One place for hosting & domains

      How to Install and Configure Laravel with LEMP on Ubuntu 18.04


      Laravel is an open-source PHP framework that provides a set of tools and resources to build modern PHP applications. With a complete ecosystem leveraging its built-in features, Laravel’s popularity has grown rapidly in the past few years, with many developers adopting it as their framework of choice for a streamlined development process.

      In this guide, you’ll install and configure a new Laravel application on an Ubuntu 18.04 server, using Composer to download and manage the framework dependencies. When you’re finished, you’ll have a functional Laravel demo application pulling content from a MySQL database.


      In order to complete this guide, you will first need to perform the following tasks on your Ubuntu 18.04 server:

      Step 1 — Installing Required PHP modules

      Before you can install Laravel, you need to install a few PHP modules that are required by the framework. We’ll use apt to install the php-mbstring, php-xml and php-bcmath PHP modules. These PHP extensions provide extra support for dealing with character encoding, XML and precision mathematics.

      If this is the first time using apt in this session, you should first run the update command to update the package manager cache:

      Now you can install the required packages with:

      • sudo apt install php-mbstring php-xml php-bcmath

      Your system is now ready to execute Laravel's installation via Composer, but before doing so, you'll need a database for your application.

      Step 2 — Creating a Database for the Application

      To demonstrate Laravel's basic installation and usage, we'll create a sample travel list application to show a list of places a user would like to travel to, and a list of places that they already visited. This can be stored in a simple places table with a field for locations that we'll call name and another field to mark them as visited or not visited, which we'll call visited. Additionally, we'll include an id field to uniquely identify each entry.

      To connect to the database from the Laravel application, we'll create a dedicated MySQL user, and grant this user full privileges over the travel_list database.

      To get started, log in to the MySQL console as the root database user with:

      To create a new database, run the following command from your MySQL console:

      • CREATE DATABASE travel_list;

      Now you can create a new user and grant them full privileges on the custom database you've just created. In this example, we're creating a user named travel_user with the password password, though you should change this to a secure password of your choosing:

      • GRANT ALL ON travel_list.* TO 'travel_user'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;

      This will give the travel_user user full privileges over the travel_list database, while preventing this user from creating or modifying other databases on your server.

      Following this, exit the MySQL shell:

      You can now test if the new user has the proper permissions by logging in to the MySQL console again, this time using the custom user credentials:

      Note the -p flag in this command, which will prompt you for the password used when creating the travel_user user. After logging in to the MySQL console, confirm that you have access to the travel_list database:

      This will give you the following output:


      +--------------------+ | Database | +--------------------+ | information_schema | | travel_list | +--------------------+ 2 rows in set (0.01 sec)

      Next, create a table named places in the travel_list database. From the MySQL console, run the following statement:

      • CREATE TABLE travel_list.places (
      • name VARCHAR(255),
      • visited BOOLEAN,
      • PRIMARY KEY(id)
      • );

      Now, populate the places table with some sample data:

      • INSERT INTO travel_list.places (name, visited)
      • VALUES ("Tokyo", false),
      • ("Budapest", true),
      • ("Nairobi", false),
      • ("Berlin", true),
      • ("Lisbon", true),
      • ("Denver", false),
      • ("Moscow", false),
      • ("Olso", false),
      • ("Rio", true),
      • ("Cincinati", false),

      To confirm that the data was successfully saved to your table, run:

      • SELECT * FROM travel_list.places;

      You will see output similar to this:


      +----+-----------+---------+ | id | name | visited | +----+-----------+---------+ | 1 | Tokyo | 0 | | 2 | Budapest | 1 | | 3 | Nairobi | 0 | | 4 | Berlin | 1 | | 5 | Lisbon | 1 | | 6 | Denver | 0 | | 7 | Moscow | 0 | | 8 | Oslo | 0 | | 9 | Rio | 1 | | 10 | Cincinati | 0 | +----+-----------+---------+ 10 rows in set (0.00 sec)

      After confirming that you have valid data in your test table, you can exit the MySQL console:

      You're now ready to create the application and configure it to connect to the new database.

      Step 3 — Creating a New Laravel Application

      You will now create a new Laravel application using the composer create-project command. This Composer command is typically used to bootstrap new applications based on existing frameworks and content management systems.

      Throughout this guide, we'll use travel_list as an example application, but you are free to change this to something else. The travel_list application will display a list of locations pulled from a local MySQL server, intended to demonstrate Laravel's basic configuration and confirm that you're able to connect to the database.

      First, go to your user's home directory:

      The following command will create a new travel_list directory containing a barebones Laravel application based on default settings:

      • composer create-project --prefer-dist laravel/laravel travel_list

      You will see output similar to this:


      Installing laravel/laravel (v5.8.17) - Installing laravel/laravel (v5.8.17): Downloading (100%) Created project in travel_list > @php -r "file_exists('.env') || copy('.env.example', '.env');" Loading composer repositories with package information Updating dependencies (including require-dev) Package operations: 80 installs, 0 updates, 0 removals - Installing symfony/polyfill-ctype (v1.11.0): Downloading (100%) - Installing phpoption/phpoption (1.5.0): Downloading (100%) - Installing vlucas/phpdotenv (v3.4.0): Downloading (100%) - Installing symfony/css-selector (v4.3.2): Downloading (100%) ...

      When the installation is finished, access the application's directory and run Laravel's artisan command to verify that all components were successfully installed:

      • cd travel_list
      • php artisan

      You'll see output similar to this:


      Laravel Framework 5.8.29 Usage: command [options] [arguments] Options: -h, --help Display this help message -q, --quiet Do not output any message -V, --version Display this application version --ansi Force ANSI output --no-ansi Disable ANSI output -n, --no-interaction Do not ask any interactive question --env[=ENV] The environment the command should run under -v|vv|vvv, --verbose Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug (...)

      This output confirms that the application files are in place, and the Laravel command-line tools are working as expected. However, we still need to configure the application to set up the database and a few other details.

      Step 4 — Configuring Laravel

      The Laravel configuration files are located in a directory called config, inside the application's root directory. Additionally, when you install Laravel with Composer, it creates an environment file. This file contains settings that are specific to the current environment the application is running, and will take precedence over the values set in regular configuration files located at the config directory. Each installation on a new environment requires a tailored environment file to define things such as database connection settings, debug options, application URL, among other items that may vary depending on which environment the application is running.

      Warning: The environment configuration file contains sensitive information about your server, including database credentials and security keys. For that reason, you should never share this file publicly.

      We'll now edit the .env file to customize the configuration options for the current application environment.

      Open the .env file using your command line editor of choice. Here we'll use nano:

      Even though there are many configuration variables in this file, you don't need to set up all of them now. The following list contains an overview of the variables that require immediate attention:

      • APP_NAME: Application name, used for notifications and messages.
      • APP_ENV: Current application environment.
      • APP_KEY: Used for generating salts and hashes, this unique key is automatically created when installing Laravel via Composer, so you don't need to change it.
      • APP_DEBUG: Whether or not to show debug information at client side.
      • APP_URL: Base URL for the application, used for generating application links.
      • DB_DATABASE: Database name.
      • DB_USERNAME: Username to connect to the database.
      • DB_PASSWORD: Password to connect to the database.

      By default, these values are configured for a local development environment that uses Homestead, a prepackaged Vagrant box provided by Laravel. We'll change these values to reflect the current environment settings of our example application.

      In case you are installing Laravel in a development or testing environment, you can leave the APP_DEBUG option enabled, as this will give you important debug information while testing the application from a browser. The APP_ENV variable should be set to development or testing in this case.

      In case you are installing Laravel in a production environment, you should disable the APP_DEBUG option, because it shows to the final user sensitive information about your application. The APP_ENV in this case should be set to production.

      The following .env file sets up our example application for development:

      Note: The APP_KEY variable contains a unique key that was auto generated when you installed Laravel via Composer. You don't need to change this value. If you want to generate a new secure key, you can use the php artisan key:generate command.



      Adjust your variables accordingly. When you are done editing, save and close the file to keep your changes. If you're using nano, you can do that with CTRL+X, then Y and Enter to confirm.

      Your Laravel application is now set up, but we still need to configure the web server in order to be able to access it from a browser. In the next step, we'll configure Nginx to serve your Laravel application.

      Step 5 — Setting Up Nginx

      We have installed Laravel on a local folder of your remote user's home directory, and while this works well for local development environments, it's not a recommended practice for web servers that are open to the public internet. We'll move the application folder to /var/www, which is the usual location for web applications running on Nginx.

      First, use the mv command to move the application folder with all its contents to /var/www/travel_list:

      • sudo mv ~/travel_list /var/www/travel_list

      Now we need to give the web server user write access to the storage and cache folders, where Laravel stores application-generated files:

      • sudo chown -R www-data.www-data /var/www/travel_list/storage
      • sudo chown -R www-data.www-data /var/www/travel_list/bootstrap/cache

      The application files are now in order, but we still need to configure Nginx to serve the content. To do this, we'll create a new virtual host configuration file at /etc/nginx/sites-available:

      • sudo nano /etc/nginx/sites-available/travel_list

      The following configuration file contains the recommended settings for Laravel applications on Nginx:


      server {
          listen 80;
          server_name server_domain_or_IP;
          root /var/www/travel_list/public;
          add_header X-Frame-Options "SAMEORIGIN";
          add_header X-XSS-Protection "1; mode=block";
          add_header X-Content-Type-Options "nosniff";
          index index.html index.htm index.php;
          charset utf-8;
          location / {
              try_files $uri $uri/ /index.php?$query_string;
          location = /favicon.ico { access_log off; log_not_found off; }
          location = /robots.txt  { access_log off; log_not_found off; }
          error_page 404 /index.php;
          location ~ .php$ {
              fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
              fastcgi_index index.php;
              fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
              include fastcgi_params;
          location ~ /.(?!well-known).* {
              deny all;

      Copy this content to your /etc/nginx/sites-available/travel_list file and, if necessary, adjust the highlighted values to align with your own configuration. Save and close the file when you're done editing.

      To activate the new virtual host configuration file, create a symbolic link to travel_list in sites-enabled:

      • sudo ln -s /etc/nginx/sites-available/travel_list /etc/nginx/sites-enabled/

      Note: If you have another virtual host file that was previously configured for the same server_name used in the travel_list virtual host, you might need to deactivate the old configuration by removing the corresponding symbolic link inside /etc/nginx/sites-enabled/.

      To confirm that the configuration doesn't contain any syntax errors, you can use:

      You should see output like this:


      • nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
      • nginx: configuration file /etc/nginx/nginx.conf test is successful

      To apply the changes, reload Nginx with:

      • sudo systemctl reload nginx

      Now go to your browser and access the application using the server's domain name or IP address, as defined by the server_name directive in your configuration file:


      You will see a page like this:

      Laravel splash page

      That confirms your Nginx server is properly configured to serve Laravel. From this point, you can start building up your application on top of the skeleton provided by the default installation.

      In the next step, we'll modify the application's main route to query for data in the database using Laravel's DB facade.

      Step 6 — Customizing the Main Page

      Assuming you've followed all the steps in this guide so far, you should have a working Laravel application and a database table named places containing some sample data.

      We'll now edit the main application route to query for the database and return the contents to the application's view.

      Open the main route file, routes/web.php:

      This file comes by default with the following content:


      | Web Routes
      | Here is where you can register web routes for your application. These
      | routes are loaded by the RouteServiceProvider within a group which
      | contains the "web" middleware group. Now create something great!
      Route::get('/', function () {
          return view('welcome');

      Routes are defined within this file using the static method Route::get, which receives a path and a callback function as arguments.

      The following code replaces the main route callback function. It makes 2 queries to the database using the visited flag to filter results. It returns the results to a view named travel_list, which we're going to create next. Copy this content to your routes/web.php file, replacing the code that is already there:


      use IlluminateSupportFacadesDB;
      Route::get('/', function () {
        $visited = DB::select('select * from places where visited = ?', [1]); 
        $togo = DB::select('select * from places where visited = ?', [0]);
        return view('travel_list', ['visited' => $visited, 'togo' => $togo ] );

      Save and close the file when you're done editing. We'll now create the view that will render the database results to the user. Create a new view file inside resources/views:

      • nano resources/views/travel_list.blade.php

      The following template creates two lists of places based on the variables visited and togo. Copy this content to your new view file:


          <title>Travel List</title>
          <h1>My Travel Bucket List</h1>
          <h2>Places I'd Like to Visit</h2>
            @foreach ($togo as $newplace)
              <li>{{ $newplace->name }}</li>
          <h2>Places I've Already Been To</h2>
                @foreach ($visited as $place)
                      <li>{{ $place->name }}</li>

      Save and close the file when you're done. Now go to your browser and reload the application. You'll see a page like this:

      Demo Laravel Application

      You have now a functional Laravel application pulling contents from a MySQL database.


      In this tutorial, you've set up a new Laravel application on top of a LEMP stack (Linux, Nginx, MySQL and PHP), running on an Ubuntu 18.04 server. You've also customized your default route to query for database content and exhibit the results in a custom view.

      From here, you can create new routes and views for any additional pages your application needs. Check the official Laravel documentation for more information on routes, views, and database support. If you're deploying to production, you should also check the optimization section for a few different ways in which you can improve your application's performance.

      For improved security, you should consider installing an TLS/SSL certificate for your server, allowing it to serve content over HTTPS. To this end, you can follow our guide on how to secure your Nginx installation with Let's Encrypt on Ubuntu 18.04.

      Source link

      How To Install WordPress with LEMP (Nginx, MariaDB and PHP) on Debian 10


      WordPress is the most popular CMS (content management system) on the internet. It allows you to easily set up flexible blogs and websites on top of a MySQL-based backend with PHP processing. WordPress has seen incredible adoption and is a great choice for getting a website up and running quickly. After setup, almost all administration can be done through the web frontend.

      In this guide, we’ll focus on getting a WordPress instance set up on a LEMP stack (Linux, Nginx, MariaDB, and PHP) on a Debian 10 server.


      In order to complete this tutorial, you will need access to a Debian 10 server.

      You will need to perform the following tasks before you can start this guide:

      • Create a sudo user on your server: We will be completing the steps in this guide using a non-root user with sudo privileges. You can create a user with sudo privileges by following our Debian 10 initial server setup guide.
      • Install a LEMP stack: WordPress will need a web server, a database, and PHP in order to correctly function. Setting up a LEMP stack (Linux, Nginx, MariaDB, and PHP) fulfills all of these requirements. Follow this guide to install and configure this software.
      • Secure your site with SSL: WordPress serves dynamic content and handles user authentication and authorization. TLS/SSL is the technology that allows you to encrypt the traffic from your site so that your connection is secure. This tutorial will assume that you have a domain name for your blog. You can use Let’s Encrypt to get a free SSL certificate for your domain. Follow our Let’s Encrypt guide for Nginx to set this up.

      When you are finished with the setup steps, log into your server as your sudo user and continue below.

      Step 1 — Creating a Database and User for WordPress

      WordPress needs a MySQL-based database to store and manage site and user information. Our setup uses MariaDB, a community fork of the original MySQL project by Oracle. MariaDB is currently the default MySQL-compatible database server available on debian-based package manager repositories.

      To get started, log into the MariaDB root (administrative) account. If MariaDB is configured to use the auth_socket authentication plugin, which is the default, you can log into the MariaDB administrative account using sudo:

      If you changed the authentication method to use a password for the MariaDB root account, use the following format instead:

      You will be prompted for the password you set for the MariaDB root account.

      First, we can create a separate database that WordPress can control. You can name this whatever you would like, but we will be using wordpress in this guide to keep it simple. You can create the database for WordPress by typing:

      • CREATE DATABASE wordpress DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;

      Next, we are going to create a separate MariaDB user account that we will use exclusively to operate on our new database. Creating one-function databases and accounts is a good idea from a management and security standpoint. We will use the name wordpress_user in this guide. Feel free to change this if you'd like.

      The following command will create this account, set a password, and grant access to the database we created. Remember to choose a strong password for your database user:

      • GRANT ALL ON wordpress.* TO 'wordpress_user'@'localhost' IDENTIFIED BY 'password';

      You now have a database and a user account, each made specifically for WordPress. We need to flush the privileges so that the current instance of the database server knows about the recent changes we've made:

      Exit out of MariaDB by typing:

      The MariaDB session will exit, returning you to the regular Linux shell.

      Step 2 — Installing Additional PHP Extensions

      When setting up our LEMP stack, we only required a very minimal set of extensions in order to get PHP to communicate with MariaDB. WordPress and many of its plugins leverage additional PHP extensions.

      We can download and install some of the most popular PHP extensions for use with WordPress by typing:

      • sudo apt update
      • sudo apt install php-curl php-gd php-intl php-mbstring php-soap php-xml php-xmlrpc php-zip

      Note: Each WordPress plugin has its own set of requirements. Some may require additional PHP packages to be installed. Check your plugin documentation to discover its PHP requirements.

      When you are finished installing the extensions, restart the PHP-FPM process so that the running PHP processor can leverage the newly installed features:

      • sudo systemctl restart php7.3-fpm.service

      We now have all of the necessary PHP extensions installed on the server.

      Step 3 — Configuring Nginx

      Next, we will be making a few minor adjustments to our Nginx server block files. Based on the prerequisite tutorials, you should have a configuration file for your site in the /etc/nginx/sites-available/ directory configured to respond to your server's domain name and protected by a TLS/SSL certificate. We'll use /etc/nginx/sites-available/your_domain as an example here, but you should substitute the path to your configuration file where appropriate.

      Additionally, we will use /var/www/your_domain as the root directory of our WordPress install. You should use the web root specified in your own configuration.

      Note: It's possible you are using the /etc/nginx/sites-available/default default configuration (with /var/www/html as your web root). This is fine to use if you're only going to host one website on this server. If not, it's best to split the necessary configuration into logical chunks, one file per site.

      Open your site's Nginx configuration file with sudo privileges to begin:

      • sudo nano /etc/nginx/sites-available/your_domain

      We need to add a few location directives within our main server block. After adding SSL certificates your config may have two server blocks. If so, find the one that contains root /var/www/your_domain and your other location directives and implement your changes there.

      Start by creating exact-matching location blocks for requests to /favicon.ico and /robots.txt, both of which we do not want to log requests for.

      We will use a regular expression location to match any requests for static files. We will again turn off the logging for these requests and will mark them as highly cacheable since these are typically expensive resources to serve. You can adjust this static files list to contain any other file extensions your site may use:


      server {
          . . .
          location = /favicon.ico { log_not_found off; access_log off; }
          location = /robots.txt { log_not_found off; access_log off; allow all; }
          location ~* .(css|gif|ico|jpeg|jpg|js|png)$ {
              expires max;
              log_not_found off;
          . . .

      Inside of the existing location / block, we need to adjust the try_files list so that instead of returning a 404 error as the default option, control is passed to the index.php file with the request arguments.

      This should look something like this:


      server {
          . . .
          location / {
              #try_files $uri $uri/ =404;
              try_files $uri $uri/ /index.php$is_args$args;
          . . .

      When you are finished, save and close the file.

      Now, we can check our configuration for syntax errors by typing:

      If no errors were reported, reload Nginx by typing:

      • sudo systemctl reload nginx

      Next, we will download and set up WordPress itself.

      Step 4 — Downloading WordPress

      Now that our server software is configured, we can download and set up WordPress. For security reasons in particular, it is always recommended to get the latest version of WordPress from their site.

      Change into a writable directory and then download the compressed release by typing:

      • cd /tmp
      • curl -LO

      Extract the compressed file to create the WordPress directory structure:

      We will be moving these files into our document root momentarily. Before we do that, we can copy over the sample configuration file to the filename that WordPress actually reads:

      • cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php

      Now, we can copy the entire contents of the directory into our document root. We are using the -a flag to make sure our permissions are maintained. We are using a dot at the end of our source directory to indicate that everything within the directory should be copied, including any hidden files:

      • sudo cp -a /tmp/wordpress/. /var/www/your_domain

      Now that our files are in place, we'll assign ownership them to the www-data user and group. This is the user and group that Nginx runs as, and Nginx will need to be able to read and write WordPress files in order to serve the website and perform automatic updates.

      • sudo chown -R www-data:www-data /var/www/your_domain

      Our files are now in our server's document root and have the correct ownership, but we still need to complete some more configuration.

      Step 5 — Setting up the WordPress Configuration File

      Next, we need to make a few changes to the main WordPress configuration file.

      When we open the file, our first order of business will be to adjust the secret keys to provide some security for our installation. WordPress provides a secure generator for these values so that you do not have to try to come up with good values on your own. These are only used internally, so it won't hurt usability to have complex, secure values here.

      To grab secure values from the WordPress secret key generator, type:

      • curl -s

      You will get back unique values that look something like this:

      Warning: It is important that you request unique values each time. Do NOT copy the values shown below!


      define('AUTH_KEY', '1jl/vqfs<XhdXoAPz9 DO NOT COPY THESE VALUES c_j{iwqD^<+c9.k<J@4H'); define('SECURE_AUTH_KEY', 'E2N-h2]Dcvp+aS/p7X DO NOT COPY THESE VALUES {Ka(f;rv?Pxf})CgLi-3'); define('LOGGED_IN_KEY', 'W(50,{W^,OPB%PB<JF DO NOT COPY THESE VALUES 2;y&,2m%3]R6DUth[;88'); define('NONCE_KEY', 'll,4UC)7ua+8<!4VM+ DO NOT COPY THESE VALUES #`DXF+[$atzM7 o^-C7g'); define('AUTH_SALT', 'koMrurzOA+|L_lG}kf DO NOT COPY THESE VALUES 07VC*Lj*lD&?3w!BT#-'); define('SECURE_AUTH_SALT', 'p32*p,]z%LZ+pAu:VY DO NOT COPY THESE VALUES C-?y+K0DK_+F|0h{!_xY'); define('LOGGED_IN_SALT', 'i^/G2W7!-1H2OQ+t$3 DO NOT COPY THESE VALUES t6**bRVFSD[Hi])-qS`|'); define('NONCE_SALT', 'Q6]U:K?j4L%Z]}h^q7 DO NOT COPY THESE VALUES 1% ^qUswWgn+6&xqHN&%');

      These are configuration lines that we can paste directly in our configuration file to set secure keys. Copy the output you received now.

      Now, open the WordPress configuration file:

      • nano /var/www/your_domain/wp-config.php

      Find the section that contains the dummy values for those settings. It will look something like this:


      . . .
      define('AUTH_KEY',         'put your unique phrase here');
      define('SECURE_AUTH_KEY',  'put your unique phrase here');
      define('LOGGED_IN_KEY',    'put your unique phrase here');
      define('NONCE_KEY',        'put your unique phrase here');
      define('AUTH_SALT',        'put your unique phrase here');
      define('SECURE_AUTH_SALT', 'put your unique phrase here');
      define('LOGGED_IN_SALT',   'put your unique phrase here');
      define('NONCE_SALT',       'put your unique phrase here');
      . . .

      Delete those lines and paste in the values you copied from the command line:


      . . .
      . . .

      Next, we need to modify some of the database connection settings at the beginning of the file. You need to adjust the database name, the database user, and the associated password that we configured within MariaDB.

      The other change we need to make is to set the method that WordPress should use to write to the filesystem. Since we've given the web server permission to write where it needs to, we can explicitly set the filesystem method to "direct". Failure to set this with our current settings would result in WordPress prompting for FTP credentials when we perform some actions. This setting can be added below the database connection settings, or anywhere else in the file:


      . . .
      define('DB_NAME', 'wordpress');
      /** MySQL database username */
      define('DB_USER', 'wordpress_user');
      /** MySQL database password */
      define('DB_PASSWORD', 'password');
      . . .
      define('FS_METHOD', 'direct');

      Save and close the file when you are finished.

      Step 6 — Completing the Installation Through the Web Interface

      Now that the server configuration is complete, we can finish up the installation through the web interface.

      In your web browser, navigate to your server's domain name or public IP address:


      Select the language you would like to use:

      WordPress language selection

      Next, you will come to the main setup page.

      Select a name for your WordPress site and choose a username (it is recommended not to choose something like "admin" for security purposes). A strong password is generated automatically. Save this password or select an alternative strong password.

      Enter your email address and select whether you want to discourage search engines from indexing your site:

      WordPress setup installation

      When you click ahead, you will be taken to a page that prompts you to log in:

      WordPress login prompt

      Once you log in, you will be taken to the WordPress administration dashboard:

      WordPress admin panel


      WordPress should be installed and ready to use! Some common next steps are to choose the permalinks setting for your posts (can be found in Settings > Permalinks) or to select a new theme (in Appearance > Themes). If this is your first time using WordPress, explore the interface a bit to get acquainted with your new CMS, or check the First Steps with WordPress guide on their official documentation.

      Source link

      How To Install Linux, Nginx, MariaDB, PHP (LEMP stack) on Debian 10


      The LEMP software stack is a group of software that can be used to serve dynamic web pages and web applications. The name “LEMP” is an acronym that describes a Linux operating system, with an (E)Nginx web server. The backend data is stored in a MariaDB database and the dynamic processing is handled by PHP.

      Although this software stack typically includes MySQL as the database management system, some Linux distributions — including Debian — use MariaDB as a drop-in replacement for MySQL.

      In this guide, you’ll install a LEMP stack on a Debian 10 server using MariaDB as the database management system.


      To complete this guide, you will need access to a Debian 10 server. This server should have a regular user configured with sudo privileges and a firewall enabled with ufw. To set this up, you can follow our Initial Server Setup with Debian 10 guide.

      Step 1 — Installing the Nginx Web Server

      In order to serve web pages to your site visitors, we are going to employ Nginx, a popular web server which is well known for its overall performance and stability.

      All of the software you will be using for this procedure will come directly from Debian’s default package repositories. This means you can use the apt package management suite to complete the installation.

      Since this is the first time you’ll be using apt for this session, you should start off by updating your local package index. You can then install the server:

      • sudo apt update
      • sudo apt install nginx

      On Debian 10, Nginx is configured to start running upon installation.

      If you have the ufw firewall running, you will need to allow connections to Nginx. You should enable the most restrictive profile that will still allow the traffic you want. Since you haven’t configured SSL for your server yet, for now you only need to allow HTTP traffic on port 80.

      You can enable this by typing:

      • sudo ufw allow 'Nginx HTTP'

      You can verify the change by typing:

      You should see HTTP traffic allowed in the displayed output:


      Status: active To Action From -- ------ ---- OpenSSH ALLOW Anywhere Nginx HTTP ALLOW Anywhere OpenSSH (v6) ALLOW Anywhere (v6) Nginx HTTP (v6) ALLOW Anywhere (v6)

      Now, test if the server is up and running by accessing your server's domain name or public IP address in your web browser. If you do not have a domain name pointed at your server and you do not know your server's public IP address, you can find it by typing one of the following into your terminal:

      • ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's//.*$//'

      This will print out a few IP addresses. You can try each of them in turn in your web browser.

      Type one of the addresses that you receive in your web browser. It should take you to Nginx's default landing page:


      Nginx default page

      If you see the above page, you have successfully installed Nginx.

      Step 2 — Installing MariaDB

      Now that you have a web server up and running, you need to install the database system to be able to store and manage data for your site.

      In Debian 10, the metapackage mysql-server, which was traditionally used to install the MySQL server, was replaced by default-mysql-server. This metapackage references MariaDB, a community fork of the original MySQL server by Oracle, and it's currently the default MySQL-compatible database server available on debian-based package manager repositories.

      For longer term compatibility, however, it’s recommended that instead of using the metapackage you install MariaDB using the program’s actual package, mariadb-server.

      To install this software, run:

      • sudo apt install mariadb-server

      When the installation is finished, it's recommended that you run a security script that comes pre-installed with MariaDB. This script will remove some insecure default settings and lock down access to your database system. Start the interactive script by running:

      • sudo mysql_secure_installation

      This script will take you through a series of prompts where you can make some changes to your MariaDB setup. The first prompt will ask you to enter the current database root password. This is not to be confused with the system root. The database root user is an administrative user with full privileges over the database system. Because you just installed MariaDB and haven’t made any configuration changes yet, this password will be blank, so just press ENTER at the prompt.

      The next prompt asks you whether you'd like to set up a database root password. Because MariaDB uses a special authentication method for the root user that is typically safer than using a password, you don't need to set this now. Type N and then press ENTER.

      From there, you can press Y and then ENTER to accept the defaults for all the subsequent questions. This will remove anonymous users and the test database, disable remote root login, and load these new rules so that MariaDB immediately respects the changes you have made.
      When you're finished, log in to the MariaDB console by typing:

      This will connect to the MariaDB server as the administrative database user root, which is inferred by the use of sudo when running this command. You should see output like this:


      Welcome to the MariaDB monitor. Commands end with ; or g. Your MariaDB connection id is 74 Server version: 10.3.15-MariaDB-1 Debian 10 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or 'h' for help. Type 'c' to clear the current input statement. MariaDB [(none)]>

      Notice that you didn't need to provide a password to connect as the root user. That works because the default authentication method for the administrative MariaDB user is unix_socket instead of password. Even though this might look like a security concern at first, it makes the database server more secure because the only users allowed to log in as the root MariaDB user are the system users with sudo privileges connecting from the console or through an application running with the same privileges. In practical terms, that means you won't be able to use the administrative database root user to connect from your PHP application.

      For increased security, it's best to have dedicated user accounts with less expansive privileges set up for every database, especially if you plan on having multiple databases hosted on your server. To demonstrate such a setup, we'll create a database named example_database and a user named example_user, but you can replace these names with different values.
      To create a new database, run the following command from your MariaDB console:

      • CREATE DATABASE example_database;

      Now you can create a new user and grant them full privileges on the custom database you've just created. The following command defines this user's password as password, but you should replace this value with a secure password of your own choosing.

      • GRANT ALL ON example_database.* TO 'example_user'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;

      This will give the example_user user full privileges over the example_database database, while preventing this user from creating or modifying other databases on your server.

      Flush the privileges to ensure that they are saved and available in the current session:

      Following this, exit the MariaDB shell:

      You can test if the new user has the proper permissions by logging in to the MariaDB console again, this time using the custom user credentials:

      • mariadb -u example_user -p

      Note the -p flag in this command, which will prompt you for the password used when creating the example_user user. After logging in to the MariaDB console, confirm that you have access to the example_database database:

      This will give you the following output:


      +--------------------+ | Database | +--------------------+ | example_database | | information_schema | +--------------------+ 2 rows in set (0.000 sec)

      To exit the MariaDB shell, type:

      At this point, your database system is set up and you can move on to installing PHP, the final component of the LEMP stack.

      Step 3 — Installing PHP for Processing

      You have Nginx installed to serve your content and MySQL installed to store and manage your data. Now you can install PHP to process code and generate dynamic content for the web server.

      While Apache embeds the PHP interpreter in each request, Nginx requires an external program to handle PHP processing and act as bridge between the PHP interpreter itself and the web server. This allows for a better overall performance in most PHP-based websites, but it requires additional configuration. You'll need to install php-fpm, which stands for "PHP fastCGI process manager", and tell Nginx to pass PHP requests to this software for processing. Additionally, you'll need php-mysql, a PHP module that allows PHP to communicate with MySQL-based databases. Core PHP packages will automatically be installed as dependencies.

      To install the php-fpm and php-mysql packages, run:

      • sudo apt install php-fpm php-mysql

      You now have your PHP components installed. Next, you'll configure Nginx to use them.

      Step 4 — Configuring Nginx to Use the PHP Processor

      When using the Nginx web server, server blocks (similar to virtual hosts in Apache) can be used to encapsulate configuration details and host more than one domain on a single server. In this guide, we'll use your_domain as example domain name. To learn more about setting up a domain name with DigitalOcean, see our introduction to DigitalOcean DNS.

      OnDebian 10, Nginx has one server block enabled by default and is configured to serve documents out of a directory at /var/www/html. While this works well for a single site, it can become difficult to manage if you are hosting multiple sites. Instead of modifying /var/www/html, let's create a directory structure within /var/www for the your_domain website, leaving /var/www/html in place as the default directory to be served if a client request doesn't match any other sites.

      Create the root web directory for your_domain as follows:

      • sudo mkdir /var/www/your_domain

      Next, assign ownership of the directory with the $USER environment variable, which should reference your current system user:

      • sudo chown -R $USER:$USER /var/www/your_domain

      Then, open a new configuration file in Nginx's sites-available directory using your preferred command-line editor. Here, we'll use nano:

      • sudo nano /etc/nginx/sites-available/your_domain

      This will create a new blank file. Paste in the following bare-bones configuration:


      server {
          listen 80;
          listen [::]:80;
          root /var/www/your_domain;
          index index.php index.html index.htm;
          server_name your_domain;
          location / {
              try_files $uri $uri/ =404;
          location ~ .php$ {
              include snippets/fastcgi-php.conf;
              fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;

      This is a basic configuration that listens on port 80 and serves files from the web root you just created. It will only respond to requests to the host or IP address provided after server_name, and any files ending in .php will be processed by php-fpm before Nginx sends the results to the user.

      When you're done editing, save and close the file. If you used nano to create the file, do so by typing CTRL+X and then y and ENTER to confirm.

      Activate your configuration by linking to the config file from Nginx's sites-enabled directory:

      • sudo ln -s /etc/nginx/sites-available/your_domain /etc/nginx/sites-enabled/

      This will tell Nginx to use the configuration next time it is reloaded. You can test your configuration for syntax errors by typing:

      If any errors are reported, go back to your configuration file to review its contents before continuing.

      When you are ready, reload Nginx to make the changes:

      • sudo systemctl reload nginx

      Next, you'll create a file in your new web root directory to test out PHP processing.

      Step 5 — Creating a PHP File to Test Configuration

      Your LEMP stack should now be completely set up. You can test it to validate that Nginx can correctly hand .php files off to your PHP processor.

      You can do this by creating a test PHP file in your document root. Open a new file called info.php within your document root in your text editor:

      • nano /var/www/your_domain/info.php

      Type or paste the following lines into the new file. This is valid PHP code that will return information about your server:



      When you are finished, save and close the file by typing CTRL+X and then y and ENTER to confirm.

      You can now access this page in your web browser by visiting the domain name or public IP address you've set up in your Nginx configuration file, followed by /info.php:


      You will see a web page containing detailed information about your server:

      PHP page info

      After checking the relevant information about your PHP server through that page, it's best to remove the file you created as it contains sensitive information about your PHP environment and your Debian server. You can use rm to remove that file:

      • sudo rm /var/www/your_domain/info.php

      You can always regenerate this file if you need it later. Next, we'll test the database connection from the PHP side.

      Step 6 — Testing Database Connection from PHP (Optional)

      If you want to test if PHP is able to connect to MariaDB and execute database queries, you can create a test table with dummy data and query for its contents from a PHP script.

      First, connect to the MariaDB console with the database user you created in Step 2 of this guide:

      • mariadb -u example_user -p

      Create a table named todo_list. From the MariaDB console, run the following statement:

      CREATE TABLE example_database.todo_list (
          item_id INT AUTO_INCREMENT,
          content VARCHAR(255),
          PRIMARY KEY(item_id)

      Now, insert a few rows of content in the test table. You might want to repeat the next command a few times, using different values:

      • INSERT INTO example_database.todo_list (content) VALUES ("My first important item");

      To confirm that the data was successfully saved to your table, run:

      • SELECT * FROM example_database.todo_list;

      You will see the following output:


      +---------+--------------------------+ | item_id | content | +---------+--------------------------+ | 1 | My first important item | | 2 | My second important item | | 3 | My third important item | | 4 | and this one more thing | +---------+--------------------------+ 4 rows in set (0.000 sec)

      After confirming that you have valid data in your test table, you can exit the MariaDB console:

      Now you can create the PHP script that will connect to MariaDB and query for your content. Create a new PHP file in your custom web root directory using your preferred editor. We'll use nano for that:

      • nano /var/www/your_domain/todo_list.php

      Add the following content to your PHP script:

      $user = "example_user";
      $password = "password";
      $database = "example_database";
      $table = "todo_list";
      try {
        $db = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
        echo "<h2>TODO</h2><ol>"; 
        foreach($db->query("SELECT content FROM $table") as $row) {
          echo "<li>" . $row['content'] . "</li>";
        echo "</ol>";
      } catch (PDOException $e) {
          print "Error!: " . $e->getMessage() . "<br/>";

      Save and close the file when you're done editing.

      You can now access this page in your web browser by visiting the domain name or public IP address you've set up in your Nginx configuration file, followed by /todo_list.php:


      You should see a page like this, showing the content you've inserted in your test table:

      Example PHP todo list

      That means your PHP environment is ready to connect and interact with your MariaDB server.


      In this guide, you've built a flexible foundation for serving PHP websites and applications to your visitors, using Nginx as web server. You've set up Nginx to handle PHP requests through php-fpm, and you also set up a MariaDB database to store your website's data.

      To further improve your current setup, you can install Composer for dependency and package management in PHP, and you can also set up an OpenSSL certificate for your website using Let's Encrypt.

      Source link