This article taken from
http://gollum.tansodesign.com/sasha/install-linux-apache2-php.html
Introduction
The purpose of this document is to describe the setup of the secure web application server on Linux -
we will build Apache with mod_ssl and PHP, implemented as a DSO component. We assume, that by the
time of the installation OpenSSL and MySQL libraries are already installed.
For log rotation we use cronolog.
Download Components
Get the distributions:
root@gollum:/usr/local/src# wget http://www.apache.org/dist/httpd/httpd-2.0.39.tar.gz
root@gollum:/usr/local/src# wget http://www.php.net/do_download.php?download_file=php-4.2.1.tar.gz
root@gollum:/usr/local/src# wget http://www.cronolog.org/download/cronolog-1.6.2.tar.gz
Unpack distributions.
Build And Install Apache
Build Apache with DSO, SSL and digest authentication support and install it:
root@gollum:/usr/local/src/httpd-2.0.39# ./configure --prefix=/usr/local/apache2 --enable-so --enable-ssl --with-ssl=/usr --enable-auth-digest
root@gollum:/usr/local/src/httpd-2.0.39# make
root@gollum:/usr/local/src/httpd-2.0.39# make install
Build And Install PHP DSO
Build and install PHP DSO with MySQL client and SSL support:
root@gollum:/usr/local/src/php-4.2.0# export CFLAGS='-O2'
root@gollum:/usr/local/src/php-4.2.0# ./configure --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr --with-openssl=/usr --enable-track-vars
root@gollum:/usr/local/src/php-4.2.0# make
root@gollum:/usr/local/src/php-4.2.0# make install
root@gollum:/usr/local/src/php-4.2.0# cp php.ini-dist /usr/local/lib/php.ini
Build cronolog
Build and install cronolog:
root@gollum:/usr/local/src/cronolog-1.6.2# ./configure
root@gollum:/usr/local/src/cronolog-1.6.2# make
root@gollum:/usr/local/src/cronolog-1.6.2# make install
Get an SSL Certificate
Generate private key, then create a signed certificate request - .csr file.
root@gollum:/usr/local/apache2/conf/ssl.key# openssl genrsa -out gollum.tansodesign.com.key
root@gollum:/usr/local/apache2/conf/ssl.key# openssl req -new -key gollum.tansodesign.com.key -out gollum.tansodesign.com.csr
Now use the .csr file to get test or real certificate - .crt file - from any certificate authority (CA).
Configure And Start Apache
Edit /usr/local/apache/conf/httpd.conf to modify Apache settings and add
<Files *.php>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
ErrorLog "|/usr/local/sbin/cronolog /var/log/apache/error.%Y.%m.%d.log"
CustomLog "|/usr/local/sbin/cronolog /var/log/apache/access.%Y.%m.%d.log" common
Edit /usr/local/apache/conf/ssl.conf to modify Apache SSL settings:
Edit /usr/local/lib/php.ini to modify PHP settings.
Add the following line to the startup script to launch Apache at startup:
/usr/local/apache/bin/apachectl start