Ever since the first re:Invent that I attended virtually in 2020 I have looked forward to the annual event where AWS takes the stage to announce their latest cloud technology offerings and the immense capabilities they promise to transform the way we do things.
Last night, for 2 hours 30 minutes I listened with rapt attention to Adam Selipsky, AWS CEO, as he made his keynote address. In that time, several AWS business and technology partners like BMW and NVIDIA took to the stage to share the transformative experience with AWS cloud.
Adam Selipsky shared his perspective on cloud transformation. He highlighted innovations in data, infrastructure, as well as artificial intelligence and machine learning that are helping AWS customers achieve their goals faster, mine untapped potential, and create a better future.
Selipsky’s keynote address as well as Peter DeSantis’ on Monday night reinforced my confidence in AWS cloud. I use these technologies and I appreciate why AWS is the leading cloud provider by market share. AWS re:Invent gives me the opportunity to keep note of the state-of-the-art in cloud and evaluate how I currently use it. In December I will make deep reflections and draw up plans of how I might use cloud technologies in 2024.
In the run up to this year’s re:Invent taking place in Las Vegas from November 27 – December 1 I prioritised it and scheduled other events around it and thus far it has lived up to its billing. Later today, Dr. Swami Sivasubramanian, VP, Data and AI, AWS will give his keynote address and on Thursday Dr. Werner Vogels, VP and CTO, Amazon.com will give his Keynote.
This year, 50,000 people are attending re:Invent in person in Las Vegas, Nevada, USA and 300,000 people are following in virtually. It has been a great show so far and if you are a technology enthusiast I encourage you to follow the remainder of AWS re:Invent 2023.
Hello, are you seeking to transition to Cloud? I can make the journey easier for you. When I started learning cloud about 6 years ago the concepts seemed abstract to me even when at the time I already had about 10 years of experience developing web and mobile software applications.
It took me hands-on projects and courses prepared by IBM, GCP and AWS to get to grips with it. My skills came in handy recently when I mentored cloud developers following a well-designed Udacity course curriculum. That role involved guiding students struggling to understand cloud to build and deploy real-life projects on AWS.
My experience has led me to develop hands-on tutorials, with videos, designed to give learners a quick understanding of setting up infrastructure and deploying applications to AWS and GCP. These tutorials are grounded on courses and tutorials developed by the leading cloud providers. You will find the links to these materials below.
These tutorials are for you if you’re involved in front-end development, backend, full-stack, data, analytics, machine learning, artificial intelligence and you want to use cloud technologies. Use them and feel free to send me a message if you have questions on your cloud journey.
Cheers!
The following are links to hands-on tutorials, with videos, designed to give cloud developers a quick understanding of setting up infrastructure and deploying applications to Amazon Web Services (AWS) and Google Cloud Platform (GCP).
Video illustration of how to install and configure phpMyAdmin on Amazon Linux 2023
Introduction
While many users need the functionality of a database management system like MySQL, they may not feel comfortable interacting with the system solely from the MySQL prompt.
phpMyAdmin was created so that users can interact with MySQL through a web interface. In this guide, I will show you how to install and configure phpMyAdmin so that you can use it to manage your databases on an Amazon Linux 2023 system.
1. Login to the AWS Cloud Console, find and connect to (or SSH into) the server instance.
2. Create a dedicated user for phpMyAdmin
I recommend connecting to phpMyAdmin with a dedicated user. To do this, open up the MySQL shell once again:
mysql -u root -p
From there, create a new user and give it a strong password:
CREATE USER ‘vincent’@’localhost’ IDENTIFIED BY ‘User@789dynamic!’;
Then, grant your new user appropriate privileges. For example, you could grant the user privileges to all tables within the database, as well as the power to add, change, and remove user privileges, with this command:
GRANT ALL PRIVILEGES ON *.* TO ‘vincent’@’localhost’ WITH GRANT OPTION;
Following that, exit the MySQL shell:
exit
Install needed packages and phpMyAdmin
Install necessary dependencies:
sudo dnf install php-mbstring php-xml -y
Restart Apache:
sudo systemctl restart httpd
Restart php-fpm:
sudo systemctl restart php-fpm
Navigate to the Apache document root at /var/www/html:
cd /var/www/html
Select a source package for the latest phpMyAdmin release from https://www.phpmyadmin.net/downloads. To download the file directly to your instance, copy the link and paste it into a wget command, as in this example:
phpMyAdmin uses the cookie authentication method by default, which allows you to log in to phpMyAdmin as any valid MariaDB user with the help of cookies. In this method, the MariaDB user password is stored and encrypted with the Advanced Encryption Standard (AES) algorithm in a temporary cookie.
Historically, phpMyAdmin instead used the Blowfish cipher for this purpose, and this is still reflected in its configuration file. Scroll down to the line that begins with $cfg[‘blowfish_secret’]. It will look like this:
$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
In between the single quotes, enter a string of 32 random characters. This isn’t a passphrase you need to remember, it will just be used internally by the AES algorithm:
/usr/share/phpmyadmin/config.inc.php
For example:
$cfg['blowfish_secret'] = '2#!$%*HTEshdhcyc#@)(?+>!~*%@4vb^%mx&)*qmxz@!vcLP*$'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
Save and exit the config.inc.php file
Exit the my-unique-phpMyAdmin directory and to the Apache document root directory:
cd ..
Delete the phpMyAdmin-latest-all-languages.tar.gz tarball:
sudo rm phpMyAdmin-latest-all-languages.tar.gz
(Optional) If the MySQL server is not running, start it now:
sudo systemctl start mariadb
In a web browser, type the URL of your phpMyAdmin installation. This URL is the public DNS address (or the public IP address) of your instance followed by a forward slash and the name of your installation directory. For example: http://my.public.dns.amazonaws.com/my-unique-phpMyAdmin
You should see the phpMyAdmin login page:
Log in to your phpMyAdmin installation with dedicated user name and the MySQL user password you created earlier.
Conclusion
You should now have phpMyAdmin configured and ready to use on your Amazon Linux 2023 server. Using this interface, you can create databases, users, and tables, as well as perform the usual operations like deleting and modifying structures and data.
In this tutorial I will deploy a WordPress application into an Elastic Compute Cloud (EC2) instance running on Amazon Linux 2023 and serve the website files over the internet.
4. Unzip and unarchive the installation package. The installation folder is unzipped to a folder called wordpress.
sudo tar -xzf latest.tar.gz
5. Prepare for database interaction
Verify that the database server is running
sudo systemctl status mariadb
If the database service is not running, start it.
sudo systemctl start mariadb
Verify that your Apache web server (httpd) is running.
sudo systemctl status httpd
If the httpd service is not running, start it
sudo systemctl start httpd
6. Create a database user and database for your WordPress installation.
Log into the database server as root user. Enter your database root password when prompted; this may be different than your root system password, or it might even be empty if you have not secured your database server.
sudo mysql -u root -p
Create a user and password for your MySQL database. Your WordPress installation uses these values to communicate with your MySQL database. Enter the following command, substituting a unique user name and password.
CREATE USER 'wordpress-user'@'localhost' IDENTIFIED BY 'mY-very-907#@pass_1';
Make sure that you create a strong password for your user. Do not use the single quote character ( ‘ ) in your password, because this will break the preceding command.
Create your database. Give your database a descriptive, meaningful name, such as wordpress-db.
Note
The punctuation marks surrounding the database name in the command below are called backticks. The backtick (`) key is usually located above the Tab key on a standard keyboard. Backticks are not always required, but they allow you to use otherwise illegal characters, such as hyphens, in database names.
CREATE DATABASE `wordpress-db`;
Grant full privileges for your database to the WordPress user that you created earlier.
GRANT ALL PRIVILEGES ON `wordpress-db`.* TO "wordpress-user"@"localhost";
Flush the database privileges to pick up all of your changes.
FLUSH PRIVILEGES;
SHOW DATABASES;
Exit the mysql client.
exit
7. Create and edit the wp-config.php file
Go to the wordpress directory.
cd www/var/html/wordpress
Copy the wp-config-sample.php file to a file called wp-config.php.
cp wp-config-sample.php wp-config.php
Edit the wp-config.php file and enter values for your installation.
sudo nano wp-config.php
Find the line that defines DB_NAME and change database_name_here to the database name that you created
define('DB_NAME', 'wordpress-db');
Find the line that defines DB_USER and change username_here to the database user that you created
define('DB_USER', 'wordpress-user');
Find the line that defines DB_PASSWORD and change password_here to the strong password that you created in Step vi) To create a database user and database for your WordPress installation.
define('DB_PASSWORD', 'mY-very-907#@pass_1');
Find the section called Authentication Unique Keys and Salts. These KEY and SALT values provide a layer of encryption to the browser cookies that WordPress users store on their local machines. Basically, adding long, random values here makes your site more secure. Visit https://api.wordpress.org/secret-key/1.1/salt/ to randomly generate a set of key values that you can copy and paste into your wp-config.php file.
Save updated wp-config.php file save and exit your text editor.
8. Install your WordPress files under the Apache document root
Now that you’ve unzipped the installation folder, created a MySQL database and user, and customized the WordPress configuration file, you are ready to copy your installation files to your web server document root so you can run the installation script that completes your installation.
For WordPress to run at your document root, copy the contents of the wordpress installation directory (but not the directory itself) as follows:
sudo mv * ..
Let’s move on to the apache document root directory
cd ..
Let’s confirm that our WordPress files are in the apache document root directory
ls
Delete emptied wordpress directory and latest.tar.gz file
sudo rm latest.tar.gz
sudo rm wordpress -r
Important
For security purposes, if you are not moving on to the next procedure immediately, stop the Apache web server (httpd) now. After you move your installation under the Apache document root, the WordPress installation script is unprotected and an attacker could gain access to your blog if the Apache web server were running. To stop the Apache web server, enter the command sudo service httpd stop. If you are moving on to the next procedure, you do not need to stop the Apache web server.
9. Allow WordPress to use permalinks
WordPress permalinks need to use Apache .htaccess files to work properly, but this is not enabled by default on Amazon Linux. Use this procedure to allow all overrides in the Apache document root.
Open the httpd.conf file with your favorite text editor (such as nano or vim).
sudo nano /etc/httpd/conf/httpd.conf
Find the section that starts with <Directory “/var/www/html”>.
<Directory "/var/www/html">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Require all granted
</Directory>
Change the AllowOverride None line in the above section to read AllowOverride All.
Note
There are multiple AllowOverride lines in this file; be sure you change the line in the <Directory “/var/www/html”> section.
AllowOverride All
Save the file and exit your text editor.
10. Install the PHP graphics drawing library on Amazon Linux 2023
The GD library for PHP enables you to modify images.
sudo dnf install php-gd
Restart the Apache web server to pick up the new changes.
sudo systemctl restart httpd
11. Install WordPress.
Use the systemctl command to ensure that the httpd and database services start at every system boot.
Verify that your Apache web server (httpd) is running.
sudo systemctl status httpd
If the httpd service is not running, start it.
sudo systemctl start httpd
In a web browser, type the URL of your WordPress blog. You should see the WordPress installation script. Provide the information required by the WordPress installation. Choose Install WordPress to complete the installation. Login and test your WordPress blog.
WordPress Login PageWelcome to WordPressMaking a postMaking a postMaking a postMaking a postInstances Services on AWS
Next steps
After you have tested your WordPress installation, consider updating its configuration. For example, you can register a custom domain name for it, you can configure your blog to use different themes and plugins to offer a more personalised experience for your users.
If you are interested in learning how to develop WordPress websites then see the how on the following link on my website.
YouTube video illustration of how to deploy website to EC2 on AWS
In this tutorial I will clone the codebase of a pre-built website from GitHub into an Elastic Compute Cloud (EC2) instance and serve the website files over the internet.
This tutorial builds on a previous tutorial: How to setup an Amazon Elastic Compute Cloud instance and install Linux, Apache, MariaDB and PHP (LAMP Stack) on Amazon Linux 2023.
You should see the website home page. Make sure that you don’t use the https protocol specifier because HTTPS is not configured.
END.
What we accomplished in this tutorial
i) We cloned a website code from GitHub into a compute engine virtual machine on Google Cloud Platform (GCP);
ii) We viewed a web page from the virtual machine from a browser over the internet.
NB: With the skills you learned in this blog and accompanying video you have skills to clone code from a repository into a compute engine virtual machine.
If you have comments or corrections about this blog post please write them in the comments section below and I will respond. Thank you.
YouTube video demonstration of how to set up an EC2 instance and install LAMP stack on Amazon Linux 2023
Introduction
A “LAMP” stack is a group of open source software that is typically installed together in order to enable a server to host dynamic websites and web applications written in PHP. The term is an acronym which represents the Linux operating system, Apache web server, MySQL database and PHP.
This guide will show you how to set up an Amazon Elastic Compute Cloud (EC2) instance and install LAMP stack on an Amazon Linux 2023 server. It will also show you how to store data in a MariaDB relational database, retrieve the data and serve it on a web page.
Prerequisites
In order to complete this tutorial, you will need to have an Amazon Web Services (AWS) account.
Step 1 – Set up: Create a key pair
Open the Amazon EC2 console
In the navigation pane, choose Key Pairs.
Choose Create key pair.
For Name, enter a descriptive name for the key pair. Eg tutorial-ec2-key-pair
For Key pair type, choose RSA.
For Private key file format, choose the format in which to save the private key. E.g. choose .pem, a format that can be used with OpenSSH.
Choose Create key pair.
The private key file is automatically downloaded by your browser. Save the private key file in a safe place. (This is the only chance for you to save the private key file.)
If you plan to use an SSH client on a macOS or Linux computer to connect to your Linux instance, use the following command to set the permissions of your private key file so that only you can read it.
chmod 400 key-pair-name.pem
If you do not set these permissions, then you cannot connect to your instance using this key pair.
Step 2 – Create a security group
Security groups act as a firewall for associated instances, controlling both inbound and outbound traffic at the instance level. You must add rules to a security group that enable you to connect to your instance from your IP address using SSH. You can also add rules that allow inbound and outbound HTTP and HTTPS access from anywhere.
ii) From the top navigation bar, select an AWS Region for the security group. Security groups are specific to a Region, so you should select the same Region in which you created your key pair.
iii) In the left navigation pane, choose Security Groups.
iv) Choose Create security group.
v) For Basic details, do the following:
Enter a name for the new security group and a description. Use a name that is easy for you to remember, such as your user name, followed by _SG_, plus the Region name. For example, tutorial-ec2-access_SG_stockholm.
In the VPC list, select your default VPC for the Region.
vi) For Inbound rules, create rules that allow specific traffic to reach your instance. For example, use the following rules for a web server that accepts HTTP and HTTPS traffic.
Choose Add rule. For Type, choose HTTP. For Source, choose Anywhere.
Choose Add rule. For Type, choose HTTPS. For Source, choose Anywhere.
Choose Add rule. For Type, choose SSH. For Source, choose Anywhere. (For security reasons this is not recommended for production environment).
Click Create security group.
vii) For Outbound rules, keep the default rule, which allows all outbound traffic.
Step 3 – Launch an EC2 instance
To launch an instance
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
From the EC2 console dashboard, in the Launch instance box, choose Launch instance, and then choose Launch instance from the options that appear.
Under Name and tags, for Name, enter a descriptive name for your instance. E.g. lamp-tutorial-web-server
Under Application and OS Images (Amazon Machine Image), do the following:
Choose Quick Start, and then choose Amazon Linux. This is the operating system (OS) for your instance.
From Amazon Machine Image (AMI), select an HVM version of Amazon Linux 2. Notice that these AMIs are marked Free tier eligible. An Amazon Machine Image (AMI) is a basic configuration that serves as a template for your instance.
Under Instance type, from the Instance type list, you can select the hardware configuration for your instance. Choose the t2.micro instance type, which is selected by default. The t2.micro instance type is eligible for the free tier. In Regions where t2.micro is unavailable, you can use a t3.micro instance under the free tier.
Under Key pair (login), for Key pair name, choose the key pair that you created when getting set up. (e.g tutorial-ec2-key-pair)
Warning
Do not choose Proceed without a key pair (Not recommended). If you launch your instance without a key pair, then you can’t connect to it.
Next to Network settings, choose Edit. For Security group name, you’ll see that the wizard created and selected a security group for you. You can use this security group, or alternatively you can select the security group that you created when getting set up using the following steps:
Choose Select existing security group.
From Common security groups, choose your security group from the list of existing security groups. (e.g. tutorial-ec2-access_SG_stockholm)
Keep the default selections for the other configuration settings for your instance.
Review a summary of your instance configuration in the Summary panel, and when you’re ready, choose Launch instance.
A confirmation page lets you know that your instance is launching. Choose View all instances to close the confirmation page and return to the console.
On the Instances screen, you can view the status of the launch. It takes a short time for an instance to launch. When you launch an instance, its initial state is pending. After the instance starts, its state changes to running and it receives a public DNS name. If the Public IPv4 DNS column is hidden, choose the settings icon ( Settings icon. ) in the top-right corner, toggle on Public IPv4 DNS, and choose Confirm.
It can take a few minutes for the instance to be ready for you to connect to it. Check that your instance has passed its status checks; you can view this information in the Status check column.
Step 4 – Install LAMP on Amazon Linux 2023 instance
Connect to your instance. There are several ways to connect to your instance. I will connect from my computer using SSH
From the instances page, click the Instance ID of your instance (lamp-tutorial-web-server).
Click Connect button.
Click SSH client tab.
Open an SSH client on your computer
Run the following command: chmod 400 your-key-pair-name (tutorial-ec2-key-pair.pem)
Connect to your instance using its Public DNS: Eg. ssh -i “your-key-pair-name.pem” ec2-user@ec2-ip-address-region.compute.amazonaws.com
Enter yes if asked: Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Perform a quick software update on your instance:
sudo dnf update -y
Install the latest versions of Apache web server and PHP packages for Amazon Linux 2023:
4. Install the MariaDB software packages. Use the dnf install command to install multiple software packages and all related dependencies at the same time:
sudo dnf install mariadb105-server
Type y when prompted to install the MariaDB server
You can view the current versions of these packages using the following command: sudo dnf info package_name
Start the Apache web server:
sudo systemctl start httpd
Use the systemctl command to configure the Apache web server to start at each system boot:
sudo systemctl enable httpd
You can verify that httpd is on by running the following command:
sudo systemctl is-enabled httpd
NOTE: There should be a security rule to allow inbound HTTP (port 80) connections as part of set up steps. Verify.
Test your web server. In a web browser, type the public DNS address (or the public IP address) of your instance. If there is no content in /var/www/html, you should see the Apache test page, which will display the message “It works!”.
To allow the ec2-user account to manipulate files in the Apache document root directory (/var/www/html), you must modify the ownership and permissions of the directory. In this tutorial, I will add ec2-user to the apache group to give the apache group ownership of the /var/www directory and assign write permissions to the group.
To set file permissions
Add your user (in this case, ec2-user) to the apache group:
sudo usermod -a -G apache ec2-user
Log out and then log back in again to pick up the new group, and then verify your membership.
Log out (use the exit command or close the terminal window): exit
To verify your membership in the apache group, reconnect to your instance, and then run the following command:
groups
Output: ec2-user adm wheel apache systemd-journal
Change the group ownership of /var/www and its contents to the apache group:
sudo chown -R ec2-user:apache /var/www
To add group write permissions and to set the group ID on future subdirectories, change the directory permissions of /var/www and its subdirectories:
To add group write permissions, recursively change the file permissions of /var/www and its subdirectories:
find /var/www -type f -exec sudo chmod 0664 {} \;
Now, ec2-user (and any future members of the apache group) can add, delete, and edit files in the Apache document root, enabling you to add content, such as a static website or a PHP application.
NOTE: If you get a “Permission denied” error when trying to run this command, try logging out and logging back in again to pick up the proper group permissions that you configured in To set file permissions.
In a web browser, type the URL of the file that you just created. This URL is the public DNS address of your instance followed by a forward slash and the file name. For example: http://my.public.dns.amazonaws.com/phpinfo.php
You should see the PHP information page:
Delete the phpinfo.php file. Although this can be useful information, it should not be broadcast to the internet for security reasons.
rm /var/www/html/phpinfo.php
You should now have a fully functional LAMP web server. If you add content to the Apache document root at /var/www/html, you should be able to view that content at the public DNS address for your instance.
Step 6: Secure the database server
The default installation of the MariaDB server has several features that are great for testing and development, but they should be disabled or removed for production servers. The mysql_secure_installation command walks you through the process of setting a root password and removing the insecure features from your installation.
To secure the MariaDB server
Start the MariaDB server:
sudo systemctl start mariadb
Run mysql_secure_installation.
sudo mysql_secure_installation
i) When prompted to type the current root password: By default, the root account does not have a password set. Press Enter.
ii) Type Y when prompted Switch to unix_socket authentication [Y/n]
iii) Type Y when prompted Change the root password? to set a password, and type a secure password twice. Make sure to store this password in a safe place.
Setting a root password for MariaDB is only the most basic measure for securing your database. When you build or install a database-driven application, you typically create a database service user for that application and avoid using the root account for anything but database administration.
iii) Type Y to remove the anonymous user accounts.
iv) Type Y to disable the remote root login.
v) Type Y to remove the test database.
vi) Type Y to reload the privilege tables and save your changes.
(Optional) To get the MariaDB server to start at every boot, type the following command:
sudo systemctl enable mariadb
Step 7 – Testing Database Connection from PHP
i) Login to MariDB server and enter password when prompted.
sudo mysql -u root -p
ii) Create a database named sample_database.
CREATE DATABASE sample_database;
iii) Create a user in the database.
CREATE USER 'sample_user'@'%' IDENTIFIED BY 'User@789dynamic!';
iv) Grant permissions on sample_database to sample_user.
GRANT ALL ON sample_database.* TO 'sample_user'@'%';
INSERT INTO sample_database.todo_list (content) VALUES ("My first important item");
INSERT INTO sample_database.todo_list (content) VALUES ("My second important item");
INSERT INTO sample_database.todo_list (content) VALUES ("My third important item");
vii) Let’s query the database.
select * from sample_database.todo_list;
viii) Exit MariaDB.
exit;
viii) Change to the web server document root directory:
cd /var/www/html
Enter the following command to create my-sample-data.php script:
sudo nano my-sample-data.php
Copy and paste the following in the my-sample-data.php page
YouTube illustration of how to configure and host a website on AWS with Simple Storage Service
I think every developer (or professional) should have a domain name and website – they are the foundation of your personal brand and your method to communicate with potential employers.
You can use your personal website to showcase your skills and portfolio of projects you have worked on. Amazon Simple Storage Service (Amazon S3) offers you a quick, easy and inexpensive way to host your static website.
What you’ll learn
How to create an Amazon S3 bucket and configure it to serve your website files
How to upload and set permissions on the static files for your website
How to configure CloudFront to distribute your website
How to access and test your website.
Prerequisite
You need an Amazon Web Service (AWS) Account.
Steps.
Log in to the console and Create an S3 Bucket.
Create bucket and name it mycomputershop-com. Allow public access to the bucket
Once the status of your distribution changes from “In Progress” to “Deployed”, copy the endpoint URL for your CloudFront distribution found in the “Domain Name” column.
Access the bucket object via its S3 object URL, such as https://<bucket-name>.s3.amazonaws.com/index.html
In practice you register a domain name, e.g mycomputershop.com and point the A records for the domain name to the static website CloudFront distribution Domain Name.
And so that is it. We have deployed a website to Amazon S3. It is easy so go try it.
If you have any questions, drop them and I will be happy to answer you. Thank you.
YouTube illustration of how to configure and host a static website on Google Cloud Storage
I think every developer (or professional) should have a domain name and website – they are the foundation of your personal brand and your method to communicate with potential employers.
You can use your personal website to showcase your skills and portfolio of projects you have worked on. Google Cloud Storage (GCS) offers you a quick, easy and inexpensive way to host your static website.
What you’ll learn
How to create a Cloud Storage bucket and configure it to serve your website files
How to upload and set permissions on the static files for your website
How to test your website.
Prerequisite
You need a Google Account.
Create a Cloud Storage Bucket
In the Cloud Console, in the left-hand menu, scroll down to the STORAGE category, hover over Cloud Storage and click on Buckets.
Click on Create Bucket
Complete the following fields:
Name of bucket: mycomputershop-com (choose a unique name)
(NOTE: When you are ready to host an actual website in a bucket you name the bucket your unique domain name which you will confirm with Google Cloud that you own. See: domain-name-verification.)
Click Continue
Choose where to store your data:
Choose a default storage class for your data: Set a default class, Select Standard and click Continue
Choose how to control access to objects: Set the bucket permissions for the whole bucket and its content the same. Under Access control, Select Uniform and click Continue
Click create.
A pop up – Public access will be prevented with Enforce public access prevention on this bucket pre-selected. Click Confirm.
Unzip. Test on local. Upload files and folders to GCS.
Set access permissions: You can either make all files in your bucket publicly accessible or set individual objects to be accessible through your website. Generally, making all files in your bucket accessible is easier and faster.
Bucket-level access permissions. Apply access permissions to the entire bucket as a whole. That is safer and, given that it is a static website, all of the contents likely need to be readable for the site to load properly.
Click the Bucket details, then click Permissions.
Under Public access, click the dropdown arrow and click Remove Public Access Prevention. A confirmation pop-up appears. Click Confirm.
With Permissions still selected, find the ADD PRINCIPAL button and click it
In the New principles field, type and select allUsers.
In Assign Roles, in Select a role field, type and select Storage Object Viewer
Click SAVE. Accept ALLOW PUBLIC ACCESS
Verify that you see the following:
Edit website configuration
Now, the last step is to assign an index page suffix, which is controlled by the MainPageSuffix property, and a custom error page, which is controlled by the NotFoundPage property. Assigning either is optional, but without an index page, nothing is served when users access your top-level site.
To the far right of the static site bucket row, click the three dots and select Edit website configuration
In the Index (main) page suffix field type: index.html
In the Error (404 not found) page field type: error.html
Click SAVE
Test your website
Click on static bucket name to see bucket details.
To the far-right of the index.html row, click the three dots, click ‘Copy public URL’
Now, open a browser and paste the public URL:
Delete the Google Cloud resources you used in this exercise to save cost.
Video tutorial of How to Install and Secure phpMyAdmin on Ubuntu 22.04
Introduction
While many users need the functionality of a database management system like MySQL, they may not feel comfortable interacting with the system solely from the MySQL prompt.
phpMyAdmin was created so that users can interact with MySQL through a web interface. In this guide, I will show you how to install and secure phpMyAdmin so that you can safely use it to manage your databases on an Ubuntu 22.04 system.
6. Include the phpMyAdmin configuration in your apache2.conf file by adding the following line:
Include /etc/phpmyadmin/apache.conf
In apache2.conf
sudo nano /etc/apache2/apache2.conf
7. Explicitly enable mbstring PHP extension by typing:
sudo phpenmod mbstring
8. Restart Apache:
sudo systemctl restart apache2
Test phpMyAdmin
Browse to phpMyAdmin:
http://[YOUR_EXTERNAL_IP_ADDRESS]/phpmyadmin
phpMyAdmin welcome screen
You should see the phpMyAdmin login page.
Log in by using the phpmyadmin username and the password that you created when you installed phpMyAdmin.
phpMyAdmin screen
Configuring Password Access for a Dedicated MySQL User
Alternatively, some may find that it better suits their workflow to connect to phpMyAdmin with a dedicated user. To do this, open up the MySQL shell once again:
sudo mysql
If you have password authentication enabled for your root user, as described in the previous section, you will need to run the following command and enter your password when prompted in order to connect:
mysql -u root -p
From there, create a new user and give it a strong password:
CREATE USER ‘vincent’@’localhost’ IDENTIFIED BY ‘User@789dynamic!’;
Then, grant your new user appropriate privileges. For example, you could grant the user privileges to all tables within the database, as well as the power to add, change, and remove user privileges, with this command:
GRANT ALL PRIVILEGES ON *.* TO ‘vincent’@’localhost’ WITH GRANT OPTION;
Following that, exit the MySQL shell:
exit
Secure phpMyAdmin
To prevent unauthorized access to your instance, take steps to secure your phpMyAdmin installation, such as by serving phpMyAdmin only over HTTPS or using an authentication proxy.
Step 3 — Securing Your phpMyAdmin Instance
Because of its ubiquity, phpMyAdmin is a popular target for attackers, and you should take extra care to prevent unauthorized access. One way of doing this is to place a gateway in front of the entire application by using Apache’s built-in .htaccess authentication and authorization functionalities.
To do this, you must first enable the use of .htaccess file overrides by editing your phpMyAdmin installation’s Apache configuration file.
Use your preferred text editor to edit the phpmyadmin.conf file that has been placed in your Apache configuration directory. Here, we’ll use nano:
sudo nano /etc/phpmyadmin/apache.conf
Add an AllowOverride All directive within the <Directory /usr/share/phpmyadmin> section of the configuration file, like this:
When you have added this line, save and close the file. If you used nano to edit the file, do so by pressing CTRL + X, Y, and then ENTER.
To implement the changes you made, restart Apache:
sudo systemctl restart apache2
Now that you have enabled the use of .htaccess files for your application, you need to create one to actually implement some security.
In order for this to be successful, the file must be created within the application directory. You can create the necessary file and open it in your text editor with root privileges by typing:
sudo nano /usr/share/phpmyadmin/.htaccess
Within this file, enter the following information:
AuthType Basic: This line specifies the authentication type that you are implementing. This type will implement password authentication using a password file.
AuthName: This sets the message for the authentication dialog box. You should keep this generic so that unauthorized users won’t gain any information about what is being protected.
AuthUserFile: This sets the location of the password file that will be used for authentication. This should be outside of the directories that are being served. We will create this file shortly.
Require valid-user: This specifies that only authenticated users should be given access to this resource. This is what actually stops unauthorized users from entering.
When you are finished, save and close the file.
The location that you selected for your password file was /etc/phpmyadmin/.htpasswd. You can now create this file and pass it an initial user with the htpasswd utility:
You will be prompted to select and confirm a password for the user you are creating. Afterwards, the file is created with the hashed password that you entered.
Then restart Apache to put .htaccess authentication into effect:
sudo systemctl restart apache2
Now, when you access your phpMyAdmin subdirectory, you will be prompted for the additional account name and password that you just configured:
After entering the Apache authentication, you’ll be taken to the regular phpMyAdmin authentication page to enter your MySQL credentials. By adding an extra set of non-MySQL credentials, you’re providing your database with an additional layer of security. This is desirable, since phpMyAdmin has been vulnerable to security threats in the past.
Conclusion
You should now have phpMyAdmin configured and ready to use on your Ubuntu 22.04 server. Using this interface, you can create databases, users, and tables, as well as perform the usual operations like deleting and modifying structures and data.
