30 Things to Do After Minimal RHEL/CentOS 7 Installation

7. Install PHP

PHP is a server-side scripting language for web based services. It is frequently used as general-purpose programming language as well. Install PHP on CentOS Minimal Server as.

# yum install php

After installing php, make sure to restart Apache service to render PHP in Web Browser.

# systemctl restart httpd.service

Next, verify PHP by creating following php script in the Apache document root directory.

# echo -e "<?php\nphpinfo();\n?>"  > /var/www/html/phpinfo.php

Now view the PHP file, we just created (phpinfo.php) in Linux Command Line as below.

# php /var/www/html/phpinfo.php
# links
Verify PHP
Verify PHP

8. Install MariaDB Database

MariaDB is a fork of MySQL. RedHat Enterprise Linux and its derivatives have shifted to MariaDB from MySQL. It is the Primary Database management System. It is again one of those tools which is necessary to have and you will need it sooner or later no matter what kind of server you are setting. Install MariaDB on CentOS Minimal Install server as below.

# yum install mariadb-server mariadb
Install MariaDB Database
Install MariaDB Database

Start and configure MariaDB to start automatically at boot.

# systemctl start mariadb.service
# systemctl enable mariadb.service

Allow service mysql (mariadb) through firewall.

# firewall-cmd --add-service=mysql

Now it’s time to secure MariaDB server.

# /usr/bin/mysql_secure_installation
Secure MariaDB Database
Secure MariaDB Database

Read Also:

  1. Installing LAMP (Linux, Apache, MariaDB, PHP/PhpMyAdmin) in CentOS 7.0
  2. Creating Apache Virtual Hosts in CentOS 7.0

9. Install and Configure SSH Server

SSH stands for Secure Shell which is the default protocol in Linux for remote management. SSH is one of those essential piece of software which comes default with CentOS Minimal Server.

Check Currently Installed SSH version.

# SSH -V
Check SSH Version
Check SSH Version

Use Secure Protocol over the default SSH Protocol and change port number also for extra Security. Edit the SSH configuration file ‘/etc/ssh/sshd_config‘.

Uncomment the line below line or delete 1 from the Protocol string, so the line seems like:

# Protocol 2,1 (Original)
Protocol 2 (Now)

This change force SSH to use Protocol 2 which is considered to be more secure than Protocol 1 and also make sure to change the port number 22 to any in the configuration.

Secure SSH Login
Secure SSH Login

Disable SSH ‘root login‘ and allow to connect to root only after login to normal user account for added additional Security. For this, open and edit configuration file ‘/etc/ssh/sshd_config‘ and change PermitRootLogin yes t PermitRootLogin no.

# PermitRootLogin yes (Original) 
PermitRootLogin no (Now)
Disable SSH Root Login
Disable SSH Root Login

Finally, restart SSH service to reflect new changes..

# systemctl restart sshd.service

Read Also:

  1. 5 Best Practices to Secure and Protect SSH Server
  2. SSH Passwordless Login Using SSH Keygen in 5 Easy Steps
  3. No Password SSH Keys Authentication” with PuTTY

10. Install GCC (GNU Compiler Collection)

GCC stands for GNU Compiler Collection is a compiler system developed by GNU Project that support various programming languages. It is not installed by default in CentOS Minimal Install. To install gcc compiler run the below command.

# yum install gcc
Install GCC in CentOS
Install GCC GNU Compiler

Check the version of installed gcc.

# gcc --version
Check GCC Version
Check GCC Version

11. Install Java

Java is a general purpose class based, object-oriented Programming language. It is not installed by default in CentOS Minimal Server. Install Java from repository as below.

# yum install java
Install Java on CentOS
Install Java

Check version of Java Installed.

# java -version
Check Java Version
Check Java Version

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

A Passionate GNU/Linux Enthusiast and Software Developer with over a decade in the field of Linux and Open Source technologies.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.


Leave a Reply
  1. I followed this guide. Its really helpful. As you said quite extensively about installing apache, databases and others.

    Can you also provide a guide regarding how to upload a site in CentOS after doing all this?

  2. There is a mistake in the SSH section. The config file is NOT ‘ssh-config’. That is meant for the SSH client not the server. The SSH server settings are in ‘sshd-config’. As a noob, it took me a while to figure out why my changes had no effect on the server.

    Otherwise, this has been a great resource for someone like me learning Linux for the first time. Thanks!

  3. One of the commands didn’t work for me, the one related to opening up the httpd port through firewalld. I got a syntax error

    I got a successful execution with the following command, because I did not choose to assign http a funky port, just the standard one (80)

    # firewall-cmd --permanent --zone=public --add-service=http 

    If you want to use a custom port for httpd, use this command, which specifies the port/protocol:

    # firewall-cmd --permanent --zone=public --add-port=2888/tcp 


  4. Thank you for getting this information together, it is very helpful for people not familiar to minimal dekstop-less installations.

  5. Hey, thanks for this list. It was very valuable for me to set up a new CentOS 7 configuration. So far I had only to deal with SLES. Thank you

  6. The articel does only contain nonsense. Why somebody should protect grub when it can be by passed so easy?
    A speedtest cronjob? wtf?

  7. When i change the Listen directive and restart the httpd following error occurs.

    Job for httpd.service failed. See ‘systemctl status httpd.service’ and ‘journalctl -xn’ for details.

    This happen when i tried to change Listen to 3221, 9090 or :9090 .. anything.
    While it works fine for port 80 and 8080

    • Hi Atul. This could be caused by SELinux. Check if it is enabled by running “sestatus“. If it says enabled, you have to ways:

      1. Disable SELinux by running ‘setenforce 0‘;
      2. Add SE rules (using ‘semanage‘ command). In this case you will have SELinux enabled (which is recommended);

  8. Hey, thank you for this list. It has been invaluable for me while setting up a new CentOS 7 configuration. I’m technical but this is easily understandable and readable for anyone.

  9. Hi Guys,

    Cant open my website with elinks. It is saying that I need to enable my javascript. How to do that on centos7 minimal.

  10. Use Secure Protocol over the default SSH Protocol and change port number also for extra Security. Edit the SSH configuration file ‘/etc/ssh/ssh_config‘.

  11. Hi,
    The following
    # firewall-cmd -permanent -add-port=3221/tcp
    should be
    # firewall-cmd –permanent –add-port=3221/tcp

  12. Hi, is anybody help me I am new to CentOS 7, regarding I am unable to enter into root mode.

    After reading point #22, I tried commands, but now i am unable to get into:

    1.sudo mode  
    2.unable to edit visudo
    3.unable to chmod 
    4.unable to chown
    5.unable to get into su-
    6.unable to get into su-

    why this happened it always says even i tried to attempt…

    sudo: >>> /etc/sudoers: syntax error near line 45 <<>> /etc/sudoers: syntax error near line 101 <<<
    sudo: parse error in /etc/sudoers near line 45

    sudo: no valid sudoers sources found, quitting
    sudo: unable to initialize policy plugin

    please help me i am new to cent os 7

    • @Zack,

      Yes, you right, port should be opened to access from the public network over IP Address or Domain, for example:

  13. Hi, Nice post

    would you happen to have solution to install nginx in front of Apache to avoid opening httpd services by apache every time, and saving system resources.


    • @Zack,

      You mean both nginx and apache should run on same server without any conflict? if yes, you should run nginx or apache on different ports..

    • @Smallufo,

      Both links and elinks are commandline based web browsers and both are available to install from default repositories, no need to replace…

    • @Vaishnavi,

      Thanks for finding this article useful, could you share the screenshot of the same? it will help us to understand more better about your problem..

  14. thanks million for your good post,
    i find 2 small mistakes in spelling of commands that maybe because of them some users face problem in copy and paste the commands from the post.
    1. “permanent” spell in below section is not correct:
    Add service tomcat and default port (8080) through firewall and reload settings.
    # firewall-cmd —zone=public —add-port=8080/tcp —permannet

    2.reload in below command has just one dash(-):
    To add a service say http, temporarily and reload firewalld.
    # firewall-cmd –reload

  15. I’m not sure who wrote this but it seems clear that he/she never attempted to follow her own instructions.
    The first step in setting up the network is to invoke

    yum install net-tools

    yum install requires a functioning network with accessible repositories if using the minimal CD.

    These instructions simply won’t ever work with a minimal installation CD.

  16. For people unfamiliar with CLI text editors (vi, vim, nano), etc.
    You can configure static IP and hostname in a GUI environment, just type:

    # nmtui

    Once there, you can edit what you need.

    If ‘nmtui’ command not found, install it:

    yum install NetworkManager-tui

    My 2 cents…

    • @Chris,

      Thanks for the tip about configuring and setting hostname and IP address using GUI way, hope it will help Desktop Linux users, from me 10 cents to you…:) keep it up..

  17. Thank You for collecting all that useful and not so useful in one article. :)
    Hmm, interesting, how many copypasters have used your sample passwords unchanged? :)
    # nmap 127.0.01
    # visudo

  18. Thanks for the write up, I’m very new to this and it helps a bit. However, when I got to the firewall-cmd commands in step 6 I ran into some problems. Not sure if I did this correct or not but I had to run “yum install firewalld” then start it with “systemctl start firewalld”. Then I had to add a “-” before the arguments (replaced “firewall-cmd -add-service=http” with “firewall-cmd –add-service=http”.

  19. as an experienced computer hobbyist, I was able to use this howto with minimal effort, only found some typo’s and all went well

    thank you for providing this information in such a well-written format

  20. Hello

    my VPS only provide a centos standard version. How to change it to minimal version. What services will be remove?

    thank you before…

  21. Hi,

    Your website was very helpful, thank you .

    In the Mariadb install section, think to change the following line :

    # firewall-cmd –add-service=mysql


    # firewall-cmd –-add-service=mysql


      • It mustn’t be the best idea to add MySQL as public available service!

        For my point of view, the title of this article should be different, Noobies which install all this on their systems might end up with things, not ideally for everybody. Your site has built a huge reputation over time, and you just cannot recommend installing things like java or a compiler on a system, where it might not be explicitly needed!
        BUT: Positive to note: You explained mysql_secure_installation, firewalld, and selinux. There are still too may sites out there who forget, or disable this.

  22. You have an mistake at Step 7:
    echo -e “” > /var/ww/html/phpinfo.php
    has to be
    echo -e “” > /var/www/html/phpinfo.php

  23. lot of spelling errors in this article for the commands. nmap for example, “# namp 127.0.01” should be “# nmap”. the firewall command right after that part, “# firewall-cmd –list-ports” should be “# firewall-cmd –list-ports” (2 – , not 1).

    various other mistakes. the screenshots are good, just not the commands in code blocks.


Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.