This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
lemp-install [2020/10/22 09:52] – gwsadmin | lemp-install [2023/05/17 22:52] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== How to install a LEMP Webserver ====== | ====== How to install a LEMP Webserver ====== | ||
- | A LEMP Server includes NGINX, MariaDB and PHP. For easier | + | A LEMP Server includes NGINX, MariaDB and PHP. For easier |
- | //**For this you will need a vanilla Ubuntu Server installation, | + | //**For this you will need a vanilla Ubuntu Server installation, |
+ | **//You will need to open up either an ssh client or Putty if on a Windows machine.// ** | ||
+ | ==== Install Nginx ==== | ||
- | **//You will need to open up either an ssh client, or Putty if on a Windows machine.// ** | + | |
- | ==== Install Nginx ==== | + | <code bash> |
+ | sudo apt update | ||
+ | sudo apt upgrade | ||
+ | sudo apt install nginx | ||
+ | |||
+ | sudo ufw allow http https | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Create a directory for your webserver files etc - but change this to your own preferences | ||
+ | |||
+ | <code bash> | ||
+ | sudo mkdir / | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Change the permission so Nginx can use this folder: | ||
+ | |||
+ | <code bash> | ||
+ | sudo chown www-data: | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | ==== Install | ||
+ | |||
+ | * Type in these commands | ||
+ | |||
+ | <code bash> | ||
+ | sudo apt install mariadb-server mariadb-client | ||
+ | sudo systemctl start mariadb | ||
+ | sudo systemctl enable mariadb | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Now secure MariaDB by typing this: | ||
+ | |||
+ | <code bash> | ||
+ | sudo mysql_secure_installation | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | It will first prompt you for the root password you set up during installation. Immediately following, you will be asked a series of questions, beginning with if you'd like to change the root password. | ||
+ | |||
+ | This is another opportunity to change your password to something secure if you have not done so already. | ||
+ | |||
+ | You should answer " | ||
+ | |||
+ | This will remove the ability for anyone to log into MySQL by default, disable logging in remotely with the administrator account, remove some test databases that are insecure, and update the running MySQL instance to reflect these changes. (t[[https:// | ||
+ | |||
+ | ==== Install PHP 7.4 ==== | ||
+ | |||
+ | * Type in these commands: | ||
+ | |||
+ | <code bash> | ||
+ | sudo apt install php7.4 php7.4-fpm php7.4-mysql php-common php7.4-cli php7.4-common php7.4-json php7.4-opcache php7.4-readline php7.4-mbstring php7.4-xml php7.4-gd php7.4-curl | ||
+ | |||
+ | sudo systemctl start php7.4-fpm | ||
+ | |||
+ | sudo systemctl enable php7.4-fpm | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | ==== Create your default server block ==== | ||
+ | |||
+ | * But first, remove the symlink in sites-enabled first | ||
+ | |||
+ | <code bash> | ||
+ | sudo rm / | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Now create the server block, | ||
+ | |||
+ | <code bash> | ||
+ | sudo nano / | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Copy/Paste all this into the new config file | ||
+ | |||
+ | <code bash> | ||
+ | server { | ||
+ | listen 80; | ||
+ | listen [::]:80; | ||
+ | server_name _; | ||
+ | root / | ||
+ | index index.php index.html index.htm index.nginx-debian.html; | ||
+ | |||
+ | location / { | ||
+ | try_files $uri $uri/ / | ||
+ | } | ||
+ | |||
+ | location ~ \.php$ { | ||
+ | fastcgi_pass unix:/ | ||
+ | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
+ | include fastcgi_params; | ||
+ | include snippets/ | ||
+ | } | ||
+ | |||
+ | # A long browser cache lifetime can speed up repeat visits to your page | ||
+ | location ~* \.(jpg|jpeg|gif|png|webp|svg|woff|woff2|ttf|css|js|ico|xml)$ { | ||
+ | | ||
+ | | ||
+ | | ||
+ | } | ||
+ | |||
+ | # disable access to hidden files | ||
+ | location ~ /\.ht { | ||
+ | access_log off; | ||
+ | log_not_found off; | ||
+ | deny all; | ||
+ | } | ||
+ | } | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Reload | ||
+ | |||
+ | <code bash> | ||
+ | sudo nginx -t | ||
+ | |||
+ | sudo systemctl reload nginx | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Test Nginx and PHP are working by creeating an info.php in the webroot directory | ||
+ | |||
+ | <code bash> | ||
+ | sudo nano / | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Paste the following into the file | ||
+ | |||
+ | <code php> | ||
+ | <?php phpinfo(); ?> | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * To check it's working either go to [[http:// | ||
+ | |||
+ | <code bash> | ||
+ | sudo rm / | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | **Congratulations! You now have a working Web Server!** | ||
+ | |||
+ | ==== Install PHPmyadmin ==== | ||
+ | |||
+ | * Open terminal and run these: | ||
+ | |||
+ | <code bash> | ||
+ | sudo apt update | ||
+ | |||
+ | sudo apt install phpmyadmin | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Create a new server block, for best results, have PHPmyadmin run in a subdomain. | ||
+ | |||
+ | <code bash> | ||
+ | sudo nano / | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Copy/Paste all this into the new config file. | ||
+ | |||
+ | <code bash> | ||
+ | server { | ||
+ | listen 80; | ||
+ | listen [::]:80; | ||
+ | server_name pma.example.com; | ||
+ | root / | ||
+ | index index.php index.html index.htm index.nginx-debian.html; | ||
+ | |||
+ | access_log / | ||
+ | error_log / | ||
+ | |||
+ | location / { | ||
+ | try_files $uri $uri/ / | ||
+ | } | ||
+ | |||
+ | location ~ ^/ | ||
+ | deny all; | ||
+ | } | ||
+ | |||
+ | location ~ \.php$ { | ||
+ | fastcgi_pass unix:/ | ||
+ | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
+ | include fastcgi_params; | ||
+ | include snippets/ | ||
+ | } | ||
+ | |||
+ | location ~ /\.ht { | ||
+ | deny all; | ||
+ | } | ||
+ | } | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Reload Nginx | ||
+ | |||
+ | <code bash> | ||
+ | sudo nginx -t | ||
+ | |||
+ | sudo systemctl reload nginx | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | ==== Install Certbot ==== | ||
+ | |||
+ | * Run this command | ||
+ | |||
+ | <code bash> | ||
+ | sudo apt install certbot python3-certbot-nginx | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Run certbot | ||
+ | |||
+ | <code bash> | ||
+ | sudo certbot --nginx | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | * Respond to prompts from '' | ||
+ | |||
+ | ==== Add new SQL user ==== | ||
+ | |||
+ | As we have secured MariaDB we need to add a user for PHPmyadmin for you to log in. | ||
+ | |||
+ | * Run these commands: | ||
+ | |||
+ | <code mysql> | ||
+ | sudo mariadb -u root | ||
+ | |||
+ | create user ' | ||
+ | |||
+ | grant all privileges on *.* to ' | ||
+ | |||
+ | flush privileges; | ||
+ | |||
+ | exit; | ||
+ | |||
+ | |||
+ | </ | ||
+ | |||
+ | **Login to PHPmyadmin via your domain name, and now you have a secure web server with a secure database server!** | ||