How to Install & Configure LEMP (Linux, Nginx, MariaDB, PHP-FPM) on CentOS 7
LEMP is an archetypal model of web service solution stacks, named as an acronym of the names of its original four components: the Linux operating system, the Nginx HTTP Server, the MySQL/MariaDB relational database management system (RDBMS), and the PHP programming language.
This is how to install and configure LEMP (Linux, Nginx, MariaDB and PHP-FPM) on CentOS 7. Please follow this tutorial with your own risk!
UPDATE YOUR CENTOS
yum update
INSTALL VIM AND ENABLE EPEL
Install the vim editor if it’s not already installed on the system and enable the EPEL repository by running:
if ! type -path "vim" > /dev/null 2>&1; then yum install vim -y; fi yum install epel-release
INSTALL MARIADB DATABASE SERVER
MariaDB is an enhanced, drop-in replacement for MySQL. It is the default database server in CentOS 7 / RedHat and can be installed on the virtual server using yum.
yum install mariadb mariadb-server
once MariaDB is installed, restart it using systemctl
systemctl restart mariadb systemctl status mariadb
next, it is recommended to run MySQL/MariaDB post installation script mysql_secure_installation as in:
mysql_secure_installation Enter current password for root (enter for none): Set root password? [Y/n] y Remove anonymous users? [Y/n] y Disallow root login remotely? [Y/n] y Remove test database and access to it? [Y/n] y Reload privilege tables now? [Y/n] y
finally, edit /etc/my.cnf.d/server.cnf and add bind-address = 127.0.0.1 within the [mysqld] block:
vim +/^[mysqld /etc/my.cnf.d/server.cnf
[mysqld] bind-address = 127.0.0.1 restart the database server using systemctl for the changes to take effect: systemctl restart mariadb systemctl status mariadb
verify MariaDB is listening on localhost only:
ss -tnlp | grep 3306 LISTEN 0 0 127.0.0.1:3306 *:* users:(("mysqld",1159,14))
INSTALL NGINX HTTP SERVER
Nginx is an open source reverse proxy server for HTTP, HTTPS, SMTP, POP3, and IMAP protocols, as well as a load balancer, HTTP cache, and a web server (origin server). It is event-based driven and asynchronous which means it uses less resources and can handle much more load and concurrent requests.
Anyway, it can be installed on the virtual server using yum:
yum install nginx
change to /etc/nginx directory and backup your original Nginx configuration file
cd /etc/nginx cp nginx.conf{,.bak}
Now edit /etc/nginx.conf and make sure it looks like the following:
vim nginx.conf
user nginx; worker_processes 2; error_log /var/log/nginx/error.log; #error_log /var/log/nginx/error.log notice; #error_log /var/log/nginx/error.log info; pid /run/nginx.pid; events { worker_connections 1024; use epoll; } # set open fd limit to 30000 worker_rlimit_nofile 30000; http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; #access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 30; server_tokens off; connection_pool_size 256; client_header_buffer_size 1k; large_client_header_buffers 4 2k; request_pool_size 4k; output_buffers 1 32k; postpone_output 1460; types_hash_max_size 2048; server_names_hash_bucket_size 64; gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; gzip_http_version 1.1; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_buffers 16 8k; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js; add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; # include vhosts from sites-enabled/ include /etc/nginx/sites-enabled var WPGroHo = {"my_hash":""};%d bloggers like this: