Index > Knowledge Base > Apache & PHP on Ubuntu

Contents
enable ssl mode and mcrypt
force ssl for phpmyadmin & increase session timeout
setup ldap authentication
php script for ldap/active directory authentication

Enable ssl mode and mcrypt mode

enable ssl mode

sudo a2enmod ssl

enable ssl mode for default virtual host

sudo a2ensite default-ssl

enable mcrypt extension for php5

sudo php5enmod mcrypt

restart the service for changes to take effect

sudo service apache2 restart

That is it. Enjoy secure browsing on port 443
Go Up

force ssl and increase timeout

increase the session.gc_maxlifetime value

sed -i 's/session.gc_maxlifetime = 1440/session.gc_maxlifetime = 7200/g' /etc/php5/apache2/php.ini

for Ubuntu 16 the php directory has been changed so

sed -i 's/session.gc_maxlifetime = 1440/session.gc_maxlifetime = 7200/g' /etc/php/7.0/apache2/php.ini

edit the config file

nano /etc/phpmyadmin/config.inc.php

now paste the following at the end of the config file

$cfg['ForceSSL'] = true; 
$cfg['LoginCookieValidity'] = 7200;

now restart the apache service and you are all done

/etc/init.d/apache2 restart

Go Up

LDAP/AD Authentication

install packages

apt-get install php5-ldap

enable ldap module

a2enmod authnz_ldap

setup secure directory

cat << EOT >> /etc/apache2/apache2.conf

# ldap auth

        AuthName "AD authentication"
        AuthBasicProvider ldap
        AuthType Basic
        AuthLDAPGroupAttribute member
        AuthLDAPGroupAttributeIsDN On
        AuthLDAPURL ldap://dc1.domain.com:3268/ou=users,dc=domain,dc=com?sAMAccountName?sub?(objectClass=*)
        AuthLDAPBindDN cn=username,dc=domain,dc=com
        AuthLDAPBindPassword Scc0untA123
        require ldap-group cn=wacs,ou=groups,dc=home,dc=nt

EOT

now edit the apache2.conf configuration file and adjust the values of domain accordingly

nano /etc/apache2/apache2.conf

save and exit our of /etc/apache2/apache2.conf
restart the service

service apache2 restart

And you are done. Enjoy !
Go Up

PHP script for ldap/active directory

 1)
                break;
            echo "You are accessing  ". $info[$i]["sn"][0] .", " . $info[$i]["givenname"][0] ."
 (" . $info[$i]["samaccountname"][0] .")\n";
            echo '';
            var_dump($info);
            echo '';
            $userDn = $info[$i]["distinguishedname"][0]; 
        }
        @ldap_close($ldap);
    } 
    else 
    {
        $msg = "Invalid email address / password";
        echo $msg;
    }

}
else
{
?>
    
        Username:  
        Password:

Go Up
Increase php upload size

sed -i 's/memory_limit = 128/memory_limit = 200/g' /etc/php/7.0/apache2/php.ini
sed -i 's/post_max_size = 128/post_max_size = 200/g' /etc/php/7.0/apache2/php.ini
sed -i 's/upload_max_filesize = 2/upload_max_filesize = 200/g' /etc/php/7.0/apache2/php.ini