One of the main usages of a server is a web server, and Linux is the perfect OS for this purpose due to low system requirements, fast security updates, reliable performance, good security, plus it’s free and open-source. There are many web server software to choose from in Linux, but in this guide we’re using Apache, the most popular one out there. But in almost all cases it’s used along with PHP and MySQL Server, forming the LAMP stack (Linux, Apache, MySQL, PHP).

This guide is for running a static site. The guide for running a WordPress site is coming soon, but you still need to follow this, as the WordPress guide will be built on top of this static site guide. Assuming you’ve followed the previous articles in this blog, you have Ubuntu Server running with SSH access. We’re going to install Apache first:

$ sudo apt-get install apache2 -y

Once done, you can open the browser, type the server’s IP address, and be greeted with the default index page. Note that the default Apache directory is/var/www/html. At this point we have the web server running at port 80. Before moving on, we should take ownership of the directory by adding your username to the group www-data, then set all newer files to have permission 464:

$ sudo useradd –groups www-data username
$ chmod 575 /var/www/html
$ chmod 464 -R /var/www/html
$ umask 202 /var/www/html

Next we’re installing PHP:

$ sudo apt-get install php php-fpm libapache2-mod-php -y

To confirm that PHP is running properly, we can make a PHP file in the Apache directory, i.e. index.php:

$ nano /var/www/html/index.php

Then type <?php phpinfo(); ?> into the text editor. Close it by Ctrl+O, then Ctrl+X. In your browser, type the server’s IP address, followed by /index.php, and you should get a page that shows the current state of your PHP installation. Next up, installing MySQL:

$ sudo apt-get install mysql-server php-mysql -y

You will be asked to create a password for the root user. Remember that this is not the root user on your Ubuntu installation, and you should use a very strong password and different from anything else. Make sure you note it down somewhere too! Restart Apache server once completed:

$ sudo service apache2 restart

Now we need to add the domains and IP address:

$ sudo nano /etc/hosts

You will see a line saying 127.0.1.1 hostname. Now add a new line below it, then type in your public IP address and the site’s domain name you’re going to use with, using the above lines as example. Save it and close the text editor as usual when you’re done.

We need to enable port 80 forwarding, just like other services. But in this case, I recommend using Mikrotik routers instead of other models, as they’re very customizable, have tons of functions, and always stable. Plus we also need a feature called “hairpin NAT”, that allows users on the local network to connect to a host that’s also on the same network using the public IP address. Typical home routers very likely lack this feature, so you can connect using the domain name or public IPaddress from outside, but not from inside the local network. If you cannot replace the router, a workaround is to add an entry to the client‘s hosts file (and not the server’s) stating the domain name and the private IP address of the server instead. If you’re using Mikrotik router as I do, use these two lines of commands in either SSH or Winbox’s terminal to enable both port forwarding and hairpin NAT (tested to work on version 6.35.2):

/ip firewall nat
add chain=dstnat action=dst-nat to-addresses=10.0.0.2 to-ports=80 protocol=tcp dst-address-type=local dst-port=80
add chain=srcnat action=masquerade to-addresses=10.0.0.2 to-ports=80 protocol=tcp src-address=10.0.0.0/24 dst-address=10.0.0.2 out-interface=bridge dst-port=80

Above is my current setup. Change these to fit your setup:

  • to-addresses and dst-address: this is your server’s private IP address.
  • src-address: this is the local network address, not one specific host’s IP address. The default Mikrotik configuration is 192.168.88.0/24.
  • out-interface: this is the router’s bridge interface. You can see the bridge interface’s name by /interface bridge print brief or select Bridge in the left side of Winbox.

You should now have a working web server setup!

Leave a Reply

Your email address will not be published. Required fields are marked *