PHP (Hypertext Preprocessor) is a server side scripting language that powers several million dynamic websites, including those that run on WordPress. In this post, let us look at how to install PHP on Ubuntu and secure it before releasing it into the wild. After you install PHP, you may choose to implement the 7 PHP configuration improvements that I strongly recommend. These configuration improvements, apart from improving security will also maximize the possibilities of PHP. If you have not read my other posts, How to install phpMyAdmin on Ubuntu? and 10 easy phpMyAdmin tweaks to simplify MySQL administration, you may do so in addition to following this post. So let us move forward and install PHP on Ubuntu.
In most cases you may not have to read through this post at all as PHP can be installed when you install Ubuntu Server. It is a part of LAMP (LinuX Apache MySQL and PHP) installation. As shown in the picture below, when the package selection screen appears just make sure you select LAMP server and complete the installation.
If for some reason you are trying to install PHP on Ubuntu at the later stage on a non-LAMP system then read on to complete the installation.
Install PHP on Ubuntu
To install PHP on Ubuntu, use the following command:
sudo apt-get install php
That is it. It is that easy.
In addition to installing PHP, I recommend installing the following packages as most dynamic websites require them for proper functioning.
sudo apt-get install php-pear php-db php5-gd php5-curl libssh2-php php5-mysql
If you encounter unmet dependency issues then try using
sudo aptitude instead of
I also recommend installing phpMyAdmin and tweaking it.
Secure Your PHP
I recommend that you make at least one tweak to make your PHP installation more secure and reduce chances of being hacked. Edit
/etc/php5/apache2/php.ini using the following command:
sudo nano /etc/php5/apache2/php.ini
expose_php = On and change it to the following:
expose_php = Off
The above changes will stop your server from revealing that PHP is installed (by adding its signature to the web server header) on your server along with other information. While it may not be a security threat, it does reveal to potential hackers that the web server uses PHP. The less a hacker knows about your server configuration the better it is. Reload your Apache server using the following command to apply the above changes:
sudo service apache2 reload
More PHP Tweaks
Now that you know how to install PHP on Ubuntu and secure it, it is time to explore other PHP configuration improvements that could make your web development easier. If you are interested, take a look at these recommended PHP configuration improvements.
Go head, install PHP and supercharge your Linux home server.