💻Setting Up a LEMP Stack with SSL

Kanishthika SinghKanishthika Singh
3 min read

Table of contents

Title: Securing Your Web Applications: A Guide to Setting Up a LEMP Stack with SSL

Introduction: In today's digital landscape, securing your web applications is of utmost importance. One effective way to achieve this is by implementing SSL (Secure Socket Layer) encryption, which ensures that data transmitted between your server and users is encrypted and secure. In this guide, we'll walk you through the process of setting up a LEMP stack (Linux, Nginx, MySQL, and PHP) with SSL to create a robust and secure environment for hosting your web applications.

What is a LEMP Stack?

A LEMP stack consists of:

  1. Linux: The operating system that forms the foundation of the stack.

  2. Nginx: A high-performance web server that serves as the frontend to handle client requests.

  3. MySQL: A relational database management system that stores and manages your application's data.

  4. PHP: A server-side scripting language that processes dynamic content and interacts with the database.

Prerequisite:

Before you begin, make sure you have:

  1. A Linux-based server (Ubuntu, CentOS, etc.)

  2. Root access or a user with sudo privileges

  3. A registered domain name pointing to your server's IP address

Step 1: Update and Upgrade

Ensure your server is up to date by running the following commands:

sudo apt update && sudo apt upgrade -y   # For Ubuntu/Debian

or

sudo yum update    # For CentOS

Step 2: Install Nginx

Install Nginx, the web server that will handle incoming requests:

sudo apt install nginx    # For Ubuntu/Debian

or

sudo yum install nginx    # For CentOS

Start and enable Nginx:

sudo systemctl start nginx
sudo systemctl enable nginx

Step 3: Install MySQL

Install MySQL to manage your database:

sudo apt install mysql-server    # For Ubuntu/Debian

or

sudo yum install mariadb-server    # For CentOS

Start and enable MySQL:

sudo systemctl start mysql
sudo systemctl enable mysql

Secure your MySQL installation:

sudo mysql_secure_installation

Step 4: Install PHP

Install PHP to handle server-side scripts:

sudo apt install php-fpm php-mysql    # For Ubuntu/Debian

or

sudo yum install php-fpm php-mysql    # For CentOS

Start and enable PHP-FPM:

sudo systemctl start php-fpm
sudo systemctl enable php-fpm

Step 5: Configure Nginx for PHP

Edit the Nginx default configuration to work with PHP:

sudo nano /etc/nginx/sites-available/default

Update the location ~\.php$ block to look like this:

location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;   # Adjust version as needed
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
}

Save the changes and restart Nginx:

sudo systemctl restart nginx

Step 6: Obtain SSL Certificate

To secure your site with SSL, you can use Let's Encrypt, a free and open Certificate Authority. Install Certbot:

sudo apt install certbot python3-certbot-nginx    # For Ubuntu/Debian

or

sudo yum install certbot python3-certbot-nginx    # For CentOS

Obtain an SSL certificate for your domain:

sudo certbot --nginx -d yourdomain.com

Follow the instructions to complete the setup.

Step 7: Configure SSL in Nginx

Edit your Nginx configuration to include SSL settings:

sudo nano /etc/nginx/sites-available/default

Update the server block to include SSL settings:

server {
    listen 443 ssl;
    server_name yourdomain.com;

    ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;

    include /etc/nginx/snippets/ssl-params.conf;   # Add SSL parameters
    ...
}

Save the changes and restart Nginx:

sudo systemctl restart nginx

set up a LEMP stack with SSL to secure your web applications. Regularly update your system and monitor your server for security best practices. This setup provides a robust foundation for hosting secure and encrypted web applications.

  • 👀 I’m interested in learning and working with community , open source contribution and give back to the community.

  • ⛷️ I'm currently working with Kubernetes, Docker, AWS, Jenkins, CI/CD, Git & GitHub, Data analysis and Ai.

  • 💞️ I’m looking to collaborate on GitHub and open source projects related to Cloud Computing , Data analysis and Devops.

  • 📫 Reach out to me at whatkanish@gmail.com.

0
Subscribe to my newsletter

Read articles from Kanishthika Singh directly inside your inbox. Subscribe to the newsletter, and don't miss out.

LEMPSSL

Written by

Kanishthika Singh
Kanishthika Singh

Dedicated to mastering modern technology, I delve into the intricacies of cutting-edge advancements, leveraging innovation to navigate the ever-evolving tech landscape. Embracing the challenges of the digital era, I am committed to continuous learning and contributing to the transformative power of modern tech. MORE ABOUT ME: https://bio.link/kanishthika