Posted July 11th, 2018 | 305

n3p_1ce

Connecting to your Server

You will need a SSH-Client like Putty if you are coming from Windows. On Unix-OS like OSX and Linux you can use terminal.

After connecting to the server you will be greeted by the following screen:

If you are logged in as root, it is highly recommended that you create another account and add this account to the wheel group. To achieve this, you have to type the following on the terminal.

adduser <username>

where <username> can be any name you would like to have for the account. For this tutorial, we are going to create the user “corefinity”.

adduser corefinity

After hitting Enter, you need to assign a password to this user, as it won’t be enabled like in Ubuntu without doing so. To achieve this, you need to type

passwd corefinity

and repeat the password twice. You now have created your first user.

Unfortunately, this user doesn’t have any root-permissions yet, but we are going to change this now

As we are still logged in as root, we are now going to add our corefinity-user to the group of wheel.

usermod -aG wheel corefinity

will achieve this. We now have a non-root account, which can install software and updates.

To switch to this user, we need to type

su corefinity

and to exit this user and return to root, we just need to type

exit

and hit enter.

Now we need to update CentOs by typing

sudo yum update -y

 

Install nginx

Now it’s time to install nginx. First we need to install the proper repository to be able to download and install nginx. In this case, we are going to use the CentOS EPEL-repository.

sudo yum install epel-release -y

If this step is finished, we can finally install nginx, by typing

sudo yum install nginx -y

Yum  will download the nginx-package and ask for permission to install it.

We now need to enable nginx by typing

sudo systemctl enable nginx

and

sudo systemctl start nginx

 

Installing MySQL 5.7

Now it’s time to install MySQL 5.7. First we need to install wget to be able to add the MySQL repository

sudo yum install wget -y

Yum  will download the wget-package and install it.

We now need to add the MySQL5.7 repository by typing

sudo wget https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm

and

sudo rpm -ivh mysql57-community-release-el7-9.noarch.rpm

After this is finished, we can install MySQL5.7 with the following command:

sudo yum install mysql-server –y

After confirming the dependencies with ‘y’ and finishing the installation, we need to enable and start the MySQL-server with

sudo systemctl enable mysqld

and

sudo systemctl start mysqld

 

Securing the database

We will now use the implemented secure installer of MySQL 5.7 to harden our installation.

To get started, we have to type in

sudo mysql_secure_installation

As soon as we hit enter, we will be asked for the root-password, which we got beforehand, with the command

sudo grep 'temporary password' /var/log/mysqld.log

After pasting it, we will be asked to create a new root-password. After typing it twice, we will have an output of the estimated strength of the password. If we are confident with the strength, we can skip the step for another new root password with any key except ‘y’.

The next step will be the removal of anonymous users from the database. It is common practice to remove anonymous access, unless absolutely required. To achieve this, confirm with ‘y’.

Afterwards you will be asked if remote access of the root account to the database shall be disabled and connection shall only be permitted from the local machine. As we don’t want someone to guess our root-password, we are going to confirm with ‘y’.

Up next will be the removal of the test database. As we are going to build a productive server, we won’t need it anymore and confirm this step with ‘y’ as well.

The final step of the secure installation is reloading the privilege tables. Maybe we took a break in setting things up, and something happened in the background already. With this step, all of our previous made decisions will be loaded into the database immediately.

 

Installing PHP and phpmyadmin

Now we need to install phpmyadmin and php with

sudo yum install phpmyadmin php php-fpm nano –y

Now we need to add a symbolic link to the phpmyadmin folder with

sudo ln -s /usr/share/phpMyAdmin /usr/share/nginx/html

As the installation is finished, we need to edit the file /etc/nginx/nginx.conf with sudo nano /etc/nginx/nginx.conf and change the block location / {                } to the below content location / {        index index.php;                }          location ~ \.php$ {        include /etc/nginx/fastcgi_params;        fastcgi_pass  127.0.0.1:9000;        fastcgi_index index.php;  fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;    } After saving the files with ctrl-o and ctrl-x you need to restart nginx and php-fpm with  sudo service nginx restartsudo service php-fpm restart  You are now able to connect to phpmyadmin under the address  http://your-server-ip/phpMyAdmin and log in with root and the previously created password for the db root user.

 

Congratulations, you can now edit your local database from a comfortable webinterface.