Installing Apache2, PHP, phpMyAdmin and ModSecurity on Debian 13

A forum dedicated to web hosting and server administration, including VPS and dedicated servers, Linux systems, Apache, Nginx, databases, DNS server, performance tuning, monitoring, backups, and infrastructure management.
Forum rules
Post Reply
Admin
Site Admin
Posts: 77
Joined: Fri Feb 27, 2026 7:36 am
Contact:
Contact Admin

Installing Apache2, PHP, phpMyAdmin and ModSecurity on Debian 13

Post by Admin »

Installing Apache2, PHP, phpMyAdmin and ModSecurity on Debian 13

This guide shows how to install a complete web server stack on Debian 13, including:
  • Apache2 (Web Server)
  • PHP (Backend language)
  • phpMyAdmin (Database management)
  • ModSecurity (Web Application Firewall)

1. Update the System

Code: Select all

apt update && apt upgrade -y

2. Install Apache2

Code: Select all

apt install apache2 -y
Start and enable Apache:

Code: Select all

systemctl enable apache2
systemctl start apache2
Check status:

Code: Select all

systemctl status apache2
Test in browser:
http://your-server-ip


3. Install PHP

Debian 13 typically ships with PHP 8.4+

Code: Select all

apt install php php-cli php-fpm php-mysql php-curl php-gd php-xml php-mbstring php-zip php-intl -y
Enable PHP in Apache:

Code: Select all

a2enmod proxy_fcgi setenvif
a2enconf php*-fpm
systemctl reload apache2
Test PHP:

Code: Select all

echo "<?php phpinfo(); ?>" > /var/www/html/info.php
Open:
http://your-server-ip/info.php


4. Install MariaDB (Database)

Code: Select all

apt install mariadb-server -y
Secure installation:

Code: Select all

mysql_secure_installation
5. Install phpMyAdmin

Code: Select all

apt install phpmyadmin -y
During installation:
  • Select Apache2
  • Choose "Yes" for dbconfig-common
Enable phpMyAdmin manually if needed:

Code: Select all

ln -s /usr/share/phpmyadmin /var/www/html/phpmyadmin
Access in browser:
http://your-server-ip/phpmyadmin

6. Install ModSecurity (WAF)

Code: Select all

apt install libapache2-mod-security2 -y
Enable module:

Code: Select all

a2enmod security2
systemctl restart apache2
Check status:

Code: Select all

apache2ctl -M | grep security
7. Enable OWASP Core Rule Set

Install rules:

Code: Select all

apt install modsecurity-crs -y
Copy config:

Code: Select all

cp /usr/share/modsecurity-crs/crs-setup.conf.example /etc/modsecurity/crs/crs-setup.conf
Edit main config:

Code: Select all

nano /etc/modsecurity/modsecurity.conf
Change:

Code: Select all

SecRuleEngine DetectionOnly
to:

Code: Select all

SecRuleEngine On
Restart Apache:

Code: Select all

systemctl restart apache2
8. Recommended Security Settings

Edit Apache config:

Code: Select all

nano /etc/apache2/conf-available/security.conf
Set:

Code: Select all

ServerTokens Prod
ServerSignature Off
Enable headers module:

Code: Select all

a2enmod headers
Add security headers:

Code: Select all

Header always set X-Frame-Options "DENY"
Header always set X-Content-Type-Options "nosniff"
Header always set X-XSS-Protection "1; mode=block"
Reload Apache:

Code: Select all

systemctl reload apache2

9. Firewall (Optional but Recommended)

If using UFW:

Code: Select all

ufw allow OpenSSH
ufw allow 80/tcp
ufw allow 443/tcp
ufw enable

10. Final Check
  • Apache running
  • PHP working (info.php test)
  • MariaDB secured
  • phpMyAdmin accessible
  • ModSecurity active

Conclusion

You now have a fully functional and secured LAMP stack on Debian 13 with:
  • Apache2 as web server
  • PHP for dynamic content
  • MariaDB database
  • phpMyAdmin for easy management
  • ModSecurity as Web Application Firewall
This setup is suitable for production environments, especially when combined with HTTPS (Let's Encrypt) and proper firewall rules.
Top
Post Reply

Return to “Hosting & Servers”