Amazon Web Services (AWS) provides cloud based on demand computing for a wide variety of services. In fact the services are so wide and detailed it can be difficult to spin up a simple web site using Linux, Apache, MySQL, and PHP (LAMP). This guide outlines the steps to create a functional website with a database. The setup will take advantage of the lowest cost tier which is free for the first 12 months.
AWS Account
When signing up the account created will be the “root” user for AWS. Once this is complete you will want to create an Administrator account even if you are the only one logging in. Accounts for other users can be created as well so you can give access to to the system without handing out your Amazon account.
Instructions on setting up the AWS account are here: https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/. Make it a personal account and skip the support plan.
Once the main rooot account is created, go to aws.amazon.com and login to the Console. You will only need IAM(Identity and Access Management) and EC2 (Elastic Compute).
Got the IAM and click Users in the side navigation. Click the Add User button at the top, select AWS Management Console access and follow the on screen instructions.
Create a group for Administrators if it does not exist and add the user to the Administrators group. Skip adding tags. The final screen will show the login URL.
Setting Up EC2
From the AWS console click EC2 and then Instances on the side navigation
Click Launch Instance and select Amazon Linux 2 AMI (HVM), SSD Volume Type from the list of choices. Select t2.micro size (default free tier) and accept defaults on the remainder of screens. At this point there will be a computer running on the internet with ports for HTTP and SSH traffic.
Configure Access
Access to the console is based on username/password. Additional accounts can be set up using IAM. These accounts can also be used to access the server via SSH. For simplicty we will continue using the root account for this set up. Details on setting up IAM accounts is here https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/get-set-up-for-amazon-ec2.html#create-an-iam-user
Access to the server via SSH (and SFTP) requires using an encrypted key pair. This consists of two files, public and private. The public key is stored on the server as part of the operating system. The private key is downloaded and imported into SSH (or SFTP). When a connection is made the private key is presented to the server and it meshes with the public key. The private key can only be generated once and if it is lost a new key pair can be created, however, if the public key is deleted it is extremely difficult to recover access.
DO NOT DELETE OR LOSE KEYS.
The key pair can be created before or during the creation of an instance but not after. Select PEM as the key type. The other type can be converted but it is a pain. Instructions on creating key pairs is here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/get-set-up-for-amazon-ec2.html#create-a-key-pair.
SSH Access
(Assuming Mac or Linux) Once the private key is downloaded, move it to a convenient location and change the permission
chmod 400 your_user_name-key-pair-region_name.pem
SSH will not use the key unless it has the correct permissions. Connection to the server i
Installation of Apache and MySQL
There is a command line tool (yum) for installing applications on the server. the following commands will set up Apache and MySQL. The last command will add your username to the admin group so you can view the logs.
sudu yum update -y sudo yum install -y httpd24 php56 mysql55-server php56-mysqlnd sudo service httpd start sudo chkconfig httpd on sudo usermod -a -G apache ec2-user sudo chown -R ec2-user:apache /var/www sudo chmod 2775 /var/www find /var/www -type d -exec sudo chmod 2775 {} \; find /var/www -type f -exec sudo usermod -aG adm ec2-user
Finally, create a phpinfo.php page in the root of the web server to validate the installation.
echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php sudo chmod 0664 /var/www/html/phpinfo.php
Start MySQL Server
sudo service mysqld start
Lock down the database installation and set the permission on the files on the web server. This will set the root user password for MySQL. This same credential can be used for web pages to access the database. For a more secure set up use the root account and PHPMyAdmin to set up a system account for web pages to use.
sudo mysql_secure_installation cd /var/www/html sudo chown Admin
Install PHPMyAdmin
PHPMyAdmin provides a web based database management and query tool.
wget https://files.phpmyadmin.net/phpMyAdmin/4.9.4/phpMyAdmin-4.9.4-english.tar.gz tar -xvf phpMyAdmin-4.9.4-english.tar -C /var/www/html mv phpMyAdmin-4.9.4-english phpmyadmin rm -rf phpMyAdmin-4.9.4-english.tar
On the list of Instances in the console, check the instance you want to open in a web browser. In the details section find the Public DNS and use that URL to access to site. E.g. ec2-18-236-99-249.us-west-2.compute.amazonaws.com
To access PHPMyAdmin, add /phpmyadmin to the URL. The login will be root and the password selected when running mysql_secure_installation.
Configure SFTP Access
To access the server via SFTP use FileZilla and import the PEM key file
- Protocool: SFTP
- Host: Use the URL from the console.
- Logon Type: Key file
- User: ec2-user
- Key file: Browse to the PEM file
Connecting will use the key file instead of a password.