Cloudbooklet
  • News
  • Artificial Intelligence
  • Applications
  • Linux
No Result
View All Result
Cloudbooklet
  • News
  • Artificial Intelligence
  • Applications
  • Linux
No Result
View All Result
Cloudbooklet
No Result
View All Result
Home Linux

How to Install LEMP Stack Nginx, MySQL, PHP on Debian 11

by Cloudbooklet
2 years ago
in Linux
How To Install Lemp Stack Nginx, Mysql, Php On Debian 11
ShareTweetSendShare
Readers like you help support Cloudbooklet. When you make a purchase using links on our site, we may earn an affiliate commission.

How to Install LEMP Stack Nginx, MySQL, PHP on Debian 11. In this guide you will learn how to install Nginx, MySQL 8.0 and PHP 8.1. You will also install some common PHP extensions and adjust the PHP configurations. Finally you will secure your setup with Let’s Encrypt SSL and configure HTTPS redirection. This setup […]

ADVERTISEMENT

How to Install LEMP Stack Nginx, MySQL, PHP on Debian 11. In this guide you will learn how to install Nginx, MySQL 8.0 and PHP 8.1.

You will also install some common PHP extensions and adjust the PHP configurations. Finally you will secure your setup with Let’s Encrypt SSL and configure HTTPS redirection.

This setup is tested on Google cloud, so it will work on all cloud hosting services like AWS, Azure or any VPS or any dedicated servers running Debian 11.

ADVERTISEMENT

Prerequisites

  • Root access to your server or a sudo user.
  • Domain pointed to your server IP to install Let’sEncrypt SSL

Step 1: Setup Initialization

Start by updating the packages to the latest version available using the following command.

You might also like

&Quot; Systemd Service On Linux

How to Create a New systemd Service on Linux: A Step-by-Step Guide

3 months ago
List Groups In Linux

How to List Groups in Linux: A Guide for Beginners

3 months ago
sudo apt update
sudo apt upgrade

Install wget package.

sudo apt install wget

Once you have updated the setup you can start the setup.

ADVERTISEMENT

Step 2: Install Nignx

Install Nginx using the following command.

sudo apt install nginx

This will install nginx and all required dependencies.

ADVERTISEMENT

Step 3: Setup Firewall

Now you can set up Uncomplicated Firewall (UFW) with Nginx to allow public access on default web ports for HTTP and HTTPS

sudo ufw app list

You will see all listed applications.

ADVERTISEMENT
Output
Available applications:
   Nginx Full
   Nignx HTTP
   Nginx HTTPS
   OpenSSH
  • Nginx HTTP: This profile opens port 80 (normal, unencrypted web traffic)
  • Nginx Full: This profile opens both port 80 (normal, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic)
  • Nginx HTTPS: This profile opens only port 443 (TLS/SSL encrypted traffic)
  • OpenSSH: This profile opens port 22 for SSH access.

If you are not going to use SSL you need to enable only the Nginx HTTP profile.

Now we will enable Nginx Full.

ADVERTISEMENT
sudo uff allow OpenSSH
sudo ufw allow 'Nginx Full'

With this command you can view the status of UFW.

sudo ufw status

You will see the output as follows.

Output
Status: active
 To                         Action      From
 --                         ------      ----
 Nginx Full                 ALLOW       Anywhere                  
 OpenSSH                    ALLOW       Anywhere                  
 Nginx Full (v6)            ALLOW       Anywhere (v6)             
 OpenSSH (v6)               ALLOW       Anywhere (v6)

Step: 4 Check Nginx Installation

Once Nginx is installed is is started automatically and already be up and running.

Every process in Nginx is managed with the systemctl command. Check the status of Nginx with the following command.

sudo systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-02-03 03:13:00 UTC; 6h ago
       Docs: man:nginx(8)
    Process: 11261 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code>
    Process: 11262 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, >
   Main PID: 11263 (nginx)
      Tasks: 3 (limit: 8622)

Now we have Nignx installed and configured Firewall.

Step 5: Install MySQL

To add the MySQL APT repository to your system go to the repository download page and download the latest release package using the following command.

wget https://dev.mysql.com/get/mysql-apt-config_0.8.22-1_all.deb

Install the release package.

sudo apt install ./mysql-apt-config_0.8.22-1_all.deb

We’re going to install MySQL version 8.0. Select OK by pressing Tab and hit Enter (as shown in the image above).

Now you can install MySQL.

sudo apt update
sudo apt install mysql-server

Once the installation is completed, the MySQL service will start automatically. To verify that the MySQL server is running, type:

sudo service mysql status

The output should show that the service is enabled and running:

 mysql.service - MySQL Community Server
     Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2022-02-02 06:12:30 UTC; 17s ago
       Docs: man:mysqld(8)
             http://dev.mysql.com/doc/refman/en/using-systemd.html
   Main PID: 101929 (mysqld)
     Status: "Server is operational"
      Tasks: 38 (limit: 1148)
     Memory: 369.3M
        CPU: 805ms
     CGroup: /system.slice/mysql.service
             └─101929 /usr/sbin/mysqld

Feb 02 06:12:29 demo systemd[1]: Starting MySQL Community Server...
Feb 02 06:12:30 demo systemd[1]: Started MySQL Community Server.

Step 6: Secure MySQL

MySQL installation comes with a script named mysql_secure_installation that allows you to easily improve the MySQL server security.

sudo mysql_secure_installation

You will be asked to configure the VALIDATE PASSWORD PLUGIN which is used to test the strength of the MySQL users passwords and improve the security.

Press y if you want to set up the validate password plugin or any other key to move to the next step.

There are three levels of password validation policy, low, medium, and strong.

Enter 2 for strong password validation.

On the next prompt, you will be asked to set a password for the MySQL root user.

If you set up the validate password plugin, the script will show you the strength of your new password. Type y to confirm the password.

Next, you’ll be asked to remove the anonymous user, restrict root user access to the local machine, remove the test database, and reload privilege tables. You should answer y to all questions.

Step 7: Install PHP

Add the SURY PPA for PHP 8.1

sudo apt -y install lsb-release apt-transport-https ca-certificates
sudo wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg

Now you can add the PPA to the server packages.

echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php.list

Update the packages and install PHP 8.1

sudo apt update

sudo apt install php php8.1-fpm php8.1-mysql php8.1-common php8.1-mysql php8.1-xml php8.1-xmlrpc php8.1-curl php8.1-gd php8.1-imagick php8.1-cli php8.1-dev php8.1-imap php8.1-mbstring php8.1-opcache php8.1-soap php8.1-zip php8.1-intl -y

Once PHP is installed you can check the version using the following command.

php -v

Step 8: Configure PHP

Now we configure PHP for Web Applications by changing some values in php.ini file.

For PHP 8.1 with Nginx the php.ini location will be in following directory.

sudo nano /etc/php/8.1/fpm/php.ini

Hit F6 for search inside the editor and update the following values for better performance.

upload_max_filesize = 32M 
post_max_size = 48M
memory_limit = 256M
max_execution_time = 600
max_input_vars = 3000
max_input_time = 1000

Once you have modified your PHP settings you need to restart your PHP-FPM for the changes to take effect.

sudo service php8.1-fpm restart

Step 9: Configure Nginx

Disable default Nginx configuration.

sudo rm -rf /etc/nginx/sites-enabled/default
sudo rm -rf /etc/nginx/sites-available/default

Create website directories.

sudo mkdir -p /var/www/html/domainname/public

Setup correct permissions.

sudo chmod -R 755 /var/www/html/domainname
sudo chown -R www-data:www-data /var/www/html/domainname

Create a new server block configuration.

sudo nano /etc/nginx/sites-available/domainname.conf

Paste the following configurations in the new file.

server {
    listen 80;
    listen [::]:80;

    server_name yourdomainname.com www.yourdomainname.com;

    root /var/www/html/domainname/public;
    index index.html index.php;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/run/php/php8.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }
}

Enable the new configuration.

sudo ln -s /etc/nginx/sites-available/domainname.conf /etc/nginx/sites-enabled/domainname.conf

Step 10: Install Let’s Encrypt SSL

HTTPS is a protocol for secure communication between a server (instance) and a client (web browser). Due to the introduction of Let’s Encrypt, which provides free SSL certificates, HTTPS are adopted by everyone and also provides trust to your audiences.

Here we will install Certbot to install Let’sEncrypt SSL using Snap.

sudo apt update
sudo apt install snapd -y
sudo snap install core
sudo snap refresh core

Install Certbot tool.

sudo snap install --classic certbot

Configure Certbot to be executable as as a command.

sudo ln -s /snap/bin/certbot /usr/bin/certbot

Now we have installed Certbot to install Let’s Encrypt for Debian 11.

Execute the following command to install your certificates.

sudo certbot --nginx --agree-tos --redirect -m [email protected] -d domainname.com -d www.domainname.com

Select the appropriate option and hit Enter

This command will install Free SSL, configure redirection to HTTPS and restarts the Nginx server.

Step 11: Renewing SSL Certificate

Certificates provided by Let’s Encrypt are valid for 90 days only, so you need to renew them often. So, let’s test the renewal feature using the following command.

sudo certbot renew --dry-run

This command will test the certificate expiry and configures the auto-renewable feature.

Step: 12: Test the Setup

Once you have done the able steps you can create a new test PHP file in your web directory.

sudo nano /var/www/html/domainname/public/info.php

Paste the below code inside the file.

<?php phpinfo();

Save the file.

Now go ahead and check your domain name with the info.php in the url (domainname.com/info.php).

You will see that your domain got redirected to HTTPS and see the PHP information details.

Supercharge your Linux Administration Career with completed training course and get your dream job.

Conclusion

Now you have learned how to install LEMP stack on Debian 11 with Let’sEncrypt SSL.

Thanks for your time. If you face any problem or any feedback, please leave a comment below.

Tags: DebianMySQLNginxPHP
Share7Tweet5SendShare
Cloudbooklet

Cloudbooklet

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related Posts

Hostname In Linux

How to Modify the Hostname in Linux

3 months ago
Linux Systems

Linux systems Hacked with OpenSSH Malware

3 months ago
Install Iptables On Ubuntu

How to Install Iptables on Linux

3 months ago
Open Port In Linux

How to Open Port in Linux: Simple Step-by-Step Guide

3 months ago

Follow Us

Trending Articles

Block Youtube Ads

How to Block YouTube Ads on Android TV in 2023 (6 Easy Methods)

September 20, 2023

10 Best AI Prompts for Writers to Improve Website SEO

Microsoft Unveils New Disc-Less Xbox Series X with Lift-to-Wake Controller

10 Best Minecraft Server Hosting Providers in 2023

HeyGen AI: Free AI Video Generator to Create Amazing Videos

5 FREE AI Horoscope Online – Personalized Way to See Your Future

Popular Articles

Free Watermark Maker

5 Free Watermark Maker: Create Transparent Watermarks for Images Online

September 15, 2023

10 Best WordPress Hosting Providers for 2023(Free and Paid)

7 Best Lyric Video Maker Software for Music Lovers

Google Watermark Feature: A Solution for AI Image Verification

Top 5 Free Linux Cloud Servers to Host Your Website

BlackInk AI Tattoo Generator: Create Your Own Custom Tattoos in Minutes

Subscribe Now

loader

Subscribe to our mailing list to receives daily updates!

Email Address*

Name

Cloudbooklet Logo

Welcome to our technology blog, where we explore the latest advancements in the field of artificial intelligence (AI) and how they are revolutionizing cloud computing. In this blog, we dive into the powerful capabilities of cloud platforms like Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure, and how they are accelerating the adoption and deployment of AI solutions across various industries. Join us on this exciting journey as we explore the endless possibilities of AI and cloud computing.

  • About
  • Contact
  • Disclaimer
  • Privacy Policy

Cloudbooklet © 2023 All rights reserved.

No Result
View All Result
  • News
  • Artificial Intelligence
  • Applications
  • Linux

Cloudbooklet © 2023 All rights reserved.