A LEMP stack is the foundation upon which websites are built, leveraging NGINX instead of Apache as its web server. It is made up of four components that grant its name - Linux, NGINX (pronounced Engine X), MySQL, and PHP-FPM. Linux is the operating system, NGINX is the web server, MySQL is the database, and PHP-FPM interprets code to produce dynamic content. In this article, we will walk you through installing and configuring a basic LEMP stack.
Prerequisites
- An FQDN with a Valid A-Record
- A Server with Ubuntu 18.04 Installed
- How to Secure Your SSH Connection in Ubuntu 18.04
Topics
Installing Nginx
Note: We will assume that a non-root user has been configured for the purposes of this guide. If it has not, you can run all commands without sudo privileges. However, we recommend only using the root user when there is no other option. To configure a new sudo user, please check out the Creating a New Sudo User section of our How to Secure Your SSH Connection in Ubuntu 18.04 article.
Before we install NGINX, we first want to ensure that our operating system is fully up to date. We can do this with the following command:
$ sudo apt update
Now that the OS is up to date, we can proceed to install NGINX. Do so by entering the following command:
$ sudo apt install nginx
Note: If you have a firewall enabled, you will need to ensure that ports 80 and 443 are not blocked.
Now type the IP address of your server into a browser to confirm that NGINX has installed properly. If it has, you will see the following page:
Now that we have NGINX installed and working, let's get started installing MySQL.
Installing MySQL
The third portion of our LEMP stack is MySQL. To install MySQL, enter the following command:
$ sudo apt install mysql-server
Now enter the MySQL installation module using the following command:
$ sudo mysql_secure_installation
You will be met with the following prompt:
Securing the MySQL server deployment. Connecting to MySQL using a blank password. VALIDATE PASSWORD PLUGIN can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD plugin? Press y|Y for Yes, any other key for No:
It is entirely up to you whether you choose to install this plugin or not. It will check the strength of any passwords you set and make sure they are strong enough. We will proceed as if you did not install the plugin.
Next, you will be prompted to create a new password for your MySQL root user. Choose any password you wish and then confirm the password at the following prompt.
Press y and ENTER for each of the rest of the prompts. When you are finished you will get the following output:
All done!
Now that we have MySQL installed, let's take a look at installing PHP.
Installing PHP
In this section, we will be installing and configuring PHP-FPM. First, we need to install PHP-FPM along with its package for MySQL using the following command:
$ sudo apt install php-fpm php-mysql
Note: If you wish to download other PHP packages, you can append them to the end of this command.
Configuring Nginx with PHP-FPM
We first want to delete the default server block NGINX uses as the default using the following command:
$ sudo rm -f /etc/nginx/sites-enabled/default
Next, we will create a new root document for our website instead of the default /var/www/html. This will make it easier to configure additional server blocks should we choose to do so in the future. In this example we will create it in the /var/www/html directory, replacing example.com with our FQDN:
$ sudo mkdir -p /var/www/html/example.com
Now, we want to configure NGINX to pass PHP requests to PHP-FPM so that they are properly processed. To do so, we will create a new server block for our website. Create and open the new server block using the following command, replacing example.com with your FQDN:
$ sudo vi /etc/nginx/sites-available/example.com.conf
In this file, we want to add the following content to define our server information, ensuring 404 errors are correctly served, and tell NGINX to use PHP-FPM for PHP requests.
server {
listen 80;
root /var/www/html/example.com;
index index.php;
server_name example.com www.example.com;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
}
Now, we will create a symbolic link to enable the site in NGINX using the following command, again replacing example.com with your FQDN:
$ sudo ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-enabled/
Next, we will test the syntax of our website's configuration file.
$ sudo nginx -t
If the test is successful, we will get the following output.
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Once we have confirmed that the syntax is correct, we need to reload NGINX to take the new configuration file.
$ sudo systemctl reload nginx
Finally, we will create a test file to ensure that PHP-FPM has been installed and configured correctly. Create a new file called info.php by opening it in your preferred text editor using the following command:
$ sudo vi /var/www/html/example.com/info.php
Enter the following text into the file:
<?php
phpinfo();
?>
Now navigate to the following website, replacing example.com with your server's FQDN:
example.com
/info.php
You should see the following page.
Note: Make sure you see the "FPM/FastCGI" text next to "Server API" on the above webpage to confirm that you have properly configured PHP-FPM.
If you see the above page, you have correctly deployed PHP-FPM with NGINX and you have finished deploying your LEMP stack. Since this page gives information about your server that could be used to exploit your security, delete this file using the following command:
$ sudo rm /var/www/html/example.com/info.php
Conclusion
A properly deployed LEMP stack is the backbone of many websites. Having read this guide, you should now know how NGINX, MySQL, and PHP are used as well as how to perform a basic installation of a LEMP stack.