Observations

A Photolog

How to Create a Home Web Server

Introduction
Installing Ubuntu
The LAMP Stack
Apache
Domain Names
Virtual Hosts
Dynamic Update Client
MySQL
PHP
phpMyAdmin
HTTPS encryption
WordPress

Introduction

This website runs on a home web server, an old windows laptop on which I installed the free Ubuntu Linux operating system and free, open source software such as the Apache web server, PHP, MySQL and WordPress.   In this article I will explain exactly how I did it.   Its fun to know that this website, which can be viewed anywhere in the world, originates on my humble old laptop sitting on the coffee table.

This article assumes an installation of Ubuntu 18.04 LTS which was the most recent long term support version of Ubuntu Desktop at the time of this writing (June 2018).   Otherwise your mileage may vary.

Installing Ubuntu

First we’re going to download the Ubuntu Linux operating system (free, open source software) and install it on your spare, sacrificial PC.   Go to https://www.ubuntu.com/desktop and click the “Download Ubuntu” link.   Click “Download” on the next page.   Scroll to the bottom of the following page and click the “Not now, take me to the download” link.   Your download should start automatically and end up in your download folder.   The file should be named “ubuntu-18.04-desktop-amd64.iso” or something similar.   We’re going to copy this file to your USB flash drive but first we have to make it bootable.

The recommended way to make your flash drive bootable is to use a free and open source utility called Rufus.   On a Windows PC go to https://rufus.akeo.ie and under the “Download” box click “Rufus 3.0 Portable”.   With your flash drive plugged in run Rufus.   Select your flash drive in the device pull down menu.   Click the disk icon to the right of “Create a bootable disk using” and browse to your Ubuntu iso file.   Click “Start”.   The flash drive will be formatted and the iso file installed.

We can now install Ubuntu on your PC from the flash drive but first we need to get into your PC’s Bios and temporarily configure it to boot from the USB flash drive rather than its own boot disk.   Accessing the Bios varies among PC brands but usually involves holding down a specific function key (F2, F10, F12 etc.) while the PC is booted.   Consult your PC’s manual or do an online search to find the proper key sequence for your PC.   On the Bios screen or one of its submenus there will be an option to select a flash drive or USB drive and make it first in the boot order.   This is what you want to do.   It usually involves moving the USB drive to the top of the list.

On newer PCs you will also have to disable UEFI Secure Boot in the Bios.   UEFI runs only signed bootloaders so it is not possible to boot the computer from a USB drive unless that option is disabled.   The UEFI Secure Boot option will also be on your Bios menu or one of its submenus.

When you have finished reconfiguring the Bios, save and exit, usually by pressing F10.

Now when your PC reboots it should boot from the flash drive and present you with an instance of Ubuntu running on the flash drive from which you can select full installation onto your PC.   Select “Install Ubuntu”.   This will bring up an installation wizard where you will choose your language, keyboard layout, time zone, user name and so forth.   You will have the option to install Ubuntu alongside Windows (dual boot) or to erase the hard disk and install Ubuntu alone.   When the installation is done you will be prompted to restart.   Be sure to remove your flash drive before you restart or you will boot into it again.

When you first log into Ubuntu you may have to configure your wi-fi to get a connection.   Click the dotted square in the bottom left corner of the screen, click “settings”, click “Wi-Fi”, select your network, click the gear icon and enter your wi-fi information and password using the tabs at the top of the window.

You should also update the software when you first log in.   Press Ctrl Alt and T together to open a terminal.   Copy the following code into the terminal and press enter.

Type your password when prompted and press enter.   Type “y” for yes when prompted and your system will update.

The LAMP Stack

To create a web server on Ubuntu we are going to install the venerable LAMP stack.   “LAMP” stands for “Linux, Apache, MySQL, and PHP”.   Apache is the web server software, MySQL is a database application, and PHP is a web scripting language.   This combination of free, open source software is used on millions of Linux based web servers around the world to serve sophisticated web applications such as WordPress and other web publishing platforms.

Apache

To install Apache we will first update the available software package index.   Press Ctrl Alt and T together to open a terminal.   Copy the following code into the terminal and press enter.

Now copy the following code into the terminal and press enter.

Type “y” for yes when prompted and press enter.   Apache and its required dependencies will be installed.

Before Apache can speak to the outside world we must allow access to and from it through some firewalls.   Ubuntu’s default firewall is called “ufw” (Uncomplicated Firewall).   Let’s make sure it is active by issuing the following command:

Press “y” for yes when prompted.   You will get a response:

Now enter this command:

You should see:

Now enter:

This command opens port 80 (unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic) in Ubuntu’s firewall allowing Apache to serve your web pages through it.

To confirm these ports are open enter:

You should see:

You will also have to open ports 80 and 443 in your home router.   This is called port forwarding.   The procedure varies depending on the brand and model of your router.   Consult you router’s manual or do an online search to learn how to do this.

Now that we have the proper ports open in our firewalls we can test the functionality of Apache.   Issue this command:

Somewhere in the output block you should see “Active: active (running)”.

To stop Apache issue this command:

To start Apache issue this command:

To restart Apache issue this command:

We can now go to our web browser to verify Apache is serving web content but first we must determine the server’s IP address.   There are several ways to do this.   You can issue this command:

Or this:

(If you don’t have curl installed you will be prompted as to how to install it.)

Another option is to issue this command:

One of the IP addresses listed after “inet” will be the server’s address.

Finally you can use one of the many web services such as https://www.myip.com to find your public IP address.

Now that you have determined your server’s IP address simply enter it into your browsers address bar and press enter.   You should see this:

server

This is the default Ubuntu Apache web page.   Congratulations!   You’re running a real web server.   (But there is a lot more to do.)   You could actually edit the default web page that you’re seeing and replace it with your own content at this point but there is a more appropriate way of serving your content by setting up virtual hosts which we will explain shortly.   But first we need to deal with the issue of translating your server’s IP address into a domain name (such as http://your-unique-domain-name.com).

Domain Names

When you make a request in your browser for, say, www.example.com, computers on the internet called domain name servers (DNS) will look up the IP address of example.com in their database tables and route your request to example.com’s IP address.   This IP to domain name translation occurs transparently so all you see in your browser is example.com’s webpage.   When you register for a domain name the registrar sends your domain name/IP address combination to DNS servers around the world.

To get started you can register a free domain name at https://www.noip.com.   You can get a domain name such as “yourname.ddns.net” (and upgrade it later to the domain name of your choice).   Using No-IP has the added advantage of offering free “dynamic DNS” (DDNS) which monitors your server for a change in IP address and updates its tables accordingly.   Most home web servers, including mine, do not have a fixed IP address but get an IP address through DHCP from the service provider.   That address can change occasionally.   In this case dynamic DNS is essential.

When you get your domain name from No-IP you will have an opportunity to initially edit the IP address it is to be associated with.   You should do that now.   It will be the IP address that you entered into your browser to get to the default Ubuntu Apache web page.   If you do not have a fixed IP address you must install the No-IP update client as described below.

Virtual Hosts

Before we actually configure and run the No-IP client we are going to create a virtual host for your new domain name.   Enter the following commands, replacing “example.com” with your new domain name.

Then:

Then:

Now we will create your first web page with a terminal text editor called “nano”.   Enter:

Paste the following code into nano, replacing “example.com” with your new domain name:

Use the arrow keys to position the cursor, backspace to delete if you want to edit the content.   Then press “ctrl” and “x” at the same time to save and “y” to confirm followed by enter.   Your web page has been saved.

Now we are going to create a virtual host file for your domain name with directives specific to it that Apache will use to serve your content.   Open the terminal and enter this code, replacing “example.com” with your new domain name:

Now enter this code into nano, replacing “example.com” with your new domain name:

Use the arrow keys to position the cursor, backspace to delete if you need to edit the content.   Then press “ctrl” and “x” at the same time to save and “y” to confirm followed by enter.   The configuration file has been saved.

We will now enable the file with the a2ensite command.   Enter this code, replacing “example.com” with your new domain name and press enter:

Disable the default configuration file with this command:

Now we will test the Apache configuration with the command:

You should see:

If you get an error to the effect that “Apache Could not reliably determine the server’s fully qualified domain name” use nano to edit the Apache global configuration file.

At the bottom of the file add the line

Replace “example.com” with your domain name.   Then press “ctrl” and “x” at the same time to save and “y” to confirm followed by enter.   Now reissue the command:

You should see:

Now issue this command to restart Apache and implement the new configuration.

Now you should be able to type your domain name into your browser address bar to view your new web page.   You should see “It works!”.   Congratulations!   You are now the proud owner, editor and administrator of a global web server.

Dynamic Update Client

After you get your No-IP domain name we need to install the No-IP dynamic update client on Ubuntu if you do not have a fixed IP address.   This program needs to be compiled so we will first get the compiler tools from Ubuntu.   Press Ctrl Alt and T together to open a terminal.   Copy the following code into the terminal and press enter.

Then:

Then:

Then:

Then:

Now you will be able to compile software using the GNU gcc and g++ (C/C++) compilers.

Now issue the following commands, pressing enter after each.

Enter your password.   You will become root.   (!)   Then do:

Then:

Then:

Then:

Then:

Replace “noip-2.1.9-1/” with the directory listed when you did the “ls” command in case the version has been updated.   Finally do:

You be prompted to enter your No-IP username and password and the program will be compiled.   To get out of the root login enter:

Now we will configure the No-IP dynamic IP address update client and run it.   Issue this command:

This will create a configuration file.   You will be prompted to enter your No-IP user name and password.   Answer yes to the question “Do you wish to update ALL hosts?”.   Now run the program by entering:

We now need to take some steps to make the program run at startup.   Issue this command:

Copy and paste the following file into the nano editor:

Then press “ctrl” and “x” at the same time to save and “y” to confirm followed by enter.   Then enter this command:

Then:

This will enable the No-IP update client to run at startup.   You can verify the client is running by issuing the following command:

MySQL

Now we will continue to install the LAMP stack so that we can run sophisticated web applications such as WordPress and other web publishing platforms.   To install the MySQL database manager issue the following commands:

Then:

Then:

Enter “y” for yes or “n” if you do not want an offered feature.

These are the questions you will encounter:

PHP

Now we can install PHP, an iconic scripting language that can access the MySQL database and execute code to make your website dynamic.   This is the last component of the LAMP stack.   Press Ctrl Alt and T together to open a terminal.   Copy the following code into the terminal and press enter.

Now we will edit our configuration to prioritize PHP.   It will be a key player when we install WordPress.   Enter this:

Then place “index.php” in the beginning of the line so it looks like this:

Then press “ctrl” and “x” at the same time to save and “y” to confirm followed by enter.   Then enter this command for the change to be implemented:

Now we are going to set up a web page to test PHP.   Issue this command, replacing “example.com” with your domain name.

Enter this code into nano:

Then press “ctrl” and “x” at the same time to save and “y” to confirm followed by enter.   Now enter “example.com/info.php” in your browser address bar, replacing “example.com” with your domain name.   You should be presented with a detailed table of PHP parameters as they relate to your system.

phpMyAdmin

phpMyAdmin is a web based interface for MySQL.   We will use it later to create a database for WordPress.   Issue the following commands, pressing enter after each one:

Then:

You will be presented with some screens where you are prompted to answer some questions.   You will see that “apache2” is highlighted.   You must press the spacebar to select it.   Then an asterisk will appear within the brackets [*].   Now press tab to select “< ok >“, then press enter.   Select yes when asked whether to use dbconfig-common by tabbing to “< Yes >” and pressing enter.   You will also be prompted to choose and confirm a password.   Now enter:

Then:

Then:

Then:

You should see this:

Enter the following commands at the “mysql>” prompt, pressing enter after each one.   Replace “yourname” with your user name and “yourpassword” with your password.   This creates a MySQL user will all privileges.

Then:

Replace “yourname” with your user name. Then:

Then:

Now restart Apache to implement the changes:

Now enter “example.com/phpmyadmin/” into your browser address bar, replacing “example.com” with your domain name.   You should see the phpMyAdmin login page.   Log in with the user name and password you just created to make sure it works.

Now we will create an additional layer of security for phpMyAdmin.   Enter:

Find the block that begins with “< Directory /usr/share/phpmyadmin >” and add “AllowOverride All” so that the top of the block looks like this:

Press “ctrl” and “x” at the same time to save and “y” to confirm followed by enter.   Now enter:

Then:

Copy and paste the following into nano.   Then press “ctrl” and “x” at the same time to save and “y” to confirm followed by enter.

Now enter the following command, replacing “yourname” with your user name.

You will be prompted to select and confirm a password for your user.   Now you will encounter an Apache generated login pop-up when you access phpMyAdmin.

Because phpMyAdmin installations are an attack vector on the internet you should also change the URL to something other than “example.com/phpmyadmin/”.   You can do this as follows.   Enter:

At the top you will see this line:

Change the alias so it looks like the following but replace “somethingelse” with something of your choice:

Press “ctrl” and “x” at the same time to save and “y” to confirm followed by enter.   Enter:

Now enter “example.com/somethingelse/” in your browser address bar, replacing “example.com” with your domain name and “somethingelse” with the alias you just chose.   Now your phpMyAdmin URL is your secret.

HTTPS encryption

Most professional websites use HTTPS end-to-end encryption to secure their web traffic.   We are going to do that now using a free service and certificate provided by https://letsencrypt.org.   We will use a program called “Certbot” to automatically install the certificate for your website.   Press Ctrl Alt and T together to open a terminal.   Copy the following code into the terminal and press enter.

Press enter to accept. Then enter:

Then:

Make sure the firewall is configured as described above.   To check enter:

You should see:

Also make sure your virtual host is configured as described above.   Certbot looks in /etc/apache2/sites-available/example.com.conf for your server name.

Now we will obtain the SSL certificate through Certbot.   Enter the following in the terminal, replacing “example.com” with your domain name:

You will be prompted to enter your email address and agree to the terms of service.   Then you should see this:

Enter the number “2” end press enter.   You should get a message that Certbot was successful.

Restart Apache by entering:

Now enter your domain name into your browser’s address bar preceded by “https://”.    Your site should now be encrypted and you should see the locked padlock icon in the address bar.

Certbot is set up to automatically renew your certificate before it expires.   You can test this by entering the following:

You should see something like this:

If no errors appear automatic certificate renewal is set up.

WordPress

WordPress is the premier web publishing platform and content management system in the world as of this writing.   It is free, open source software and uses the LAMP stack that we have already set up.   We’re going to install it now.   First we will edit Apache’s global configuration file so we can take advantage of some of the advanced features in WordPress.

Press Ctrl Alt and T together to open a terminal.   Copy the following code into the terminal and press enter.

Find this block:

Change “AllowOverride None” to “AllowOverride All”.   It should look like this:

Press “ctrl” and “x” at the same time to save and “y” to confirm followed by enter.
Enter:

Restart Apache by entering:

Now we will install WordPress.   Enter the following commands.   Change “example.com” to your domain name.

Then:

Then:

Then:

Then:

Wordpress is now installed as /var/www/example.com/html/weblog/.

Now we will give WordPress the correct permissions for your user.   Enter the following commands:

Then:

Then:

Then:

Now we need to create a MySQL database for WordPress.   Enter “example.com/phpmyadmin/” into your browser address bar, replacing “example.com” with your domain name.   You should see the phpMyAdmin login page.   Log in with your phpMyAdmin user name and password.   Click on the “database” tab at the top.   In the “Create database” box enter a name of your choosing.    (Something like “wordpress” or “weblog” is fine.)   Don’t do anything with the “Collation” pulldown.   Click the “Create” button.

Now visit “https://example.com/weblog/wp-admin/install.php”.   Replace “example.com” with your domain name.   You should see the WordPress setup page.   Type in the database name you just created in phpMyAdmin.   Enter your phpMyAdmin user name and password.   Don’t do anything with “localhost” or “wp_”.   Now click the “submit button”.   Wordpress will connect to the database and you will be presented with a welcome screen.   On that screen select a site title, a WordPress user name and password, enter your email address, and select whether you would like search engine visibility.   Click “Install WordPress”.   You will be presented with your WordPress login screen.   There is a detailed WordPress installation guide at https://codex.wordpress.org/Installing_WordPress.

To solve the issue of sending emails from WordPress I use the free WordPress plugins WP Mail SMTP by WPForms and Contact Form by WPForms.   You can search for them on your WordPress plugins tab.

A note about php.ini:   If you need to upload large media files into WordPress as I do you will need to edit your php.ini file and change the “post_max_size” parameter.   Enter:

Find this block:

Change 2M to perhaps 20M.   Press “ctrl” and “x” at the same time to save and “y” to confirm followed by enter.   Then enter:

Be sure to regularly maintain and update your server by issuing the following command:

Enjoy.

Stan Finley
June 6, 2018