Install a LEMP Stack on Debian 9

Traducciones al Español
Estamos traduciendo nuestros guías y tutoriales al Español. Es posible que usted esté viendo una traducción generada automáticamente. Estamos trabajando con traductores profesionales para verificar las traducciones de nuestro sitio web. Este proyecto es un trabajo en curso.
Create a Linode account to try this guide with a $ credit.
This credit will be applied to any valid services used during your first  days.

What is a LEMP Stack?

This guide describes an alternative to the popular LAMP stack, known as LEMP. The LEMP stack replaces the Apache web server component with NGINX, providing the E in the acronym: Linux, NGINX, MySQL/MariaDB, PHP.

Before You Begin

  • You will need root access to your Linode, or a user account with sudo privilege.
  • Set your system’s hostname.
  • Update your system.



These instructions install NGINX Mainline on Debian 9 from NGINX Inc’s official repository. For other distributions, see the NGINX admin guide. For information on configuring NGINX for production environments, see our Getting Started with NGINX series.

  1. Open /etc/apt/sources.list in a text editor and add the following line to the bottom:

    File: /etc/apt/sources.list
    deb stretch nginx
  2. Import the repository’s package signing key and add it to apt:

    sudo wget
    sudo apt-key add nginx_signing.key
  3. Install NGINX:

    sudo apt update
    sudo apt install nginx
  4. Ensure NGINX is running and enabled to start automatically on reboots:

    sudo systemctl start nginx
    sudo systemctl enable nginx


  1. Install the MariaDB server and MySQL/MariaDB-PHP support. You may be prompted to set a root password during installation:

    sudo apt install mariadb-server php7.0-mysql
  2. Ensure MariaDB is running and enabled to start automatically on reboot:

    sudo systemctl start mariadb
    sudo systemctl enable mariadb
  3. Run the mysql_secure_installation script.

    sudo mysql_secure_installation

    If you were not prompted to create a MySQL root user password when installing MariaDB, press Y when prompted.

    Answer Y at the following prompts:

    • Remove anonymous users?
    • Disallow root login remotely?
    • Remove test database and access to it?
    • Reload privilege tables now?
  4. Log in to MariaDB’s SQL shell. Enter the root user’s password when prompted:

    mysql -u root -p
  5. Create a test database and user with access permission. Replace testdb and testuser with appropriate names for your setup. Replace password with a strong password:

    CREATE USER 'testuser' IDENTIFIED BY 'password';
    GRANT ALL PRIVILEGES ON testdb.* TO 'testuser';


  1. Install the PHP FastCGI Processing Manager, which will bring in the core PHP dependencies:

    sudo apt install php7.0-fpm
  2. Tell PHP to only accept URIs for files which actually exist on the server:

    sudo sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/7.0/fpm/php.ini
  3. Ownership of PHP’s listening UNIX sockets is set to www-data by default, but they need to match the user and group NGINX is running as. If you installed NGINX from the NGINX repository as in the steps above, NGINX will be using the nginx user and group.

    Change the listen variables in www.conf to that:

    sudo sed -i 's/listen.owner = www-data/listen.owner = nginx/g' /etc/php/7.0/fpm/pool.d/www.conf
    sudo sed -i 's/ = www-data/ = nginx/g' /etc/php/7.0/fpm/pool.d/www.conf

Set an NGINX Site Configuration File

  1. Create the site’s root directory where its content will live. Replace with your site’s domain:

     sudo mkdir -p /var/www/
  2. Rename the default example site configuration provided with the package. This disables it. Or if you have no use for it, delete it:

    sudo mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.disabled
  3. Website configuration files should be kept in /etc/nginx/conf.d/. Create a configuration file for your site. Again replace with your site’s domain:

    File: /etc/nginx/conf.d/
    server {
        listen         80 default_server;
        listen         [::]:80 default_server;
        root           /var/www/;
        index          index.html;
        location / {
          try_files $uri $uri/ =404;
        location ~* \.php$ {
          fastcgi_pass unix:/run/php/php7.0-fpm.sock;
          include         fastcgi_params;
          fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
          fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;

    Here’s a breakdown of the server block above:

    • NGINX is listening on port 80 for incoming connections to or

    • The site is served out of /var/www/ and its index page (index.html) is a simple .html file. If your index page will use PHP, substitute index.php for index.html.

    • try_files tells NGINX to verify that a requested file or directory actually exists in the site’s root filesystem before further processing the request. If it does not, it returns a 404.

    • location ~* \.php$ means that NGINX will apply this configuration to all .php files (file names are not case sensitive) in your site’s root directory, including any subdirectories containing PHP files.

    • The * in the ~* \.php$ location directive indicates that PHP file names are not case sensitive. This can be removed if you prefer to enforce letter case.

    • fastcgi_pass specifics the UNIX socket where PHP listens for incoming connections from other local processes.

    • include fastcgi_params tells NGINX to process a list of fastcgi_param variables at /etc/nginx/fastcgi_params.

    • The fastcgi_param directives contain the location (relative to the site’s root directory) and file naming convention of PHP scripts to be served when called by NGINX.

Test the LEMP Stack

  1. Restart PHP and reload the NGINX configuration:

    sudo systemctl restart php7.0-fpm
    sudo nginx -s reload
  2. Create a test page to verify NGINX can render PHP and connect to the MySQL database. Replace the testuser and password fields with the MySQL credentials you created above.

    File: /var/www/
        <h2>LEMP Stack Test</h2>
        <?php echo '<p>Hello,</p>';
        // Define PHP variables for the MySQL connection.
        $servername = "localhost";
        $username = "testuser";
        $password = "password";
        // Create a MySQL connection.
        $conn = mysqli_connect($servername, $username, $password);
        // Report if the connection fails or is successful.
        if (!$conn) {
            exit('<p>Your connection has failed.<p>' .  mysqli_connect_error());
        echo '<p>You have connected successfully.</p>';
  3. Go to in a web browser. Remember to substitute with your site’s domain or Linode’s IP address. The page should report that You have connected successfully. If you see an error message or if the page does not load, re-check your configuration.

  4. Remove the test file once you have verified that the stack is working correctly:

    sudo rm /var/www/

This page was originally published on

Your Feedback Is Important

Let us know if this guide was helpful to you.

Join the conversation.
Read other comments or post your own below. Comments must be respectful, constructive, and relevant to the topic of the guide. Do not post external links or advertisements. Before posting, consider if your comment would be better addressed by contacting our Support team or asking on our Community Site.
The Disqus commenting system for Linode Docs requires the acceptance of Functional Cookies, which allow us to analyze site usage so we can measure and improve performance. To view and create comments for this article, please update your Cookie Preferences on this website and refresh this web page. Please note: You must have JavaScript enabled in your browser.