Ubuntu LAMP远程访问设置指南
LAMP(Linux + Apache + MySQL + PHP)是常见的Web开发环境,实现远程访问需分别配置Web服务、数据库及网络安全。以下是详细步骤:
首先通过包管理器安装Apache、MySQL、PHP及必要扩展:
sudo apt update && sudo apt upgrade -y # 更新系统
sudo apt install apache2 mysql-server php libapache2-mod-php php-mysql -y # 安装LAMP组件
安装完成后,Apache会自动启动,可通过sudo systemctl status apache2验证状态。
默认情况下,Apache监听所有网络接口(0.0.0.0),但需确保配置文件未限制IP访问:
sudo nano /etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>部分未添加Require local指令(若有则删除),并添加Require all granted允许所有IP访问:<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted # 允许所有IP访问
</Directory>
sudo systemctl restart apache2
MySQL默认仅允许localhost连接,需修改配置并授权用户:
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
bind-address = 127.0.0.1,将其注释掉(#bind-address = 127.0.0.1)或改为0.0.0.0(允许所有IP连接)。sudo systemctl restart mysql
sudo mysql -u root -p
your_user、your_password替换为实际值,%表示允许所有IP):CREATE USER 'your_user'@'%' IDENTIFIED BY 'your_password';
GRANT ALL PRIVILEGES ON *.* TO 'your_user'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
192.168.1.100),将%改为对应IP:GRANT ALL PRIVILEGES ON *.* TO 'your_user'@'192.168.1.100' IDENTIFIED BY 'your_password';
FLUSH PRIVILEGES;
exit。Ubuntu默认使用ufw(Uncomplicated Firewall)管理防火墙,需开放HTTP(80)、HTTPS(443)及SSH(22)端口:
sudo ufw allow 'Apache Full'
sudo ufw allow ssh
sudo ufw enable
sudo ufw status # 应显示“Apache Full”和“SSH”为ALLOW
sudo ufw allow mysql,但建议通过SSH隧道访问以提高安全性。为避免直接暴露MySQL到公网,建议通过SSH隧道加密数据库连接:
your_user、your_server_ip替换为实际值):ssh -L 8080:localhost:80 -L 3307:localhost:3306 your_user@your_server_ip -N
http://localhost:8080;localhost:3307作为主机地址,your_user和your_password作为凭据。sudo apt update && sudo apt upgrade -y保持软件最新;sudo cp /etc/mysql/mysql.conf.d/mysqld.cnf ~/mysqld.cnf.bak);
