Salin dan Bagikan
Cara Install LAMP Stack di Ubuntu 22.04 Lengkap dengan Konfigurasi Optimal
Cara Install LAMP Stack di Ubuntu 22.04 Lengkap dengan Konfigurasi Optimal
LAMP Stack (Linux, Apache, MySQL/MariaDB, PHP) adalah fondasi web server yang paling populer dan terbukti. Artikel ini membahas instalasi lengkap LAMP Stack di Ubuntu 22.04 dengan konfigurasi optimal untuk production environment.
Persiapan Sistem
Update Sistem
# Update package list
sudo apt update
# Upgrade packages
sudo apt upgrade -y
Install Tools Dasar
sudo apt install -y curl wget vim nano net-tools htop
1. Install Apache Web Server
Instalasi Apache
# Install Apache
sudo apt install -y apache2
# Enable Apache start on boot
sudo systemctl enable apache2
# Start Apache
sudo systemctl start apache2
# Cek status
sudo systemctl status apache2
Verifikasi Instalasi
# Cek versi
apache2 -v
# Cek apakah running
curl http://localhost
# Atau buka browser dan akses http://server-ip/
# Seharusnya muncul "Apache2 Ubuntu Default Page"
Konfigurasi Firewall
# Allow Apache traffic
sudo ufw allow 'Apache Full'
# atau:
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
# Cek status
sudo ufw status
Konfigurasi Apache Dasar
Edit file konfigurasi utama:
sudo nano /etc/apache2/apache2.conf
Tambahkan/modifikasi:
# Server identity
ServerName localhost
# Timeout settings
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
# Directory settings
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
# Security: Disable server signature
ServerTokens Prod
ServerSignature Off
# Limit request body size
LimitRequestBody 52428800
Enable Modules Penting
# Enable mod_rewrite untuk URL rewriting
sudo a2enmod rewrite
# Enable mod_ssl untuk HTTPS
sudo a2enmod ssl
# Enable mod_headers
sudo a2enmod headers
# Enable mod_deflate untuk compression
sudo a2enmod deflate
# Enable mod_expires untuk caching
sudo a2enmod expires
# Enable mod_security (jika install)
# sudo a2enmod security2
# Reload Apache
sudo systemctl reload apache2
Optimasi Apache untuk Production
Edit /etc/apache2/mods-enabled/mpm_prefork.conf:
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxRequestWorkers 150
MaxConnectionsPerChild 0
</IfModule>
Atau gunakan mpm_event untuk performa lebih baik:
# Disable prefork
sudo a2dismod mpm_prefork
# Enable event
sudo a2enmod mpm_event
# Install dan enable php-fpm
sudo apt install -y php-fpm
sudo a2enconf php8.1-fpm
# Restart Apache
sudo systemctl restart apache2
Setup Virtual Hosts
Buat struktur direktori:
# Buat direktori untuk website
sudo mkdir -p /var/www/example.com/public_html
sudo mkdir -p /var/www/example.com/logs
# Set ownership
sudo chown -R $USER:$USER /var/www/example.com/public_html
# Set permissions
sudo chmod -R 755 /var/www
Buat virtual host file:
sudo nano /etc/apache2/sites-available/example.com.conf
<VirtualHost *:80>
ServerAdmin admin@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/public_html
<Directory /var/www/example.com/public_html>
Options -Indexes +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog /var/www/example.com/logs/error.log
CustomLog /var/www/example.com/logs/access.log combined
# PHP-FPM (jika menggunakan event MPM)
<FilesMatch \.php$>
SetHandler "proxy:unix:/var/run/php/php8.1-fpm.sock|fcgi://localhost"
</FilesMatch>
</VirtualHost>
Enable site:
# Disable default site
sudo a2dissite 000-default
# Enable new site
sudo a2ensite example.com
# Test konfigurasi
sudo apache2ctl configtest
# Reload Apache
sudo systemctl reload apache2
2. Install MySQL/MariaDB
Instalasi MySQL
# Install MySQL Server
sudo apt install -y mysql-server
# Enable dan start
sudo systemctl enable mysql
sudo systemctl start mysql
# Cek status
sudo systemctl status mysql
Atau Instalasi MariaDB
# Install MariaDB (alternative)
sudo apt install -y mariadb-server
# Enable dan start
sudo systemctl enable mariadb
sudo systemctl start mariadb
Secure MySQL Installation
# Jalankan security script
sudo mysql_secure_installation
# Jawaban yang disarankan:
# - VALIDATE PASSWORD PLUGIN: Y
# - Password validation policy: STRONG
# - Remove anonymous users: Y
# - Disallow root login remotely: Y
# - Remove test database: Y
# - Reload privilege tables: Y
Konfigurasi MySQL untuk Production
Edit /etc/mysql/mysql.conf.d/mysqld.cnf:
[mysqld]
# Basic Settings
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc-messages-dir = /usr/share/mysql
skip-external-locking
# Binding
bind-address = 127.0.0.1
mysqlx-bind-address = 127.0.0.1
# Performance Tuning
key_buffer_size = 256M
max_allowed_packet = 64M
thread_stack = 256K
thread_cache_size = 8
myisam-recover-options = BACKUP
# Query Cache (deprecated in MySQL 8.0, jangan enable)
# query_cache_type = 1
# query_cache_size = 16M
# Connection Settings
max_connections = 100
wait_timeout = 600
interactive_timeout = 600
# InnoDB Settings
innodb_buffer_pool_size = 512M
innodb_log_file_size = 64M
innodb_flush_log_at_trx_commit = 2
innodb_file_per_table = 1
# Logging
log_error = /var/log/mysql/error.log
slow_query_log = 1
slow_query_log_file = /var/log/mysql/slow.log
long_query_time = 2
# Security
local_infile = 0
secure_file_priv = /var/lib/mysql-files/
symbolic-links = 0
Restart MySQL:
sudo systemctl restart mysql
Buat Database dan User
# Login ke MySQL
sudo mysql
# Buat database
CREATE DATABASE example_db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
# Buat user
CREATE USER 'example_user'@'localhost' IDENTIFIED BY 'StrongPassword123!';
# Grant privileges
GRANT ALL PRIVILEGES ON example_db.* TO 'example_user'@'localhost';
# Flush privileges
FLUSH PRIVILEGES;
# Exit
EXIT;
3. Install PHP
Instalasi PHP dan Extensions
# Install PHP 8.1 (default di Ubuntu 22.04)
sudo apt install -y php8.1 libapache2-mod-php8.1
# Install PHP extensions yang umum dibutuhkan
sudo apt install -y \
php8.1-common \
php8.1-mysql \
php8.1-xml \
php8.1-xmlrpc \
php8.1-curl \
php8.1-gd \
php8.1-imagick \
php8.1-cli \
php8.1-dev \
php8.1-imap \
php8.1-mbstring \
php8.1-opcache \
php8.1-soap \
php8.1-zip \
php8.1-intl \
php8.1-bcmath \
php8.1-sqlite3 \
php8.1-pgsql
# Jika menggunakan php-fpm dengan mpm_event
sudo apt install -y php8.1-fpm
Verifikasi PHP
# Cek versi
php -v
# Test PHP dengan Apache
sudo nano /var/www/example.com/public_html/info.php
Isi file:
<?php
phpinfo();
?>
Akses http://example.com/info.php untuk melihat informasi PHP.
Hapus file info.php setelah testing:
sudo rm /var/www/example.com/public_html/info.php
Konfigurasi PHP (php.ini)
Edit /etc/php/8.1/apache2/php.ini:
; File upload settings
file_uploads = On
upload_max_filesize = 64M
post_max_size = 64M
max_file_uploads = 20
; Memory limit
memory_limit = 256M
; Execution time
max_execution_time = 300
max_input_time = 300
; Error logging
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
display_errors = Off
log_errors = On
error_log = /var/log/php/error.log
; Timezone
date.timezone = Asia/Jakarta
; Session security
session.cookie_httponly = 1
session.use_strict_mode = 1
session.cookie_secure = 1
; OPcache settings
opcache.enable = 1
opcache.memory_consumption = 256
opcache.max_accelerated_files = 20000
opcache_revalidate_freq = 60
Buat direktori log PHP:
sudo mkdir -p /var/log/php
sudo chown www-data:www-data /var/log/php
Restart Apache:
sudo systemctl restart apache2
Konfigurasi PHP-FPM (Opsional, untuk performa lebih baik)
Edit /etc/php/8.1/fpm/pool.d/www.conf:
[www]
user = www-data
group = www-data
listen = /run/php/php8.1-fpm.sock
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.max_requests = 500
Restart PHP-FPM:
sudo systemctl restart php8.1-fpm
4. Testing LAMP Stack
Test File PHP
sudo nano /var/www/example.com/public_html/index.php
<?php
// Test PHP
echo "<h1>PHP is working!</h1>";
echo "<p>PHP Version: " . phpversion() . "</p>";
// Test MySQL
$host = 'localhost';
$user = 'example_user';
$pass = 'StrongPassword123!';
$db = 'example_db';
try {
$pdo = new PDO("mysql:host=$host;dbname=$db", $user, $pass);
echo "<p>MySQL connection: <strong>Success!</strong></p>";
} catch (PDOException $e) {
echo "<p>MySQL connection: <strong>Failed!</strong></p>";
echo "<p>Error: " . $e->getMessage() . "</p>";
}
?>
Akses http://example.com/index.php untuk testing.
5. Security Hardening
1. Secure Apache
# Hide Apache version
echo "ServerTokens Prod" | sudo tee /etc/apache2/conf-available/security.conf
echo "ServerSignature Off" | sudo tee -a /etc/apache2/conf-available/security.conf
echo "TraceEnable off" | sudo tee -a /etc/apache2/conf-available/security.conf
# Enable
sudo a2enconf security
# Disable directory listing
sudo a2dismod autoindex
# Restart
sudo systemctl restart apache2
2. Secure MySQL
# Disable remote root login (sudah di secure_installation)
# Ensure bind-address = 127.0.0.1
# Buat user dengan privileges minimal
sudo mysql
-- Untuk WordPress/read-only applications
CREATE USER 'wp_user'@'localhost' IDENTIFIED BY 'Password123!';
GRANT SELECT, INSERT, UPDATE, DELETE ON wordpress.* TO 'wp_user'@'localhost';
FLUSH PRIVILEGES;
3. Setup HTTPS dengan Let’s Encrypt
# Install Certbot
sudo apt install -y certbot python3-certbot-apache
# Dapatkan certificate
sudo certbot --apache -d example.com -d www.example.com
# Auto-renewal sudah di-setup oleh certbot
# Test renewal
sudo certbot renew --dry-run
4. Setup Fail2Ban
# Install
sudo apt install -y fail2ban
# Konfigurasi untuk Apache dan MySQL
sudo tee /etc/fail2ban/jail.local <<EOF
[DEFAULT]
bantime = 3600
findtime = 600
maxretry = 3
[apache-auth]
enabled = true
[apache-badbots]
enabled = true
[apache-noscript]
enabled = true
[apache-overflows]
enabled = true
[mysqld-auth]
enabled = true
port = 3306
logpath = /var/log/mysql/error.log
Link Postingan : https://www.tirinfo.com/cara-install-lamp-stack-ubuntu/
Editor : Hendra WIjaya
Publisher :
Tirinfo
Read : 6 minutes.
Update : 3 February 2026