How To Install LAMP Stack on Fedora 43

The LAMP stack remains one of the most popular open-source web development platforms for building dynamic websites and applications. LAMP is an acronym representing Linux, Apache, MySQL (or MariaDB), and PHP—four powerful technologies that work seamlessly together to deliver robust web hosting solutions. Fedora 43, with its cutting-edge features and excellent package management, provides an ideal foundation for deploying this proven technology stack.

This comprehensive guide walks through every step of installing and configuring a fully functional LAMP environment on Fedora 43. Whether setting up a development server or preparing a production environment, following these detailed instructions will result in a secure, optimized web server ready to host applications. The process covers system preparation, component installation, security hardening, and testing procedures to ensure everything works correctly.

Prerequisites and System Requirements

Before beginning the installation process, verify that the system meets basic requirements. A fresh installation of Fedora 43 Workstation or Server provides the cleanest starting point, though these instructions work on existing systems as well.

Root or sudo privileges are essential for installing packages and modifying system configurations. The server should have at least 4GB of RAM and 40GB of available disk space for comfortable operation, though minimal installations can run on less. A stable internet connection is necessary for downloading packages from Fedora repositories.

Basic familiarity with the command line interface helps, though even beginners can follow these step-by-step instructions. Having a domain name pointing to the server IP address is optional but recommended for production deployments.

Step 1: Update System and Install Dependencies

Starting with a fully updated system prevents compatibility issues and ensures access to the latest security patches. Open a terminal and execute the system update command:

sudo dnf update -y

This command refreshes all package repositories and upgrades installed packages to their latest versions. The process typically takes several minutes depending on internet speed and the number of packages requiring updates.

After the update completes, install essential utilities that simplify server management:

sudo dnf install vim curl wget bash-completion telnet -y

These tools provide text editing capabilities, file transfer utilities, and network diagnostic functions. The bash-completion package enhances the command-line experience with intelligent tab completion.

Reboot the system if kernel updates were installed:

sudo reboot

Step 2: Configure SELinux Settings

Security-Enhanced Linux (SELinux) provides mandatory access control mechanisms that strengthen Fedora’s security posture. Understanding and properly configuring SELinux prevents common web server permission issues.

Check the current SELinux status:

sestatus

SELinux operates in three modes: Enforcing (actively blocks unauthorized actions), Permissive (logs violations without blocking), and Disabled (completely inactive). Fedora 43 defaults to Enforcing mode, which is recommended for production environments.

For development servers where troubleshooting takes priority, temporarily switching to Permissive mode can simplify debugging:

sudo setenforce 0

To make this change permanent, edit the SELinux configuration file:

sudo vi /etc/selinux/config

Change the SELINUX line to:

SELINUX=permissive

Production environments should keep SELinux in Enforcing mode and configure appropriate contexts for web content. Set proper SELinux contexts for Apache document root:

sudo semanage fcontext -a -t httpd_sys_content_t "/var/www/html(/.*)?"
sudo restorecon -Rv /var/www/html

These commands ensure Apache can access web files while maintaining security boundaries.

Step 3: Install and Configure Apache Web Server

Apache HTTP Server serves as the foundation of the LAMP stack, handling incoming web requests and delivering content to visitors. Install the Apache package using DNF:

sudo dnf install httpd -y

The installation typically completes within a minute. Start the Apache service immediately:

sudo systemctl start httpd

Enable Apache to launch automatically at system boot:

sudo systemctl enable httpd

Alternatively, combine both operations in a single command:

sudo systemctl enable --now httpd

Verify Apache is running correctly:

sudo systemctl status httpd

The output should display “active (running)” in green text, confirming successful startup.

Configure Apache Settings

Apache’s main configuration file resides at /etc/httpd/conf/httpd.conf. Open it for editing:

sudo nano /etc/httpd/conf/httpd.conf

Locate and modify these important directives:

Find line 91 and set the administrator email:

ServerAdmin admin@example.com

At line 100, configure the server name:

ServerName www.example.com:80

Around line 149, remove the Indexes option to prevent directory browsing:

Options FollowSymLinks

At line 156, enable .htaccess overrides:

AllowOverride All

Near line 169, define default index files:

DirectoryIndex index.html index.php index.cgi

Add security directives at the end of the file:

ServerTokens Prod
ServerSignature Off

These settings hide Apache version information from potential attackers, reducing the server’s exposure to targeted exploits.

Save the changes and test the configuration:

sudo apachectl configtest

The output should display “Syntax OK” if no errors exist. Restart Apache to apply the new configuration:

sudo systemctl restart httpd

Configure Firewall Rules

Fedora’s firewalld service blocks incoming connections by default. Allow HTTP traffic through the firewall:

sudo firewall-cmd --permanent --add-service=http

Enable HTTPS for encrypted connections:

sudo firewall-cmd --permanent --add-service=https

Reload the firewall to activate these rules:

sudo firewall-cmd --reload

Verify the rules were added successfully:

sudo firewall-cmd --list-services

Test the Apache installation by opening a web browser and navigating to the server’s IP address. The default Apache test page should appear, confirming successful installation.

Step 4: Install PHP and Essential Extensions

PHP powers the dynamic functionality of web applications, processing server-side code and generating HTML output. Fedora 43 includes PHP 8.4 in its default repositories, providing excellent performance and modern features.

Install PHP along with essential extensions:

sudo dnf install php php-cli php-mysqlnd php-pdo php-gd php-mbstring php-xml php-curl php-zip php-bcmath php-opcache php-intl php-soap php-json -y

This comprehensive package selection includes:

• php-cli: Command-line interface for running PHP scripts
• php-mysqlnd: MySQL native driver for database connectivity
• php-pdo: PHP Data Objects for database abstraction
• php-gd: Graphics library for image manipulation
• php-mbstring: Multibyte string functions for international character support
• php-xml: XML parsing and generation capabilities
• php-curl: URL handling and HTTP requests
• php-zip: Archive creation and extraction
• php-bcmath: Arbitrary precision mathematics
• php-opcache: Performance optimization through bytecode caching
• php-intl: Internationalization functions
• php-soap: SOAP web services support

Verify the PHP installation:

php -v

The output displays the installed PHP version, typically PHP 8.4.x on Fedora 43.

Check loaded extensions:

php -m

This command lists all active PHP modules, confirming extensions were installed correctly.

Configure PHP Settings

Edit the main PHP configuration file to optimize settings:

sudo nano /etc/php.ini

Locate and modify these important directives:

Set the timezone (around line 878):

date.timezone = America/New_York

Replace with the appropriate timezone for your location.

Increase memory limit for complex applications (line 409):

memory_limit = 256M

Adjust upload limits for file handling (lines 697-698):

upload_max_filesize = 64M
post_max_size = 64M

Enable error logging while disabling display for production (lines 462-465):

display_errors = Off
log_errors = On
error_log = /var/log/php_errors.log

Disable dangerous functions for security (line 314):

disable_functions = exec,passthru,shell_exec,system,proc_open,popen

Save the configuration and restart Apache to load PHP:

sudo systemctl restart httpd

Step 5: Install and Secure MariaDB Database

MariaDB serves as the database component of the LAMP stack, providing reliable data storage for web applications. Fedora recommends MariaDB over MySQL due to better integration and active community support.

Install the MariaDB server package:

sudo dnf install mariadb-server -y

The installation includes the MariaDB server, client tools, and supporting libraries. Start the database service:

sudo systemctl start mariadb

Enable automatic startup at boot:

sudo systemctl enable mariadb

Verify MariaDB is running:

sudo systemctl status mariadb

Check the installed version:

mariadb --version

Fedora 43 typically includes MariaDB 10.11 or newer, providing excellent stability and performance.

Secure MariaDB Installation

Run the security script to harden the database installation:

sudo mysql_secure_installation

This interactive script presents several security prompts. Respond as follows:

1. Enter current password for root: Press Enter (no password set initially)
2. Switch to unix_socket authentication: Type n and press Enter
3. Change the root password: Type Y and enter a strong password
4. Remove anonymous users: Type Y to enhance security
5. Disallow root login remotely: Type Y to prevent remote root access
6. Remove test database: Type Y to eliminate unnecessary databases
7. Reload privilege tables: Type Y to apply changes immediately

These security measures significantly reduce the database server’s vulnerability to attacks.

Test Database Connectivity

Connect to MariaDB as the root user:

sudo mariadb -u root -p

Enter the root password when prompted. The MariaDB command prompt appears, indicating successful authentication.

Create a test database:

CREATE DATABASE testdb;

Create a database user with privileges:

CREATE USER 'testuser'@'localhost' IDENTIFIED BY 'SecurePassword123';
GRANT ALL PRIVILEGES ON testdb.* TO 'testuser'@'localhost';
FLUSH PRIVILEGES;

Verify the user was created:

SELECT User, Host FROM mysql.user WHERE User='testuser';

Exit the MariaDB prompt:

EXIT;

Step 6: Integrate PHP with MariaDB

Verify that PHP can communicate with MariaDB by checking loaded database extensions:

php -m | grep -i mysql

The output should display “mysqlnd” and “pdo_mysql,” confirming database connectivity modules are active.

Create a test script to verify database connections work properly:

sudo nano /var/www/html/dbtest.php

Add this PHP code:

<?php
$servername = "localhost";
$username = "testuser";
$password = "SecurePassword123";
$database = "testdb";

$conn = new mysqli($servername, $username, $password, $database);

if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}
echo "Database connection successful!";
$conn->close();
?>

Save the file and access it through a web browser at http://your-server-ip/dbtest.php. A successful connection displays “Database connection successful!” on the page.

Step 7: Test Your LAMP Stack Installation

Create a comprehensive PHP information file to verify all components:

sudo nano /var/www/html/info.php

Add this single line:

<?php phpinfo(); ?>

Save the file and set appropriate permissions:

sudo chmod 644 /var/www/html/info.php

Access the page through a web browser at http://your-server-ip/info.php. The PHP information page displays detailed configuration data, including:

• PHP version and build information
• Loaded extensions and modules
• Configuration file locations
• Server API details
• Environment variables

Verify these critical items on the phpinfo page:

• PHP version is 8.4.x or newer
• Server API shows “Apache 2.0 Handler”
• The mysqlnd and pdo_mysql sections appear
• All installed extensions are listed

For security purposes, remove the info.php file after testing:

sudo rm /var/www/html/info.php
sudo rm /var/www/html/dbtest.php

Leaving phpinfo() accessible publicly exposes sensitive configuration details to potential attackers.

Step 8: Configure Virtual Hosts (Optional)

Virtual hosts allow a single Apache server to host multiple websites with different domain names. Create a configuration file for a virtual host:

sudo vi /etc/httpd/conf.d/example.com.conf

Add this configuration:

<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot /var/www/example.com/public_html
    ErrorLog /var/log/httpd/example.com-error.log
    CustomLog /var/log/httpd/example.com-access.log combined
    
    <Directory /var/www/example.com/public_html>
        Options -Indexes +FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

Create the document root directory:

sudo mkdir -p /var/www/example.com/public_html

Set proper ownership:

sudo chown -R apache:apache /var/www/example.com

Test the Apache configuration:

sudo apachectl configtest

Restart Apache to activate the virtual host:

sudo systemctl restart httpd

Security Hardening and Best Practices

Maintaining a secure LAMP stack requires ongoing attention to several key areas. Regular system updates protect against newly discovered vulnerabilities:

sudo dnf update -y

Configure automatic security updates by enabling the dnf-automatic service:

sudo dnf install dnf-automatic -y
sudo systemctl enable --now dnf-automatic.timer

Set restrictive file permissions on web directories:

sudo find /var/www/html -type d -exec chmod 755 {} \;
sudo find /var/www/html -type f -exec chmod 644 {} \;

Disable directory listing in Apache by ensuring the Indexes option is removed from all directory blocks. Implement SSL/TLS certificates using Let’s Encrypt for encrypted connections:

sudo dnf install certbot python3-certbot-apache -y
sudo certbot --apache -d example.com -d www.example.com

Monitor log files regularly for suspicious activity:

sudo tail -f /var/log/httpd/error_log
sudo tail -f /var/log/mariadb/mariadb.log

Common Troubleshooting Issues

• Apache fails to start: Check for port conflicts with other services. Verify the configuration syntax using apachectl configtest. Review error logs at /var/log/httpd/error_log for specific error messages.
• PHP displays as plain text: Ensure PHP module is loaded in Apache. Verify .php files have correct extensions. Restart Apache after installing PHP packages.
• Permission denied errors: Check file ownership and permissions. Verify SELinux contexts are properly set. Review Apache error logs for specific permission issues.
• Database connection failures: Confirm MariaDB service is running. Verify database credentials are correct. Check that the database user has proper privileges.
• Firewall blocking connections: Ensure HTTP and HTTPS services are allowed in firewalld. Verify rules are permanent and reloaded. Test connectivity from external networks.
• SELinux preventing file access: Check audit logs with ausearch -m avc. Use setsebool to enable necessary permissions. Apply correct file contexts using restorecon.

Congratulations! You have successfully installed LAMP. Thanks for using this tutorial for installing the LAMP Stack on Fedora 43 Linux system. For additional help or useful information, we recommend you check the official Fedora website.