How to Install Nginx, MariaDB and PHP (LEMP) on Ubuntu 16.04


The LEMP Stack refers to a group of softwares which together can run dynamic websites. It is an acronym for Linux, (E)Nginx, MySQL (or MariaDB) and PHP.

In this tutorial we will learn how to setup a LEMP Stack on Ubuntu 16.04.


An Ubuntu Server 16.04 with an sudoer account. Note: The default user –  ubuntu – on AWS EC2 or Lightsail already comes with sudo access so you can follow this tutorial directly by using the ubuntu account. To setup a DigitalOcean, Vultr, Linode or local server, follow  Basic Setup of Ubuntu Server 16.04.

Installing Nginx (web server)

Nginx is a web server which can also be used as a reverse proxy, load balancer and HTTP cache. In this tutorial we will use it as a web server to serve static pages and a reverse proxy to PHP-FPM for dynamic content.

Update the system and install Nginx.

sudo apt update
sudo apt install nginx

This will install and run Nginx. If you have installed and enabled ufw then enable the Nginx profile so that Nginx can be reached on port 80.

sudo ufw allow 'Nginx HTTP'

If your server is on AWS then edit your security group settings and add a rule to allow incoming connections on port 80.

On your browser, navigate to your IP address or domain.


You should see the default Nginx landing page.

Your Nginx installation was successful.

Install MariaDB to Manage Data

MariaDB is a community-developed fork of the MySQL relational database management system intended to remain free under the GNU GPL.

Since MariaDB is under heavy development, it’s advisable to install it from its own repositories instead of Ubuntu repositories. To add MariaDB repositories, choose your distribution (Ubuntu), release (16.04), version (10.2) and nearest mirror from:

Once you select your nearest mirror, you will be presented with the code to add repositories. Copy the code from there and add MariaDB repositories. The code is similar to the following.

sudo apt-get install software-properties-common
sudo apt-key adv --recv-keys --keyserver hkp:// 0xF1656F24C74CD1D8
sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] xenial main'

Once the key is imported and the repository added you can install MariaDB with:

sudo apt update
sudo apt install mariadb-server

Enter a secure password and press “enter” for the root when asked.

MariaDB is installed and running now. Check its status by typing:

sudo systemctl status mysql
� mariadb.service - MariaDB 10.2.12 database server
Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/mariadb.service.d
Active: active (running) since Fri 2018-02-09 17:01:56 UTC; 1h 15min ago
Docs: man:mysqld(8)
Main PID: 22311 (mysqld)
Status: "Taking your SQL requests now..."
CGroup: /system.slice/mariadb.service
��22311 /usr/sbin/mysqld

If it’s not enabled or not running then enable it and start it by:

sudo systemctl enable mysql
sudo systemctl start mysql

Secure the installation by removing test databases etc. by running:

 sudo mysql_secure_installation

Enter the password which you enter during installation and answer the questions that follow.

  • When asked about changing the password, answer “N” (no) .
  • Remove the anonymous user account by answering “Y”.
  • Disallow remote root login by answering “Y”.
  • Remove the test database by answering “Y”.
  • Reload privilege tables by answering “Y”.

MariaDB is now installed and ready to use. Login to MariaDB to test it.

mysql -u root -p

Enter the root password when prompted. You should be able to login successfully. Now logout by typing “Ctrl-d”.

Install PHP for Server Side Scripting

Unlike Apache, Nginx does not run PHP natively so we install “php-fpm”. Install it by using:

sudo apt install php-fpm php-mysql

Configure PHP

By default, PHP enables a highly dangerous setting. This setting instructs PHP to run the nearest matching script if the exact script is not found. We need to disable this setting. Open the configuration file for PHP.

 sudo nano /etc/php/7.0/fpm/php.ini

Search for the line containing cgi.fix_pathinfo. Uncomment the line by removing the “;” at the start of the line and change it’s vaue to “0”.


Reload php-fpm for the new configuration to take effect.

sudo systemctl reload php7.0-fpm.service

Configure Nginx to use Handle PHP

Open the configuration for the default site.

sudo nano /etc/nginx/sites-available/default

Look for the line starting with index inside the server block and add index.php to the list.

index index.php index.html index.htm index.nginx-debian.html;

Uncomment the location block for PHP and .hhtacces to look like this.

# pass the PHP scripts to FastCGI server listening on

location ~ \.php$ {
include snippets/fastcgi-php.conf;

# # With php7.0-cgi alone:
# fastcgi_pass;
# With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.0-fpm.sock;

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one

location ~ /\.ht {
deny all;

Check for configuration errors by:

sudo nginx -t

Correct any errors if reported else load the new configurations by:

sudo systemctl reload nginx.service

Test the Configuration

Create a small file to test whether the site is running properly.

sudo nano /var/www/html/info.php

Pate the following content into the file:


Save the file and navigate to the file on a browser.


You should see a page similar to the following.

If you see a page similar to the above then you have successfully setup your server.

After testing,  remove the file so that unauthorized people do not get any hint on the server configuration.

sudo rm /var/www/html/info.php

Leave a Reply

Your email address will not be published. Required fields are marked *