This describes a simple set up of Apache, with MySQL and PHP5.
Thanks to the Debian/Ubuntu developers installation should be as easy as:
apt-get install apache2 php5 mysql-server php5-mysql openssl
(create a MySQL password when prompted)
If the server is running with low memory in a virtual environment (for example a 256MB Slice) it's a good idea to restrict MySQL and Apache memory usage.
Edit /etc/mysql/my.cnf
skip-external-locking skip-locking key_buffer = 16K max_allowed_packet = 1M thread_stack = 64K thread_cache_size = 4 skip-innodb
Edit /etc/apache2/apache2.conf
Timeout 45
MaxKeepAliveRequests 200
KeepAliveTimeout 3
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 30
MaxRequestsPerChild 2000
</IfModule>
For any sensitive information including login prompts, awstats, munin, et cetera.
Turn on the mod_ssl module in apache:
a2enmod ssl
Now generate a secure certificate request (requires a password each time apache is restarted) and self sign the request. If you don't care about security of the key file, issue the first command without the -des3 flag.
Answer the prompts as necessary. Most can be left blank but be sure to specify common name, which should be the full hostname of the server.
openssl genrsa -des3 -out server.key 1024 openssl req -new -key server.key -out server.csr openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt cp server.crt /etc/ssl/certs cp server.key /etc/ssl/private
Add this to your /etc/apache2/sites-enabled/000-default file:
SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key