TQ
dev.com

Blog about software development

Subscribe

Install Apache 2.4 and PHP 8 on Debian 12

13 Apr 2025 - by 'Maurits van der Schee'

Ubuntu 20.04 is EOL at the end of next month, so it's time to reinstall all your old web servers with Debian 12. Today I'll share a post with all the configuration that I apply on my web servers. While you could apply these with Chef, Ansible or SaltStack (like a real pro), you can also type them in, like I often do. I'm using Debian 12 netinst and configure "SSH server" and "standard system utilities" as a default packages.

Install and enable firewall:

sudo apt install ufw
sudo ufw allow 443
sudo ufw allow 80
sudo ufw allow 22
sudo ufw enable

Modify the SSHd config:

sudo nano /etc/ssh/sshd_config

Change the line with “PasswordAuthentication” to:

PasswordAuthentication no

Enable sudo access without password:

echo '%sudo ALL=(ALL) NOPASSWD: ALL' | sudo tee /etc/sudoers.d/nopass

Set root password to “”

sudo apt install pwgen
pwgen 16 
sudo passwd root

Install some other tools:

sudo apt install git wget gzip htop rsync curl less iotop ntp atop btop

Install and enable Apache webserver and PHP:

sudo apt install apache2 libapache2-mpm-itk mariadb-client mariadb-server 
sudo apt install php-cli libapache2-mod-php php-curl php-gd php-igbinary php-intl 
sudo apt install php-mbstring php-memcached php-mysql php-xml php-zip memcached

Set the max allowed packet size to 1GB

sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf

Set the following (uncomment):

max_allowed_packet     = 1G

Also for mysqldump:

sudo nano /etc/mysql/conf.d/mysqldump.cnf

Set the following (increase from 16M):

max_allowed_packet     = 1G

Now restart MariaDB using:

sudo systemctl restart mysql

Set PHP upload and memory limit:

sudo nano /etc/php/8.2/apache2/php.ini

Now make sure the following values are set:

post_max_size = 25M
upload_max_filesize = 25M
memory_limit = 1G

Enable mod-rewrite and mod-ssl and reload:

sudo a2enmod rewrite
sudo a2enmod ssl
sudo systemctl restart apache2

Install CertBot:

sudo apt install certbot python3-certbot-apache

Make sure automatic updates are enabled:

apt-get install unattended-upgrades
sudo dpkg-reconfigure unattended-upgrades

Enjoy!

PS: Liked this article? Please share it on Facebook, Twitter or LinkedIn.

Popular posts

Latest posts

Links

Unique visitors

Subscribe by email

Subscribe to RSS