How to Install the LEMP (Linux, Nginx, MySQL, PHP) Stack on CentOS 7 VPS or Dedicated Server

Introduction

LEMP is an acronym for Linux, Nginx, MySQL, and PHP. LEMP stack just like LAMP stack (with Apache instead of Nginx) is used for development and deployment of web applications. Nginx in LEMP provides a modular event-driven architecture handling requests using asynchronous events. This feature enables it to have high performance under high loads. The MySQL is used to store the website’s data whereas PHP is for processing the dynamic content of the sites.

This article illustrates how to install the LEMP stack in Centos 7 VPS or Dedicated Server. We demonstrate using the latest versions of LEMP Stack components at the time of publishing as follows:

Nginx version 1.15.2
PHP-FPM version 7.2
MySQL Community Version 8.0

Nginx

Open Source NGINX is available in two types:

Mainline: Incorporates the latest features and bug fixes and is always up to date. It is reliable, however, it may have some experimental modules and/or a few new bugs. Recommended for development servers.
Stable: Incorporates the latest features with critical bug fixes back-ported to the mainline version. Recommended for production servers.

There are two ways of installing either the mainline or stable Nginx as follows:

Installing Nginx package from Nginx Official Repository or OS Official Repository: The easiest way of installation. The package incorporates almost all official Nginx modules.
Compiling and Installing from Source: More flexible way of installation as you decide which specific modules to include in the package.

In this case, we install Nginx – Mainline Type from its official Nginx repository by creating yum repository file and pasting the configuration as follows:

$ sudo vim /etc/yum.repos.d/nginx.repo

[nginx]
name=nginx repo
baseurl=https://nginx.org/packages/mainline/centos/7/$basearch/
gpgcheck=0
enabled=1

Save the file and quit.

Update the Centos 7 repository with the nginx repository and install nginx

$ sudo yum update
$ sudo yum install nginx -y

Start nginx and enable on boot

$ sudo systemctl start nginx
$ sudo systemctl enable nginx

Verify that Nginx is up and running

[linuxuser@centos7-lemp ~]$ curl -I 127.0.0.1
HTTP/1.1 200 OK
Server: nginx/1.15.2
Date: Tue, 31 Jul 2018 13:03:07 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 24 Jul 2018 14:05:29 GMT
Connection: keep-alive
ETag: "5b573229-264"
Accept-Ranges: bytes

From the output, we confirm the installed version is 1.15.2

Also you can check via your browser and entering your web server’s ip address or domain name.

http://server_domain_name_or_public_IP/

MySQL Community

We install MySQL 8.0 Community (to manage website’s data) using the instructions on our tutorial How to Install MYSQL 8.0 and Create a Database on a CentOS 7 Linux VPS or Dedicated Server

PHP

PHP is required in LEMP stack to enable processing of dynamic content, because Nginx does not have inbuilt PHP processing capability like other servers, e.g. Litespeed. In this regard, we install PHP-FPM (FastCGI Process Manager) version 7.2. By-default Centos 7 comes with PHP 5.4 which has reached its EOL, it’s now outdated and no longer supported. PHP 7.2 will enable the web application to load faster and utilize fewer system resources. In addition, it incorporates built-in MySQL database integration hence seamlessly works with the installed MySQL 8.0.

Install and Enable Remi Repository

PHP-FPM package is found in Remi repository.

$ sudo yum install -y yum-utils
$ sudo yum install -y http://rpms.remirepo.net/enterprise/remi-release-7.rpm
$ sudo yum-config-manager --enable remi-php72

Install PHP-FPM and Commonly Used Modules

$ sudo yum install -y php72 php72-php-fpm php72-php-gd php72-php-json php72-php-mbstring php72-php-mysqlnd php72-php-xml php72-php-xmlrpc php72-php-opcache

Start and Enable PHP-FPM

$ sudo systemctl start php72-php-fpm
$ sudo systemctl enable php72-php-fpm

Check the PHP version

[linuxuser@centos7-lemp ~]$ php72 -v
PHP 7.2.8 (cli) (built: Jul 17 2018 08:41:40) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
  with Zend OPcache v7.2.8, Copyright (c) 1999-2018, by Zend Technologies

Basic PHP Security Configuration

Edit the php.ini file and find the parameter cgi.fix_pathinfo, uncomment it and set to 0. By-default, this setting allows for PHP to execute the closest file if it does not find an exactly matching PHP file. Hence users can easily create malicious PHP requests which PHP will process with ease.

$ sudo vim /etc/opt/remi/php72/php.ini

Edit as follows:

; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
; this to 1 will cause PHP CGI to fix its paths to conform to the spec.  A setting
; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
; http://php.net/cgi.fix-pathinfo
cgi.fix_pathinfo=0

Configure PHP-FPM to work with Nginx

Edit the php-fpm config file as follows

$ sudo vim /etc/opt/remi/php72/php-fpm.d/www.conf

; Add Nginx user
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
;   will be used.
; RPM: apache user chosen to provide access to the same directories as httpd
user = nginx

; RPM: Keep a group allowed to write in log dir.
group = nginx

; The address on which to accept FastCGI requests.
; Valid syntaxes are:
;   'ip.add.re.ss:port'- to listen on a TCP socket to a specific IPv4 address on
;                            a specific port;
;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
;                            a specific port;
;   'port'             - to listen on a TCP socket to all addresses
;                            (IPv6 and IPv4-mapped) on a specific port;
;   '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = 127.0.0.1:9000

Restart php-fpm service to effect the config changes

$ sudo systemctl restart php72-php-fpm

Edit the Nginx config file

$ sudo vim /etc/nginx/sites-enabled/default.conf

After making the changes the file should be as follows:

server {
  listen   80;
  server_name  <domain_name_or_server_public_ip_address>;
 
  #charset koi8-r;
  #access_log  /var/log/nginx/host.access.log  main;
 
  location / {
    root   /usr/share/nginx/html;
    index index.php index.html index.htm;
  }
 
  error_page  404          /404.html;
 
  # redirect server error pages to the static page /50x.html
  #
  error_page   500 502 503 504  /50x.html;
  location = /50x.html {
    root   /usr/share/nginx/html;
  }
 
  # proxy the PHP scripts to Apache listening on 127.0.0.1:80
  #
  #location ~ \.php$ {
  #proxy_pass   http://127.0.0.1;
  #}
 
  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  location ~ \.php$ {
   root      /usr/share/nginx/html;
        fastcgi_pass   127.0.0.1:9000;
         fastcgi_index  index.php;
       fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
  include    fastcgi_params;
  }
 
  # deny access to .htaccess files, if Apache's document root
  # concurs with nginx's one
  #
  #location ~ /\.ht {
  #deny  all;
  #}
}

Test if the config is okay

[linuxuser@centos7-lemp ~]$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Restart nginx to effect the changes

$ sudo systemctl restart nginx

Test PHP

Create the file info.php as follows and place it in the Nginx web root directory

$ sudo vim /usr/share/nginx/html/info.php

<?php phpinfo(); ?>

Save and exit the file.

Then visit the browser address – http://your_domain_or_server_public_IP/info.php

The web page will display PHP information about the server. This confirms that Nginx is working properly with PHP. For security purposes, you should proceed to delete the info.php file in the web root directory.

Conclusion

Now that you have successfully installed LEMP stack, you can now host your awesome business website or web application on the root directory /usr/share/nginx/html and serve to your potential customers. It’s very simple indeed!