Step 1: Disabling apache2<\/h2>\n
We need to ensure that Apache (a different web server option) isn\u2019t running. Let\u2019s remove it from the server.<\/p>\n
sudo apt-get remove apache2\nsudo rm \/var\/www\/html\/index.html\n<\/code><\/pre>\nStep 2: Installing Nginx<\/h2>\n
Ubuntu\u2019s apt <\/code> package management software makes installing nginx quite easy. Running the update <\/code> command ensures you get the most up-to-date version.<\/p>\nsudo apt-get update\nsudo apt-get install nginx\n<\/code><\/pre>\nNginx will automatically start running at this point. You can double check this by navigating to the IP address of your VPS via a web browser.<\/p>\n
http:\/\/remote_server<\/span>\n<\/code><\/pre>\nIf successful, you\u2019ll see a default Nginx page.<\/p>\n
Step 3: Installing MySQL<\/h2>\n
Next, we\u2019ll install MySQL, which is a database that will be used to store information. Install this with apt <\/code> as well.<\/p>\nsudo apt-get install mysql-server\n<\/code><\/pre>\nYou will be prompted to input a password for the adminisrative user for MySQL. We recommend a strong, secure password. For additional security, you won\u2019t be able to see the characters as you type them in.<\/p>\n
Next, run a script to improve the security of the installation.<\/p>\n
sudo mysql_secure_installation\n<\/code><\/pre>\nYou\u2019ll see the following warning about the VALIDATE PASSWORD PLUGIN <\/code> .<\/p>\nVALIDATE PASSWORD PLUGIN can be used to test<\/span> passwords\nand improve security. It checks the strength of password\nand allows the users to set<\/span> only those passwords which<\/span> are\nsecure enough. Would you like to setup VALIDATE PASSWORD plugin?\n\nPress y|Y for<\/span> Yes, any other key for<\/span> No: \n<\/code><\/pre>\nThis plugin will reject passwords that are not strong enough. It\u2019s not necessary if you\u2019re diligent about using strong, secure passwords. If you choose Yes <\/code> , you\u2019ll be asked to define a policy for strong passwords.<\/p>\nYou will also be given an opportunity to change the root password if you\u2019d like.<\/p>\n
Using existing password for<\/span> root.\nChange the password for<\/span> root ? ((Press y|Y for<\/span> Yes, any other key for<\/span> No) : \n<\/code><\/pre>\nFor the remainder of the questions, type in y <\/code> or Y <\/code> and then hit Enter <\/code> . These remove anonymous users and restrict root logins, both of which are best practices.<\/p>\nStep 4: Installing PHP<\/h2>\n
PHP will be used to serve up dynamic web pages to users as they visit your site. There are other options available, such as Ruby or Node.js, but these fall beyond the scope of this tutorial.<\/p>\n
We need to start with installing some programs that help PHP communicate with Nginx and MySQL.<\/p>\n
sudo apt-get install php-fpm php-mysql\n<\/code><\/pre>\nYou need to edit the php.ini file and change one particular line to make the configuration more secure.<\/p>\n
sudo nano \/etc\/php\/7.0\/fpm\/php.ini\n<\/code><\/pre>\nYou\u2019re looking for a line that begins with ;cgi.fix_pathinfo <\/code> . To find it easily in nano, type in Ctrl+w <\/code> and type in cgi.fix_pathinfo <\/code> . You need to uncomment this line\u2014remove the semicolon\u2014and change the setting to 0 <\/code> . The end result should look like this:<\/p>\ncgi.fix_pathinfo=0\n<\/code><\/pre>\nOnce you\u2019ve saved the file, a quick restart of the PHP processor will enable this change.<\/p>\n
sudo systemctl restart php7.0-fpm\n<\/code><\/pre>\nStep 5: Configuring Nginx and PHP<\/h2>\n
As we tested earlier, Nginx is already working properly, but it defaults to using HTML to serve up a webpage, not PHP. We need to change that by editing the default Nginx server block.<\/p>\n
sudo nano \/etc\/nginx\/sites-available\/default\n<\/code><\/pre>\nLet\u2019s go step by step through the lines that you will want to edit.<\/p>\n
First, you might want to change the root directory of your website, if you\u2019d like to serve it from a different location. The default configuration is perfectly fine, however, so we recommend leaving it alone.<\/p>\n
root \/var<\/span>\/www\/html;\n<\/code><\/pre>\nNext, you want to request that Nginx look for an index.php <\/code> file rather than index.html <\/code> .<\/p>\n Before: <\/strong><\/p>\n# Add<\/span> index<\/span>.php<\/span> to<\/span> the<\/span> list<\/span> if<\/span> you<\/span> are<\/span> using<\/span> PHP<\/span>\nindex<\/span> index<\/span>.html<\/span> index<\/span>.htm<\/span> index<\/span>.nginx-debian<\/span>.html<\/span>;\n<\/code><\/pre>\n After: <\/strong><\/p>\n# Add<\/span> index<\/span>.php<\/span> to<\/span> the<\/span> list<\/span> if<\/span> you<\/span> are<\/span> using<\/span> PHP<\/span>\nindex<\/span> index<\/span>.php<\/span> index<\/span>.html<\/span> index<\/span>.htm<\/span> index<\/span>.nginx-debian<\/span>.html<\/span>;\n<\/code><\/pre>\nAfter that, you need to uncomment the area that connects to php-fpm <\/code> .<\/p>\n Before: <\/strong><\/p>\n#<\/span> pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000<\/span>\n#<\/span>\n#<\/span>location ~ .php$ {<\/span>\n#<\/span> include snippets\/fastcgi-php.conf;<\/span>\n#<\/span>\n#<\/span> # With php7.0-cgi alone:<\/span><\/span>\n#<\/span> fastcgi_pass 127.0.0.1:9000;<\/span>\n#<\/span> # With php7.0-fpm:<\/span><\/span>\n#<\/span> fastcgi_pass unix:\/run\/php\/php7.0-fpm.sock;<\/span>\n#<\/span>}<\/span>\n<\/code><\/pre>\n After: <\/strong><\/p>\nlocation<\/span> ~ .php$<\/span> {\n include<\/span> snippets\/fastcgi-php.conf;\n\n# # With php7.0-cgi alone:<\/span>\n# fastcgi_pass 127.0.0.1:9000;<\/span>\n# # With php7.0-fpm:<\/span>\n fastcgi_pass<\/span> unix:\/run\/php\/php7.0-fpm.sock;\n}\n<\/code><\/pre>\nFinally, you should restrict access to .htaccess <\/code> files, which Nginx doesn\u2019t use.<\/p>\n Before: <\/strong><\/p>\n# deny access to .htaccess files, if Apache's document root<\/span>\n# concurs with nginx's one<\/span>\n#<\/span>\n#location ~ \/.ht {<\/span>\n# deny all;<\/span>\n#}<\/span>\n<\/code><\/pre>\n After: <\/strong><\/p>\n#<\/span> deny access to .htaccess files, if<\/span> Apache's document root<\/span><\/span>\n#<\/span> concurs with nginx'<\/span>s one<\/span>\n#<\/span>\nlocation ~ \/.ht {\n deny all;\n}\n<\/code><\/pre>\nOnce you\u2019ve made those three changes, you can save and close the file and test out the configuration.<\/p>\n
sudo nginx -t\n<\/code><\/pre>\nIf you see any errors, check the file for any syntax mistakes you might have made. Once the command returns a positive result, you can restart Nginx to load the new configuration.<\/p>\n
sudo systemctl restart nginx\n<\/code><\/pre>\nStep 6: Testing PHP<\/h2>\n
At this point, the LEMP stack should be completely configured, but it doesn\u2019t hurt to take a few extra moments to double-check that it\u2019s running correctly. The easiest way to do that is to create a new file in your document root.<\/p>\n
sudo nano \/var\/www\/html\/info.php\n<\/code><\/pre>\nInside that file, type or paste in these two lines:<\/p>\n
<?php<\/span>\nphpinfo();\n<\/code><\/pre>\nSave and close the file, and then visit your website again via a browser.<\/p>\n
http:\/\/remote_server\/info.php<\/span>\n<\/code><\/pre>\nIf you see a file like the following, you\u2019re all set up! You\u2019re now ready to host and deploy some serious content to your visitors.<\/p>\n
![\"phpinfo.png\"](\"https:\/\/www.ssdnodes.com\/wp-content\/uploads\/2024\/01\/phpinfo.png\")
<\/p>\n