Web App Development

Setting up an AWS Fedora instance to serve a PHP website

Warning: I'm not a sysadmin. While I got this working by following the steps below there are probably more secure and maintainable ways to achieve this.

Here's a step-by-step guide to get a PHP website running on Fedora:

Launch a Fedora instance and connect to it via ssh

I'm using this AMI: Fedora-17-ec2-20120515-i386-sda (ami-08d97e61). You can find it by selecting "Classic Wizard" in the EC2 launch dialog and going to the "Community AMIs" tab.
Before creating the instance AWS will let you download a security key for the instance.

Setting up the EC2 security group too allow ssh and http access

In order to make changes on the machine and allow it to serve web pages to users you need to make sure that the security group assigned to the instance allows this. For ssh you'll need access on port 22, and http access requires access via port 80:

If these aren't set up correctly you won't be able to connect via ssh or request a web page from the server.

Accessing the machine via ssh

To connect via ssh you first need to find the public address of the running instance:

Now you can connect to it like this:

ssh -i keyfile.pem ec2-user@ec2-12-345-678-901.compute-1.amazonaws.com 

Say yes if you are asked to confirm the authenticity of the server.

If you get an unprotected key file warning

The ssh program will not allow you to connect to the sever if your keyfile is accessible to other users on your local machine:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: UNPROTECTED PRIVATE KEY FILE! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ Permissions 0644 for 'keyfile.pem' are too open.

You can use chmod to restrict access to these users:
chmod og= keyfile.pem
This will remove all access permissions for all users who don't own the file - i.e. other members of your group (g) and all other (o) users.

Installing Apache, starting Apache and disabling the firewall

The following commands will download, install and start the Apache server:
sudo yum install httpd -y
sudo service httpd start
You can now access the server locally (try "curl localhost"), but iptables is still blocking traffic from other computers. You can remove the firewall restrictions like this:
sudo iptables --flush
Now you can go to the public DNS address you used to log in via ssh to see the test page for Apache on Fedora:

Serving a custom page

You can serve custom content by putting it in the /var/www/html directory.  First let's install nano to edit text files, then create a test.php file and put something in it:

sudo yum install nano -y
cd /var/www/html

sudo nano test.php

Now you can go to whatever.compute-1.amazonaws.com/test.php to see the contents of that file. However, no PHP code in the file will be executed:
This is a test.
<?php phpinfo() ?>

Installing PHP

To get PHP working you need to install it and then restart Apache:

sudo yum install php -y
sudo service httpd restart

Now your website should be serving the PHP page correctly:

Your server can now serve simple PHP code. You might also need to set up a MySql database.


Follow me on Twitter