What is LEMP?
The LEMP software stack is a group of software that can be used to serve dynamic web pages and web applications. This is an acronym that describes a Linux operating system, with an Nginx (pronounced like “Engine-X”) webserver. The backend data is stored in the MySQL database and the dynamic processing is handled by PHP.
This guide demonstrates how to install a LEMP stack on an Ubuntu 18.04 server with PHP 7.4. The Ubuntu operating system takes care of the first requirement. We will describe how to get the rest of the components up and running.
This installation is tested on Digital Ocean and Linode. If you are setting up the Server for the first time then don’t forget the get the free referral credits by following my referral links.
Click Here to get $10 free referral credits from DigitalOcean.
Step 1 – Setting Up a Basic Firewall
Execute the following command to enable and add the firewall UFW to start automatically during system boot-up.
ufw allow ssh ufw allow http ufw logging off ufw enable
Step 2 –Installing MySQL to Manage Site Data on Ubuntu 18.04
Now that you have a web server, you need to install MySQL (a database management system) to store and manage the data for your site.
Install MySQL by typing:
sudo apt install mysql-server
The MySQL database software is now installed, but its configuration is not yet complete.
To secure the installation, MySQL comes with a script that will ask whether we want to modify some insecure defaults. Initiate the script by typing:
sudo mysql_secure_installation
This script will ask if you want to configure the VALIDATE PASSWORD PLUGIN
Warning: Enabling this feature is something of a judgment call. If enabled, passwords which don’t match the specified criteria will be rejected by MySQL with an error. This will cause issues if you use a weak password in conjunction with software which automatically configures MySQL user credentials, such as the Ubuntu packages for phpMyAdmin. It is safe to leave validation disabled, but you should always use strong, unique passwords for database credentials.
Answer
Y
for yes, or anything else to continue without enabling.
VALIDATE PASSWORD PLUGIN can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD plugin? Press y|Y for Yes, any other key for No:
If you’ve enabled validation, the script will also ask you to select a level of password validation. Keep in mind that if you enter 2 – for the strongest level – you will receive errors when attempting to set any password which does not contain numbers, upper and lowercase letters, and special characters, or which is based on common dictionary words.
Next, you’ll be asked to submit and confirm a root password:
Please set the password for root here. New password: Re-enter new password:
For the rest of the questions, you should press
Y
and hit the
ENTER
key at each prompt. This will remove some anonymous users and the test database, disable remote root logins, and load these new rules so that MySQL immediately respects the changes we have made.
Note that in Ubuntu systems running MySQL 5.7 (and later versions), the root MySQL user is set to authenticate using the auth_socket plugin by default rather than with a password. This allows for some greater security and usability in many cases, but it can also complicate things when you need to allow an external program (e.g., phpMyAdmin) to access the user.
If using the auth_socket plugin to access MySQL fits with your workflow, you can proceed to Step 3. If, however, you prefer to use a password when connecting to MySQL as root, you will need to switch its authentication method from auth_socket to mysql_native_password.
To do this, open up the MySQL prompt from your terminal:
sudo mysql
Next, check which authentication method each of your MySQL user accounts use with the following command:
SELECT user,authentication_string,plugin,host FROM mysql.user;
Output
+------------------+-------------------------------------------+-----------------------+-----------+ | user | authentication_string | plugin | host | +------------------+-------------------------------------------+-----------------------+-----------+ | root | | auth_socket | localhost | | mysql.session | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | mysql_native_password | localhost | | mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | mysql_native_password | localhost | | debian-sys-maint | *CC744277A401A7D25BE1CA89AFF17BF607F876FF | mysql_native_password | localhost | +------------------+-------------------------------------------+-----------------------+-----------+ 4 rows in set (0.00 sec)
In this example, you can see that the root user does, in fact, authenticate using the auth_socket plugin. To configure the root account to authenticate with a password, run the following ALTER USER command. Be sure to change password to a strong password of your choosing:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
Then, run FLUSH PRIVILEGES which tells the server to reload the grant tables and put your new changes into effect:
FLUSH PRIVILEGES;
Check the authentication methods employed by each of your users again to confirm that root no longer authenticates using the auth_socket plugin:
SELECT user,authentication_string,plugin,host FROM mysql.user;
Output
+------------------+-------------------------------------------+-----------------------+-----------+
| user | authentication_string | plugin | host |
+------------------+-------------------------------------------+-----------------------+-----------+
| root | *3636DACC8616D997782ADD0839F92C1571D6D78F | mysql_native_password | localhost |
| mysql.session | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | mysql_native_password | localhost |
| mysql.sys | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | mysql_native_password | localhost |
| debian-sys-maint | *CC744277A401A7D25BE1CA89AFF17BF607F876FF | mysql_native_password | localhost |
+------------------+-------------------------------------------+-----------------------+-----------+
4 rows in set (0.00 sec)
You can see in this example output that the root MySQL user now authenticates using a password. Once you confirm this on your own server, you can exit the MySQL shell:
exit
At this point, your database system is now set up and you can move on to installing PHP.
Step 3 – Installing PHP 7.4 on Ubuntu 18.04
Install PHP 7.4 on Ubuntu 18.04. This guide let you learn how to install the latest PHP version 7.4 on your Ubuntu system or your Ubuntu server on any VPS or any Cloud or any Dedicated hosting and configure it with Nginx.
The latest PHP 7.4 version is officially released on November 28th, 2019. It comes with a number of new features and a few incompatibilities that you should be aware of before upgrading from the previous version.
Getting started
Make sure your Ubuntu server is having the latest packages by running the following command.
sudo apt update sudo apt upgrade
This will update the package index and update the installed packages to the latest version.
Add PPA for PHP 7.4
Add the ondrej/php by following the command below, it has PHP 7.4 package and other required PHP extensions.
sudo apt install software-properties-common sudo add-apt-repository ppa:ondrej/php sudo apt update
Once you have added the PPA you can install PHP 7.4.
Install PHP 7.4 FPM for Nginx
For Nginx, you need to install FPM, execute the following command to install PHP 7.4 FPM
sudo apt install php7.4-fpm
After the installation has completed, confirm that PHP 7.4 FPM has installed correctly with this command
php-fpm7.4 -v
Install PHP 7.4 Extensions
Installing PHP extensions are simple with the following syntax.
sudo apt install php7.4-extension_name
Now, install some commonly used PHP-extensions with the following command.
sudo apt install php7.4-common php7.4-mysql php7.4-xml php7.4-xmlrpc php7.4-curl php7.4-gd php7.4-imagick php7.4-cli php7.4-dev php7.4-imap php7.4-mbstring php7.4-opcache php7.4-soap php7.4-zip php7.4-intl -y
Configure PHP 7.4
Now we configure PHP for Web Applications by changing some values in php.ini file.
For PHP 7.4 FPM with Nginx, the php.ini location will be in the following directory.
sudo nano /etc/php/7.4/fpm/php.ini
Hit
F6
for search inside the editor and update the following values for better performance.
upload_max_filesize = 32M post_max_size = 48M memory_limit = 256M max_execution_time = 600 max_input_vars = 3000 max_input_time = 1000
Once you have modified your PHP settings
Hit
CTRL + X
and
Y
to save the configuration. You can skip this step by uploading the pre-modified php.ini file and replacing it on your server. Download the files here.
Configure PHP 7.4 FPM Pools
PHP 7.4 FPM allows you to configure the user and group, that the service will run under. You can modify these with these commands
sudo nano /etc/php/7.4/fpm/pool.d/www.conf
Change the following lines by replacing the www-data with Nginx
user = nginx group = nginx listen.owner = nginx listen.group = nginx
Hit
CTRL + X
and
Y
to save the configuration. You can skip this step by uploading the pre-modified www.conf file and replacing it on your server. Download the files here.
Restart PHP 7.4 FPM
Once you have updated your PHP FPM settings you need to restart it to apply the changes.
sudo php-fpm7.4 -t sudo service php7.4-fpm restart
Now you are having PHP 7.4 Installed and configured.
Note: Here, the PHP service restart will throw an error and might fail to restart. Don’t worry, this is because the service can’t find the username Nginx. This will be solved when NGINX is installed in the next step.
Step 4 – Installing the NGINX Web Server on Ubuntu 18.04
In order to display web pages to our site visitors, we are going to deploy Nginx, a modern, efficient web server.
NGINX is included in the Ubuntu software repository but the version you get from Ubuntu software repository may not be the latest version, so let’s download and configure it from the Official NGINX repository.
Add the official NGINX repository in Ubuntu’s source list.
Open source list by executing the following command
sudo nano /etc/apt/sources.list
Use the CTRL+W then CTRL+V to jump to the end of the source list
Add the following two-line at the end of the code.
deb http://nginx.org/packages/mainline/ubuntu/ xenial nginx deb-src http://nginx.org/packages/mainline/ubuntu/ xenial nginx
Hit
CTRL + X
and
Y
to save the configuration and check if the configuration is correct and restart PHP.
Execute the following command to import the NGINX public key.
wget http://nginx.org/keys/nginx_signing.key sudo apt-key add nginx_signing.key
You are good to go with the installation of NGINX from the official repository, run the below commands.
sudo apt update sudo apt install nginx
Type and enter Y or yes to confirm the installation.
After the successful installation of NGINX, open FileZilla and navigate to
/etc/nginx/conf.d/
directory.
Upload “default.conf” and “drop” to the /etc/nginx/conf.d/ directory. Overwrite the file if asks!. Download the files here.
Create a www directory and give it proper permission and ownership.
Run these commands one by one.
mkdir -p /var/www/ chown nginx:nginx /var/www/
Now you need to restart NGINX server and PHP, to do so run this two command one by one.
service nginx restart sudo service php7.4-fpm restart
Conclusion
A LEMP stack is a powerful platform that will allow you to set up and serve nearly any website or application from your server.
There are a number of next steps you could take from here. For example, you should ensure that connections to your server are secured.
If you have executed all the steps as mentioned in the tutorial then your server should be ready and you can start hosting websites on it. Click Here to get $10 free referral credits from DigitalOcean. In case you are getting any error or you have any query about the article, feel free to leave a comment below in the comment section.
If you don’t want to mess with your server on your own and you want to get it done by an expert then just drop an email to [email protected].
Sources: techinfoBiT, Digital Ocean, Cloudbooklet
