découvrez comment installer et configurer un serveur web sur debian 13 avec ce guide complet dédié à la stack lamp (linux, apache, mariadb, php). suivez chaque étape pour héberger vos sites efficacement et en toute sécurité.

Setting up a web server on Debian 13: Complete guide to the LAMP stack (Linux, Apache, MariaDB, PHP

by

Installing Apache on Debian 13: Basics and Initial Configuration

Apache remains one of the most robust and widespread web servers in the Linux world, and Debian 13 includes a stable version optimized for today’s production environments. To set up a reliable web server on Debian 13, installing Apache is the essential first step. This open-source HTTP server offers great flexibility, is well-documented, and benefits from an active support community.

The first action is to update the package repositories to ensure you install the latest maintained version of Apache. This is done with the command `sudo apt-get update`, which synchronizes the local package cache.

Next, the command `sudo apt-get install -y apache2` installs Apache 2.4.x, the default version on Debian 13, known for its stability and performance improvements, particularly in module management and security. After installation, ensuring that Apache starts automatically when the system boots is crucial. The command `sudo systemctl enable apache2` guarantees this behavior without requiring manual intervention at each reboot. Once installed, you can test that Apache is working by accessing the local homepage via the server’s IP address. This IP address is retrieved using the command `ip address`. Then, navigating to `http://server-ip-address` will display the standard Apache page, confirming that the server is active. To optimize Apache, essential modules must be enabled. For example, `mod_rewrite` is used for URL rewriting, which is essential in most modern CMSs and frameworks. The command `sudo a2enmod rewrite` enables this module. Other recommended modules include: `deflate` for HTTP compression (gzip), which significantly increases page load speed, and `headers`. which allows for fine-grained management of HTTP headers, leading to improvements in security and SEO.

SSL is necessary for securing connections via HTTPS through the use of SSL/TLS certificates.Configuring Apache involves manipulating the main files, usually located in /etc/apache2/. The

apache2.conf file contains the global configuration. The configuration for hosted websites is located in two directories: sites-available to declare virtual hosts, and sites-enabled

  • to activate these configurations via symbolic links.
  • Virtual Hosts allow you to manage multiple domains or subdomains independently on the same Apache server. By default, the web root is in
  • /var/www/html , but this path can be easily modified in the Virtual Host configuration. Finally, to enhance security and manage protected access, the

apache2-utils package includes thehtpasswd tool which allows you to implement basic HTTP authentication. This initial step of installing and configuring Apache is therefore essential to ensure a solid foundation for any LAMP stack on Debian 13, ready to host high-performance and secure web applications. To delve deeper, reading a specialized tutorial on configuring Virtual Hosts is highly recommended, especially if you want to host multiple websites independently. Integration and configuration of PHP for dynamic applications on Debian 13 PHP plays a fundamental role in the LAMP stack, as it enables the execution of dynamic scripts on the server side, transforming a simple web server into a platform capable of managing complex applications like WordPress, Nextcloud, or Joomla. On Debian 13, PHP is installed in conjunction with Apache using the libapache2-mod-php module.

To install PHP, use the command: sudo apt-get install -y php It will automatically retrieve the recommended version and its dependencies, including the module for interfacing with Apache. In 2025, Debian 13 includes PHP version 8.1, which benefits from significant improvements in performance, security, and support for the latest development practices. Beyond native PHP, it is essential to install additional extensions to cover common use cases:

php-mysql to connect PHP to MariaDB or MySQL, php-zip for manipulating archives, php-gd

which enables image processing, useful in many web applications,

php-mbstring

for handling multibyte strings, particularly for international languages, php-curlfor external communication via HTTP,

php-xml for interpreting XML streams, often used in data exchange.

A good practice is to check the installed PHP version with `php -v` and test its integration with Apache by creating a `phpinfo.php` file in the web server’s root directory. This file contains the `phpinfo()` function, which displays all active configurations and modules, providing a comprehensive diagnostic for the developer or system administrator.

  • It is important to remove or secure this file after verification, as it exposes a lot of sensitive information that could help a potential attacker.
  • Finally, PHP management doesn’t end with installation. The `php.ini` file, usually located in `/etc/php/8.1/apache2/`, allows for fine-tuning the configuration: memory limits, execution time, error handling, and extension settings. The compatibility of current applications in 2025 often requires careful preparation of the PHP environment, especially for WordPress, which remains one of the most widely deployed platforms on LAMP stacks. To delve deeper into these aspects, a guide on optimizing load speed and securely configuring web servers under Linux proves particularly useful.
  • https://www.youtube.com/watch?v=354IQo8muMg
  • Installing and Securing MariaDB: A High-Performance Open-Source Database The database is the heart of dynamic applications hosted on a LAMP server. MariaDB, an open-source fork of MySQL, is the preferred solution on Debian 13. It offers a full GPL license and robust performance, combined with near-total compatibility with MySQL.
  • To install it, the command `sudo apt-get install -y mariadb-server`
  • is sufficient to retrieve the latest version available in the Debian repositories. After installation, a critical step is securing MariaDB using the built-in tool, `mariadb-secure-installation`. This interactive script guides the user to: Set a strong password for the database root user,

Remove unnecessary anonymous accounts, Prevent remote root connections, Delete the default open test database, and Reload privileges to apply these changes immediately. These measures are essential to reduce the attack surface, especially in a server environment exposed to the internet. To verify that MariaDB is functioning correctly, using the command `sudo mariadb -u root -p` opens an administrator SQL console. From this console, it is possible to create application-specific databases with restricted user privileges to enhance security. Best practices dictate never using the root account for application connections. It is also common to use phpMyAdmin to administer MariaDB via a web interface. This solution simplifies database management for users less familiar with the command line while remaining very powerful. Any modification to the MariaDB configuration or databases may require a restart with `systemctl restart mariadb`. This command is the best practice to ensure that changes are fully applied and the service remains stable. For more in-depth management of Linux servers and troubleshooting common problems, dedicated resources are available to support administrators in maintaining the LAMP stack while ensuring optimal performance.

Enabling HTTPS with Let’s Encrypt and Certbot for Debian 13

In today’s web ecosystem, securing communication between clients and servers via HTTPS has become essential, both for data protection and for SEO. The combination of Let’s Encrypt and Certbot allows you to obtain and renew SSL/TLS certificates automatically on Debian 13, free of charge. The procedure begins with installing Certbot using the command: `sudo apt-get install certbot python3-certbot-apache` Certbot then interacts with Apache to generate a secure certificate, automatically deploy the HTTPS configuration, and manage renewals. The typical command to generate a certificate with automatic activation on Apache is:

`sudo certbot –apache`

Certbot provides a guided interface for selecting the domains to secure, configuring HTTP to HTTPS redirects, and validating domain ownership via a simple ACME challenge. This process relies on modifying Apache configuration files, which can be found in

`/etc/apache2/sites-available/`.

For advanced management, it’s possible to add multiple domains or subdomains to a single certificate. Furthermore, Certbot handles automatic renewal in the background, typically configured via a cron job or systemd timer, thus minimizing the risk of service interruption.

Strengthening security isn’t limited to implementing HTTPS. Implementing secure HTTP headers using Apache’s headers module helps prevent common attacks like XSS, clickjacking, and injections, effectively complementing the SSL certificate installation. A detailed guide to configuring a web server on Linux efficiently also outlines these steps, incorporating tips for production deployments—essential reading for anyone wanting to make a LAMP server a reliable and secure foundation. https://www.youtube.com/watch?v=lGnLVwejSME Advanced Virtual Host Management and Deployment of PHP Applications Like WordPress A LAMP server on Debian 13 is not limited to a simple static website. The power of Apache combined with PHP and MariaDB offers the possibility of hosting multiple independent websites or applications using Virtual Hosts.Each virtual host corresponds to a specific configuration, generally a file in

  • /etc/apache2/sites-available/
  • bearing the name of the website or project. This file specifies the website’s root directory, the domain to listen on, as well as specific directives such as rewrite rules or access rights.
  • Enabling a website is done via the command
  • sudo a2ensite website_name.conf
  • which creates a symbolic link to

sites-enabled , followed by an Apache restart for the changes to take effect. To deploy a common PHP application like WordPress, the typical steps are: Create a dedicated virtual host with its own directory under /var/www/, for example, /var/www/wordpress.

Download and extract the WordPress source code into this directory.

Create a dedicated MariaDB database for WordPress with a specific user account that only has the necessary privileges. Configure the wp-config.php file to use the credentials from this database. Launch the installation process via your browser by accessing the configured domain name.

Identifying such best practices, particularly the separation of access rights at the database level, is crucial for securing a multi-application LAMP server. Using tools such as website load speed optimization can also be very advantageous. For example, gzip compression enabled via Apache’s deflate module, combined with caching mechanisms, significantly speeds up page loading without requiring extensive development work.To facilitate daily management, phpMyAdmin remains essential for manipulating databases without constantly using the command line. This tool is easy to install but requires careful security configuration, particularly to restrict access to internal networks or via VPN.

This advanced mastery of the LAMP stack under Debian 13 paves the way for high-performance, flexible, and secure hosting, perfectly suited to the demands of modern web applications and the diverse needs of Linux users, whether beginners or experienced.