Shulou(Shulou.com)05/31 Report--

Today, the editor will share with you the relevant knowledge points about how to install the LEMP environment for the Nginx server in Ubuntu. The content is detailed and the logic is clear. I believe most people still know too much about this knowledge, so share this article for your reference. I hope you can get something after reading this article.

Pre-preparation

Install ubuntu 16.04 server version

Step 1: install the nginx server

1. Nginx is an advanced, resource-optimized web server program used to display web pages to visitors on the Internet. Let's start with the installation of the nginx server and use the apt command to get the nginx program from ubuntu's official software repository.

$sudo apt-get install nginx

Install nginx on ubuntu 16.04

2. Then enter the netstat and systemctl commands to confirm that the nginx process has been started and bound on port 80.

$netstat-tlpn

Check nginx network port connection

$sudo systemctl status nginx.service

Check nginx service status

When you confirm that the service process has started, you can open a browser, use the http protocol to access your server ip address or domain name, and browse the default web page of nginx.

Http://ip-address

Step 2: enable the nginx http/2.0 protocol

3. The support for the http/2.0 protocol is included by default in the nginx binaries of the latest release of ubuntu 16.04. it can only connect through ssl and ensure a great improvement in the speed of loading web pages.

To enable this protocol for nginx, first find the Web site configuration file provided by nginx and type the following command to back up the configuration file.

$cd / etc/nginx/sites-available/$ sudo mv default default.backup

Back up nginx's website configuration file

4. Then, create a new default file with a text editor and enter the following:

Server {listen 443 ssl http2 default_server; listen [:]: 443 ssl http2 default_server; root / var/www/html; index index.html index.htm index.php; server_name 192.168.1.13; location / {try_files $uri $uri/ = 404;} ssl_certificate / etc/nginx/ssl/nginx.crt; ssl_certificate_key / etc/nginx/ssl/nginx.key; ssl_protocols tlsv1 tlsv1.1 tlsv1.2 Ssl_prefer_server_ciphers on; ssl_ciphers Eecdhlly Aesha 20 etc/nginx/ssl/dhparam.pem; ssl_session_cache shared:ssl:20m; ssl_session_timeout Eecdhou Aes128 Val rsahoes Aes128 Vesa Eecdhlys Eecdhlys Eecdhages 3Dessahies Aesha20 etc/nginx/ssl/dhparam.pem; ssl_session_cache shared:ssl:20m; ssl_session_timeout 180m; resolver 8.8.8.8 8.4.4; add_header strict-transport-security "max-age=31536000; # includesubdomains" always; location. Php$ {include snippets/fastcgi-php.conf Fastcgi_pass unix:/run/php/php7.0-fpm.sock;} location ~ /\ .ht {deny all;}} server {listen 80; listen [:]: 80; server_name 192.168.1.13; return 301 https://$server_name$request_uri;}

Enable nginx http 2 protocol

The above configuration snippet adds http2 parameters to all ssl listening instructions to enable http/2.0.

The last paragraph added to the server configuration above is used to redirect all non-ssl traffic to the ssl/tls default host. Then replace the parameters of the server_name option with your host's ip address or dns record (preferably with the fqdn name).

5. After you have followed the above steps to edit the default configuration file for nginx, use the following commands to generate and view ssl certificates and keys.

Complete the certificate with your custom settings, and make sure that common name is set to match your dns fqdn record or server ip address.

$sudo mkdir / etc/nginx/ssl$ sudo openssl req-x509-nodes-days 365-newkey rsa:2048-keyout / etc/nginx/ssl/nginx.key-out / etc/nginx/ssl/nginx.crt$ ls / etc/nginx/ssl/

Generate ssl certificates and keys for nginx

6. Use a strong dh encryption algorithm by entering the following command, which modifies the file configured by the previous configuration file ssl_dhparam.

$sudo openssl dhparam-out / etc/nginx/ssl/dhparam.pem 2048

Create a diffie-hellman key

7. After the diffie-hellman key is generated, verify whether the configuration file of nginx is correct and whether it can be applied by nginx network service program. Then run the following command to restart the daemon to see what changes.

$sudo nginx-t $sudo systemctl restart nginx.service

Check the configuration of nginx

8. Type the following command to test nginx using the http/2.0 protocol. If you see H2 in the protocol, it indicates that nginx has successfully configured to use http/2.0 protocol. All the latest browsers can support this protocol by default.

$openssl s_client-connect localhost:443-nextprotoneg''

Test the nginx http 2.0 protocol

Step 3: install the php 7 interpreter

With the help of the fastcgi process manager, nginx can use the php dynamic language interpreter to generate dynamic web content. Fastcgi can be obtained from the ubuntu official repository by installing php-fpm binary packages.

9. Enter the following command in your server console to get the php7.0 and expansion package, which allows php to communicate with the nginx network service process.

$sudo apt install php7.0 php7.0-fpm

Install php 7 and php-fpm

10. When the php7.0 interpreter is installed successfully, enter the following command to start or check the php7.0-fpm daemon:

$sudo systemctl start php7.0-fpm$ sudo systemctl status php7.0-fpm

Open and verify php-fpm service

11. The current nginx profile has been configured to use php fpm to provide dynamic content.

The server configuration shown below enables nginx to use the php interpreter, so no other changes to the nginx configuration file are required.

Location ~\ .php$ {include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php7.0-fpm.sock;}

The screenshot below is the contents of the nginx default configuration file. You may need to modify or uncomment the code.

Enable php fastcgi

To test a nginx server with php-fpm enabled, create a php test profile, info.php, with the following command. Then use the http://ip_or domain/info.php URL to view the configuration.

$sudo su-c 'echo "" | tee / var/www/html/info.php'

Create a php info file

Check the information of php fastcgi

Check to see if the server declares support for the http/2.0 protocol, and navigate to $_ server ['server_protocol'] in the php variable area like the screenshot below.

Check http2.0 protocol information

In order to install other php7.0 modules, use the apt search php7.0 command to find the php module and install it.

If you want to install wordpress or other cms, you need to install the following php modules, which will be useful sooner or later.

$sudo apt install php7.0-mcrypt php7.0-mbstring

Install the php 7 module

To register these additional php modules, type the following command to restart the php-fpm daemon.

$sudo systemctl restart php7.0-fpm.service

Step 4: install the mariadb database

15. Finally, we need mariadb database to store and manage website data before we can complete the construction of lemp.

Run the following command to install the mariadb database management system and restart the php-fpm service to communicate with the database using the mysql module.

$sudo apt install mariadb-server mariadb-client php7.0-mysql$ sudo systemctl restart php7.0-fpm.service

Install mariadb

To secure mariadb, run the security script provided by the binary package in the ubuntu software repository, which will ask you to set a root password, remove anonymous users, disable remote login for root users, and remove the test database.

Enter the following command to run the script and confirm all selections. Refer to the screenshot below.

$sudo mysql_secure_installation

Secure installation of mariadb

Configure mariadb so that ordinary users can access the database without using the sudo permissions of the system. Open the mysql command line interface with root privileges and run the following command:

$sudo mysql mariadb > use mysql;mariadb > update user set plugin='' where user='root';mariadb > flush privileges;mariadb > exit

User permissions for mariadb

Finally, you can execute commands in any database without root privileges by executing the following command to log in to the mariadb database:

$mysql-u root-p-e 'show databases'

View the mariadb database

These are all the contents of the article "how to install a LEMP environment for a Nginx server in Ubuntu". Thank you for reading! I believe you will gain a lot after reading this article. The editor will update different knowledge for you every day. If you want to learn more knowledge, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.