource Kit Tools (mirror), which contained the wonderful Remapkeys.exe utility. Unlike the other software I tried this worked like a charm. Since my keyboard keys are named in Swedish the picture above might not prove useful to you, but I remapped the keyboard arrows to 2,4,6 and 8, space to 0 and the escape key to 5, which makes for basic operations in MediaPortal.

Building and setting up a HTPC is a very fun and interesting project, not to mention that it gives you access to some high-definition glory!