Ubuntu 22.04 Tutorials

How to Install LEMP Stack on Ubuntu 22.04

Install a LEMP stack on Ubuntu 22.04 with this easy-to-follow guide, covering Nginx, MySQL, PHP installation, and secure configurations.


Introduction:

Ubuntu 22.04

A LEMP stack, consisting of Linux, Nginx, MySQL, and PHP, is a powerful set of tools for hosting web content and applications. This guide will walk you through the step-by-step process of setting up a LEMP stack on an Ubuntu 22.04 server. From installing Nginx, MySQL, and PHP to configuring Nginx to use PHP and securing your setup with Let’s Encrypt SSL, this tutorial covers everything you need to get your LEMP stack up and running.

Step 1: Update Your System

Ensure that all of your system’s packages are up to date.

sudo apt update
sudo apt upgrade

Step 2: Install Nginx

Install Nginx, the web server.

sudo apt install nginx

Once the installation is finished, you can start Nginx.

sudo systemctl start nginx

Enable Nginx to start at boot.

sudo systemctl enable nginx

You can check the status of Nginx to ensure that it is running.

sudo systemctl status nginx

Step 3: Install MySQL

Install MySQL, the database server.

sudo apt install mysql-server

Secure your MySQL installation (it will prompt you to set a root password and ask you a series of questions).

sudo mysql_secure_installation

Step 4: Install PHP

Install PHP and the PHP-FPM (FastCGI Process Manager).

sudo apt install php-fpm php-mysql

You can check the version of PHP that was installed.

php --version

Step 5: Configure Nginx to Use PHP

Create a new Nginx server block configuration file.

sudo nano /etc/nginx/sites-available/example.com

Paste the following configuration (replace example.com with your own domain or IP address).

server {
    listen 80;
    server_name example.com www.example.com;

    root /var/www/html;
    index index.php index.html index.htm;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

Create a symbolic link to enable the site.

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/

Test Nginx configuration for errors.

sudo nginx -t

If there are no errors, restart Nginx to apply the changes.

sudo systemctl restart nginx

Step 6: Test PHP Processing

Create a PHP file to test PHP processing.

sudo nano /var/www/html/info.php

Add the following code to the file.

<?php
phpinfo();
?>

Now, open your web browser and visit http://example.com/info.php. You should see a page showing information about your PHP configuration. After verifying that PHP is working, it’s a good idea to delete the info.php file as it contains sensitive information about your server.

sudo rm /var/www/html/info.php

Step 7: Secure Nginx with Let’s Encrypt (Optional)

If you have a domain pointing to your server, it’s a good idea to secure your site with an SSL certificate.

  1. Install Certbot and the Nginx plugin.
sudo apt install certbot python3-certbot-nginx
  1. Obtain an SSL certificate.
sudo certbot --nginx -d example.com -d www.example.com

Follow the prompts to configure Certbot.

  1. Test automatic renewal.
sudo certbot renew --dry-run

Certbot will now automatically renew your SSL certificates.

You have successfully installed a LEMP stack on Ubuntu 22.04! Make sure to configure your firewall to allow web traffic and make any additional Nginx or PHP configuration changes as needed for your specific application.

Step 8: Install and Configure Fail2Ban

Fail2Ban is an intrusion prevention software framework that protects your server against brute-force attacks. Here is how you can install and configure Fail2Ban on your Ubuntu 22.04 server.

Install Fail2Ban:

  1. Update your package list and install Fail2Ban: sudo apt update sudo apt install fail2ban
  2. Once installed, the Fail2Ban service will start automatically. You can check its status to ensure it’s running: sudo systemctl status fail2ban

Configure Fail2Ban:

Fail2Ban works with “jails” that define the rules for monitoring log files and taking actions on matched entries.

  1. Create a Configuration File: It’s a good practice to create a local configuration file to override the default settings without altering them. This ensures that your configurations remain intact even when the package is updated. sudo nano /etc/fail2ban/jail.local
  2. Add Basic Configuration: Add the following basic configuration to set the ban time, find time, and maximum retry attempts. Customize as per your requirements: [DEFAULT] bantime = 10m findtime = 10m maxretry = 5
    • bantime: The duration for which an IP is banned.
    • findtime: The time period during which the system counts the number of attempts.
    • maxretry: The number of failed attempts allowed before banning the IP.
  3. Configure Jails for Nginx: Since you’re using Nginx, you might want to create a jail for it. Add the following configuration to the same jail.local file: [nginx-http-auth] enabled = true This enables the jail for Nginx HTTP authentication failures.
  4. Restart Fail2Ban: After saving your changes, restart Fail2Ban to apply them: sudo systemctl restart fail2ban
  5. Verify the Configuration: Check the status of your Nginx jail to ensure it’s active: sudo fail2ban-client status nginx-http-auth

Optional: Configure Email Alerts

If you want to receive email alerts for Fail2Ban actions, you can configure this in the jail.local file by setting the destemail and sendername parameters, and ensuring that you have a working mail server setup on your server.

[DEFAULT]
destemail = [email protected]
sendername = Fail2Ban

By installing and configuring Fail2Ban, you’ve added an additional layer of security to your LEMP stack on Ubuntu 22.04. Fail2Ban will monitor your log files for any malicious activity and automatically ban IPs that show signs of brute-force attacks or other unauthorized access attempts. Remember to tailor the Fail2Ban configurations according to your server’s needs and monitor its performance regularly.

Conclusion:

Congratulations! You’ve successfully installed and configured a LEMP stack on your Ubuntu 22.04 server. This setup provides a solid foundation for hosting web applications, ensuring efficient performance and secure data handling. Remember to keep all components updated and regularly check your configurations for any necessary adjustments. With your LEMP stack now ready, you’re set to deploy your web applications and make the most out of this powerful server environment.

How To Install WordPress on a LEMP stack Ubuntu Server 22.04

I hope this article was helpful! You can find more here: Ubuntu Tutorial Articles


Discover more from Patrick Domingues

Subscribe to get the latest posts sent to your email.

author avatar
Patrick Domingues

Leave a Comment

Stay Informed

Receive instant notifications when new content is released.