NGINX is a small and efficient web server that can be used to build an LNMP web service
environment. LNMP is an acronym of the names of its original four open source components:
the Linux operating system, NGINX web server, MySQL relational database management
system, and PHP programming language. This topic describes how to manually build an
LNMP environment on an Elastic Compute Service (ECS) instance that runs an Ubuntu
20 operating system.
Prerequisites
- An ECS instance is created and assigned a public IP address. For more information,
see Create an instance by using the wizard.
In this topic, an ECS instance that has the following configurations is used. To prevent
command errors caused by operating system version issues, we recommend that you use
the same operating system version as that used in this topic.
- Instance type: ecs.c6.large
- Operating system: Ubuntu 20.04
- Network type: Virtual Private Cloud (VPC)
- IP address: public IP address
- An inbound rule is added to a security group of the ECS instance to allow traffic
on ports 22, 80, and 443. For more information, see Add a security group rule.
Note For security purposes, this topic includes only the ports on which traffic must be
allowed to build and test an LNMP environment. You can configure security group rules
to allow traffic on more ports based on your needs. For example, if you want to connect
to a MySQL database on an ECS instance, you must add an inbound rule to a security
group of the instance to allow traffic on port 3306, which is the default port used
for MySQL.
Background information
This topic is intended for individual users who are familiar with Linux operating
systems but new to using Alibaba Cloud ECS to build websites.
The following software versions are used in the sample procedure:
- NGINX 1.18.0
- MySQL 8.0.27
- PHP 7.4.3
Step 1: Preparations
- Connect to the ECS instance on which you want to build an LNMP environment.
- Disable the firewall on the instance operating system.
- Run the following command to check the state of the firewall:
- If the firewall is disabled and in the inactive state, Status: inactive is displayed.
- If the firewall is enabled and in the active state, Status: active is displayed.
- Optional:Disable the firewall.
If the firewall is enabled, run the following command to disable the firewall and
prevent the firewall from starting on instance startup:
sudo ufw disable
Note If you want to re-enable the firewall after it is disabled and start the firewall
on instance startup, run the sudo ufw enable command.
Step 2: Install NGINX
- Run the following command to update software packages in the Ubuntu operating system:
- Run the following command to install NGINX:
sudo apt -y install nginx
- Run the following command to check the version of NGINX:
sudo nginx -v
A command output similar to the following one indicates that NGINX is installed and
its version is 1.18.0.
nginx version: nginx/1.18.0 (Ubuntu)
Step 3: Install and configure MySQL
- Install MySQL.
- Run the following command to install MySQL:
sudo apt -y install mysql-server
- Run the following command to check the version of MySQL:
sudo mysql -V
A command output similar to the following one indicates that MySQL is installed and
its version is 8.0.27. mysql Ver 8.0.27-0ubuntu0.20.04.1 for Linux on x86_64 ((Ubuntu))
- Configure MySQL.
- Run the following command to connect to MySQL.
- Run the following command to set the password of the root user:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password by 'mynewpassword';
The password
Mysql@1234 is used in this example:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password by 'Mysql@1234';
- Run the following command to exit MySQL:
- Run the following command to configure the security settings of MySQL:
sudo mysql_secure_installation
- Follow the command line instructions to configure the following settings in sequence.
- Enter the password of the root user. The password
Mysql@1234 is used in this example. root@iZbp19jsi7s0g7m4zgc****:~# sudo mysql_secure_installation
Securing the MySQL server deployment.
Enter password for user root:
Note When you enter a password, no command output is returned for data security purposes.
You need only to enter the correct password and then press the Enter key.
- Enter Y to change the password of the root user.
Change the password for root ? ((Press y|Y for Yes, any other key for No) : Y
- Enter the password of the root user.
New password:
Re-enter new password:
Estimated strength of the password: 100
- Enter Y to confirm the set password.
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y
- Enter Y to delete the autonomous user that comes with MySQL.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
- Enter Y to deny remote access to MySQL by the root user.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y
- Enter Y to remove the test database.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) :
- Enter Y to reload privilege tables.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
If All done! is displayed in the command output, the configuration is complete.
- Check whether you can log on to the MySQL database.
- Run the following command to log on to MySQL:
- Enter the password you set for MySQL after the Enter password: prompt.
Note When you enter a password, no command output is returned to maximize data security.
You need only to enter the correct password and then press the Enter key.
A command output similar to the following one indicates that you have logged on to
MySQL.
root@iZbp19jsi7s0g7m4zgc****:~# sudo mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 15
Server version: 8.0.29-0ubuntu0.20.04.3 (Ubuntu)
Copyright (c) 2000, 2022, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
- Run the following command to exit MySQL:
Step 4: Install and configure PHP
- Install PHP.
- Run the following command to install PHP:
sudo apt -y install php-fpm
- Run the following command to check the version of PHP:
sudo php -v
A command output similar to the following one indicates that PHP is installed and
its version is 7.4.3.
PHP 7.4.3 (cli) (built: Nov 25 2021 23:16:22) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
with Zend OPcache v7.4.3, Copyright (c), by Zend Technologies
- Modify the NGINX configuration file to enable PHP.
- Run the following command to open the NGINX configuration file:
sudo vim /etc/nginx/sites-enabled/default
- Press the I key to enter the edit mode to modify the file.
- Find the configuration line that starts with
index within the server braces and add index.php to the line. 
- Find
location ~ \.php$ {} within the server braces and delete the annotation character (#) from the following configuration lines
within the location ~ \.php$ braces: location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
- Press the Esc key to exit the edit mode. Then, enter
:wq and press the Enter key to save and close the file.
- Run the following command to restart NGINX:
sudo systemctl restart nginx.service
- Configure PHP.
- Run the following command to create the phpinfo.php file in the NGINX website root directory:
sudo vi <Website root directory>/phpinfo.php
<Website root directory> is a variable, which can be viewed in the NGINX configuration file. In this topic,
the NGINX configuration file is the default
/etc/nginx/sites-enabled/default file. You can run the
cat /etc/nginx/sites-enabled/default command to view the file content. A command output similar to the following one shows
that the website root directory of NGINX is
/var/www/html.
Therefore, the command to create the phpinfo.php file in the /var/www/html directory
in this example is:
sudo vi /var/www/html/phpinfo.php
- Press the I key to enter the edit mode and add the following configuration to the phpinfo.php
file:
Invoke the
phpinfo() function to show all configuration information of PHP.
<?php echo phpinfo(); ?>
- Press the Esc key to exit the edit mode. Then, enter
:wq and press the Enter key to save and close the file.
- Run the following command to start PHP:
sudo systemctl start php7.4-fpm
Step 8: Test the connection to the PHP configuration page
- Open a browser on your Windows computer or another Windows host that can access the
Internet.
- In the address bar, enter
http://<Public IP address of the ECS instance>/phpinfo.php. An output similar to the following one indicates that the LNMP environment is built.
What to do next
After the LNMP environment is built, we recommend that you delete the
phpinfo.php test file to prevent data leaks.
rm -rf <Website root directory> /phpinfo.php
The website root directory
/var/www/html is used in this example. Run the following command to delete the test file:
rm -rf /var/www/html/phpinfo.php