↑ Return to Products and Services

EC2 CentOS 7.4 LAMP All-In-One SELinux Enforcing

This Amazon Machine Image (AMI) is an EBS backed HVM image of CentOS 7.4 Linux operating system, without the CentOS product codes.  It is pre-installed and configured with Apache, MySQL, and PHP.   SELinux policies are not weakened with custom policies. The server comes up SELinux Enforcing mode and ec2-user with secure context.  Select this AMI in market place, then simply launch the AMI as any other AMI.  Make sure you use a valid SSH key.

To access ‘root’ user on the command-line:

1) As ec2-user, run: sudo setenforce 0

2) Assume root login via sudo – e.g. sudo su -

3) As root, run: setenforce 1 (as soon as possible to reduce vulnerability)

The MariaDB root user is set at first boot.  The password is set to that of the instance id.  If you change the password afterwards, it will retain your new password through subsequent reboots.  Similarly, any newly created AMI from your LAMP server will retain the password of the original server from which the first AMI was booted, either as set on first boot (i.e. the original instance id) or as changed by you.

To verify function of MariaDB AND access MariaDB with the ‘root’ user account:

1) Use the AWS console, or use command-line to determine the instance id.  On command-line as ec2-user, run: IID=`curl -f http://169.254.169.254/latest/meta-data/instance-id`

2) On command-line as ec2-user, run: mysql -uroot -p$IID -h127.0.0.1

NOTE: when changing the ‘root’ user ID, root has access from THREE hosts: localhost, 127.0.0.1 and ::1.  You will want to change it for all 3 hosts if you want root password to be the same from all hosts.

To verify function of the Apache Web server:

1) To make the server available to the Internet, ensure it has a Public IP assigned, and that the security group attached to the server allows inbound access on port 80 from the source IP of the web browser’s client you are using. In a VPC, you may also have to add an Internet Gateway and a Route Table entry with the target as the Internet Gateway.  In this example, if the IP address is 54.123.123.123, enter the URL: http://54.123.123.123  (NOTE: YOUR IP WILL LIKELY BE DIFFERENT)

To verify function of PHP:

1) Using the example IP address and security group from above, enter the URL: http://54/123.123.123/info.php

2) It is recommended that you remove info.php when done so as not to allow unnecessary access to information about your LAMP configuration.  To remove info.php, as ec2-user on command-line, run: sudo rm -f /var/www/html/info.php