Setting up a LEMP stack (Linux, Nginx, MySQL/MariaDB, PHP) on AWS Amazon Linux 2023 enables you to host high-performance web applications on a reliable, scalable infrastructure. This guide demonstrates how to install a LEMP stack on an AWS Amazon Linux 2023 server
What is the LEMP Stack?
The LEMP stack is an open-source software stack used for hosting dynamic websites and web applications. Here's what it consists of:
- Linux : The operating system that powers the server.
- Nginx : A high-performance web server and reverse proxy.
- MySQL/MariaDB : The database system for storing application data.
- PHP : A server-side scripting language for building dynamic websites.
Prerequisites for Installing the LEMP Stack on AWS
Before getting started, ensure you have the following:
- An AWS EC2 instance running Amazon Linux 2023 .
- An SSH client for accessing your server.
Step 1: Launch an AWS EC2 Instance
If you don’t already have an EC2 instance, follow this guide to create one: Instructions on how to create an AWS EC2
Step 2: Update Your Amazon Linux System
After connecting to your instance via SSH, update the package manager to ensure you have the latest software:
sudo dnf update -y
sudo dnf upgrade -y
Step 3: Install Nginx
Install Nginx
Run the following commands to install Nginx:
sudo dnf install nginx -y
Start and Enable Nginx
Start the Nginx service and configure it to launch automatically on boot:
sudo systemctl start nginx
sudo systemctl enable nginx
Verify Nginx Installation
Visit your server’s public IP address in a browser. You should see the default Nginx welcome page
Step 4: Install and Configure MySQL
Install MySQL
MySQL is a popular MySQL-compatible database system. To install MySQL, follow these steps:
## Download the RPM file
sudo wget https://dev.mysql.com/get/mysql80-community-release-el9-1.noarch.rpm
## Install RPM file
sudo dnf install mysql80-community-release-el9-1.noarch.rpm -y
## You need the public key of mysql to install the software.
sudo rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2023
# If you need to install mysql client:
sudo dnf install mysql-community-client -y
# If you need server:
sudo dnf install mysql-community-server -y
Start and Enable MySQL
Start the MySQL service and configure it to run at boot:
sudo systemctl start mysqld
sudo systemctl enable mysqld
Verify MySQL
Check the MySQL version by run the following command:
mysql -V
# mysql Ver 8.0.40 for Linux on x86_64 (MySQL Community Server - GPL)
Secure MySQL
When install Mysql, the temporary root password will be output to /var/log/mysqld.log. To retrieve the temporary root password:
sudo grep 'temporary password' /var/log/mysqld.log
# 2024-12-05T10:40:36.341933Z 6 [Note] [MY-010454] [Server] A temporary password is generated for root@localhost: fsCWX&F6TfCd
Now, we know the MySQL password Run the secure installation wizard to set up your MySQL server:
sudo mysql_secure_installation
Follow the prompts to:
- Set a root password.
- Remove anonymous users.
- Disable remote root login (optional).
- Remove the test database.
Enter password for user root: fsCWX&F6TfCd
New password: Secret123!@#
Re-enter new password: Secret123!@#
Change the password for root ? ((Press y|Y for Yes, any other key for No) : y
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : No
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Follow the prompts to set a root password and remove unnecessary options.
Try to connect MySQL
mysql -u"root" -p
-- Then Input root user password: Secret123!@#
Step 5: Install PHP
Install PHP and Extensions
Install PHP 8.3 and the necessary extensions:
sudo dnf install php8.3 php8.3-cli php8.3-fpm php8.3-mbstring php8.3-xml php8.3-gd php8.3-zip php8.3-pdo php8.3-mysqlnd -y
Configure PHP-FPM
Edit the PHP-FPM configuration to set the user and group to nginx:
sudo vi /etc/php-fpm.d/www.conf
Update these lines:
user = nginx
group = nginx
Start and enable PHP-FPM:
sudo systemctl start php-fpm
sudo systemctl enable php-fpm
Step 6: Configure Nginx to Work with PHP
Edit the Nginx configuration file to process PHP files:
sudo vi /etc/nginx/conf.d/site1.conf
Update the server block to include:
server {
listen 80;
server_name your-domain.com;
root /usr/share/nginx/html;
index index.php index.html;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/var/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ /\.ht {
deny all;
}
}
Restart Nginx to apply changes:
sudo systemctl restart nginx
Step 7: Test the LEMP Stack
Create a PHP info file to confirm PHP is working:
echo "<?php phpinfo(); ?>" | sudo tee /usr/share/nginx/html/info.php
Visit http://your-server-ip/info.php to view the PHP info page.
If Your server IP is 13.112.242.48 then visit http://13.112.242.48/info.php
If you see the PHP info page, the LEMP stack is successfully installed.
Step 8: Secure Your LEMP Stack
- Set Up a Firewall : Use AWS Security Groups to allow only necessary traffic.
- Enable HTTPS : Install a free SSL certificate using Certbot for secure connections.
- Harden MySQL : Restrict root login and create a dedicated user for your application.
Conclusion
Congratulations! You’ve successfully set up a LEMP stack on AWS Amazon Linux 2023. Your server is now ready to host PHP-based web applications. For better performance and security, consider optimizing your Nginx configuration and applying additional server hardening practices