Start with setting apache rule to prevent httproxy vulnerability. Set this after main configuration (before serveradmin)

vi /etc/httpd/conf/httpd.conf

RequestHeader unset Proxy early

Install php-fpm

yum install php72-fpm

Enable mpm_event and comment out everything else

vi /etc/httpd/conf.modules.d/00-mpm.conf

LoadModule mpm_event_module modules/mod_mpm_event.so

Add php-fpm proxy

vi /etc/httpd/conf.d/php.conf

Near end add:

<Proxy "unix:/var/run/php-fpm/default.sock|fcgi://php-fpm">
        # we must declare a parameter in here (doesn't matter which) or it'll not register the proxy ahead of time
        ProxySet disablereuse=off
        ProxySet timeout=300
</Proxy>

<FilesMatch \.php$>
        SetHandler proxy:fcgi://php-fpm
</FilesMatch>

Setup fpm socket

vi /etc/php-fpm.d/www.conf

listen = /var/run/php-fpm/default.sock

listen.allowed_clients = 127.0.0.1
listen.owner = ec2-user
listen.group = www
user = ec2-user
group = www

Comment out

listen.acl_users so it will be ;listen.acl_users

Set proper permissions:

chown -R ec2-user:www /var/lib/php/7.2/*

Enable service

chkconfig php-fpm-7.2 on

Start php-fpm

service php-fpm-7.2 start

Restart apache

service httpd restart

Pagespeed module setup on debian

Install

wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_amd64.deb

sudo dpkg -i mod-pagespeed-*.deb && apt-get -f install

service apache2 restart or /etc/init.d/apache2 restart

The primary configuration file is pagespeed.conf. This file is located at:

/etc/apache...

20th Jan 2019

ubuntu let's encrypt pureftp

Pure-ftp setup (inlcuding virtualusers and letsencrypt) under ubuntu

Install pure-ftp

apt-get update
apt-get install pure-ftpd

Ensure File /etc/inetd.conf has ftp commented out File /etc/default/pure-ftpd-common STANDALONE_OR_INETD=standalone

Add ftp users group

groupadd ftpusers

Add ftp user - ftpuser or any other id as preferred

useradd -g ftpusers -d...

26th May 2019

Php-fpm with apache on AMI 2018 linux