Installing Nginx With PHP5 (And PHP-FPM) And MySQL Support (LEMP) On Debian Wheezy

1 Preliminary Note

In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate.

2 Installing MySQL 5

In order to install MySQL, we run

 apt-get install mysql-server mysql-client

You will be asked to provide a password for the MySQL root user – this password is valid for the user root@localhost as well as root@server1.example.com, so we don’t have to specify a MySQL root password manually later on: 642-902 dumps

New password for the MySQL “root” user: <– yourrootsqlpassword
Repeat password for the MySQL “root” user: <– yourrootsqlpassword

3 Installing Nginx

Nginx is available as a package for Debian Wheezy which we can install as follows:

apt-get install nginx

Start nginx afterwards:

 /etc/init.d/nginx start

Type in your web 1Y0-A20 dumpsserver’s IP addre ss or hostname into a browser (e.g. http://192.168.0.100), and you should see the following page:

ng

The default nginx document root on Debian Wheezy is /usr/share/nginx/www.

4 Installing PHP5

We can make PHP5 work in nginx through PHP-FPM (PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites) which we install as follows:

 apt-get install php5-fpm

PHP-FPM is a daemon process (with the init script /etc/init.d/php5-fpm) that runs a FastCGI server on the socket /var/run/php5-fpm.sock.

5 Configuring nginx

The nginx configuration is in /etc/nginx/nginx.conf which we open now:

nano /etc/nginx/nginx.conf

The configuration is easy to understand (you can learn more about it here: http://wiki.nginx.org/NginxFullExample and here: http://wiki.nginx.org/NginxFullExample2)

First (this is optional) adjust the number of worker processes and set the keepalive_timeout to a reasonable value:

[...]
worker_processes  4;
[...]
    keepalive_timeout   2;
[...]

The virtual hosts are defined in server {} containers. The default vhost is defined in the file /etc/nginx/sites-available/default – let’s modify it as follows:

 vi /etc/nginx/sites-available/default

 

[...]
server {
        listen   80; ## listen for ipv4; this line is default and implied
        listen   [::]:80 default_server ipv6only=on; ## listen for ipv6

        root /usr/share/nginx/www;
        index index.php index.html index.htm;

        # Make site accessible from http://localhost/
        server_name localhost;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ /index.html;
                # Uncomment to enable naxsi on this location
                # include /etc/nginx/naxsi.rules
        }

        location /doc/ {
                alias /usr/share/doc/;
                autoindex on;
                allow 127.0.0.1;
                allow ::1;
                deny all;
        }

        # Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
        #location /RequestDenied {
        #       proxy_pass http://127.0.0.1:8080;
        #}

        #error_page 404 /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
                root /usr/share/nginx/www;
        }

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ .php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+.php)(/.+)$;
                # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

                # With php5-cgi alone:
                #fastcgi_pass 127.0.0.1:9000;
                # With php5-fpm:
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        location ~ /.ht {
                deny all;
        }
}
[...]

 

Uncomment both listen lines to make nginx listen on port 80 IPv4 and IPv6.

server_name _; makes this a default catchall vhost (of course, you can as well specify a hostname here like www.example.com).

I’ve added index.php to the index line. root /usr/share/nginx/www; means that the document root is the directory /usr/share/nginx/www.

The important part for PHP is the location ~ .php$ {} stanza. Uncomment it to enable it. Please note that I’ve added the line try_files $uri =404; to prevent zero-day exploits (see http://wiki.nginx.org/Pitfalls#Passing_Uncontrolled_Requests_to_PHP and http://forum.nginx.org/read.php?2,88845,page=3).

Now save the file and reload nginx:

/etc/init.d/nginx reload

Next open /etc/php5/fpm/php.ini…

nano /etc/php5/fpm/php.ini

… and set cgi.fix_pathinfo=0:

[...]
; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
; this to 1 will cause PHP CGI to fix its paths to conform to the spec.  A setting
; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
; http://php.net/cgi.fix-pathinfo
cgi.fix_pathinfo=0
[...]

Reload PHP-FPM:

/etc/init.d/php5-fpm reload

Now create the following PHP file in the document root /usr/share/nginx/www:

nano /usr/share/nginx/www/info.php

 

<?php
phpinfo();
?>

Now we call that file in a browser (e.g. http://192.168.0.100/info.php):