Note: Although the title of this article specifically says “Linux Mint,” this information should apply to any Debian-based Linux distribution. Also, this isn’t a guide to locking down security on a web server install. I am using this VM locally to host a database for myself, and so it won’t be accessible to the public Internet.
Why Am I Doing This?
Recently I found myself wanting to set up a local LAMP (Linux, Apache, MySQL, PHP) environment in order to import a large collection of user names and passwords which someone has compiled as a result of the multiple data breaches over the years. This compilation is very large, consisting of 1.4 billion records. The total size of the files on disk is over 40GB. Notice I said “files” and not “database.” This information has been compiled in several large text files, which are hard to do anything with. It takes a long time to query over 40GB of text data using grep, so I wanted to set up an environment where I could get this data in to a MySQL database on a local VM so it’s easy to query quickly.
The first step to this was getting a LAMP environment set up, which I haven’t done in quite a while. I was surprised to find that the top results on Google were either very old (for PHP 5.x and below), were missing a lot of details, and/or contained incorrect and outdated commands. It’s for that reason that I thought this would be a good time to write a quick article and maybe help some people out.
I performed these exact steps on a clean install of Linux Mint 19.1. I chose Mint because it’s fairly small in size and comes fairly well equipped out of the box. Unlike Debian, it’s on a single small image, and honestly I also happen to like Cinnamon.
“But Jason, I Don’t Care. Let’s Get On With It!”
Ok, ok. Let’s start by installing Apache. This install is a single command and will put the root of the Apache web server at /var/www/html/ on the local machine.
sudo apt-get install apache2
The installer will start the service automatically, and you can test to make sure it’s working by opening up a browser and typing http://localhost or http://127.0.0.1 on the local machine.
Next, we’ll install PHP. The latest version at the time of this writing is 7.2. We’ll also install some libraries, which will allow everything to play nice when we’re finished.
sudo apt-get install php7.2 sudo apt-get install libapache2-mod-php7.2
We’ll then need to restart the Apache service to ensure PHP functions properly.
sudo /etc/init.d/apache2 restart
Linux Mint comes with the xed GUI text editor, which we can use to create a test PHP file.
sudo xed /var/www/html/test.php
You’ll want to populate the file with the following code:
<?php phpinfo(); ?>
Point a browser at http://localhost/test.php to test the code and make sure PHP is working properly. If it is, you should see a bunch of information about the version of PHP that we just installed.
Next, we’ll install MySQL.
sudo apt-get install mysql-server
After the install is complete you’ll want to do a couple things. The first is to set a password for root in MySQL.
sudo mysql -u root
This will dump you in to the MySQL command line, where you can set a password for root.
SET PASSWORD FOR 'root'@'localhost' = PASSWORD('breach');
Next you’ll want to create a user that can be used to log in to PHPMyAdmin. For whatever reason, after I installed PHPMyAdmin, it would not let me log in as root. It did create an initial user called phpmyadmin, but that account only had read access to everything. To be safe we’ll create a new account called admin from within the MySQL command line.
CREATE USER 'admin'@'localhost' IDENTIFIED BY 'secretpassword'; GRANT ALL PRIVILEGES ON *.* TO 'admin'@'localhost' WITH GRANT OPTION; FLUSH PRIVILEGES; exit
You’ll obviously want to replace secretpassword with something secure.
Now we’re ready to install the libraries to tie everything together, as well as PHPMyAdmin itself.
apt-get install libapache2-mod-log-sql-mysql apt-get install php7.0-mysql apt-get install phpmyadmin
When the installer asks if you want it to create a blank database, tell it Yes. When prompted for a password, set it to the same thing as you set the SQL admin account password you created above.
Next we’ll need to make a small change to a PHP configuration file.
sudo xed /etc/php/7.2/apache2/php.ini
Uncomment (remove the # from the beginning) the line extension=mysqli, save and close the configuration file. Next we’ll need to restart Apache again to ensure everything works.
sudo /etc/init.d/apache2 restart
Next, fire up a browser and point it to http://localhost/phpmyadmin. You should be able to log in with the admin account that you created in MySQL, using your super secret password.
Fixing a Bug in PHPMyAdmin
I found a bug in PHPMyAdmin that results in on screen errors when clicking the name of a table in order to list its contents. Hopefully this bug will be updated soon, but it can be traced back to some incorrect syntax in a configuration file. If you experience this bug, this should hopefully fix it. Remember to keep copies of any config files you modify just in case something goes belly-up.
sudo xed /usr/share/phpmyadmin/libraries/sql.lib.php
Find the line that contains the following text:
(count($analyzed_sql_results['select_expr'] == 1)
You’ll want to edit this line so that it matches the following line:
((count($analyzed_sql_results['select_expr']) == 1)
Essentially, you’ll be adding a ‘(‘ before the existing one, and placing a ‘)’ after the close bracket before ” == 1″.
No further steps need to be taken after that code change. After the modification, I stopped getting error when clicking on the table names in PHPMyAdmin instantly.