How To Install LEMP Locally On Ubuntu 16.04

If using Vagrant:

Setup Vagrant

replace project with any name you wish.

$ mkdir project

$ cd project

$ vagrant init bento/ubuntu-16.04

In text editor – Vagrantfile located within the ‘project' folder, uncomment and change “forwarded_port”, guest: 80, host: 8080 to:

Change "forwarded_port", guest: 80, host: 80


Change "forwarded_port", guest: 80, host: 8080

– or to configure a private network, uncomment the line: "private_network", ip: ""

Using Synced folders

Also by using synced folders, Vagrant will automatically sync your files to and from the guest machine. Uncomment and change the line in Vagrantfile from:

# config.vm.synced_folder "../data", "/vagrant_data"


config.vm.synced_folder "html", "/var/www/html"

where “html” can be any name you choose inside your ‘project' folder. Now whatever folders/files you place inside “html” will be processed by Ubuntu/Vagrant local server.

note: can also open a notepad from the command line and edit like this:

start notepad Vagrantfile

Vagrant up


$ vagrant up

followed by:

$ vagrant ssh
$ sudo apt-get update
$ sudo apt-get upgrade

1. Install Nginx

$ sudo apt-get install nginx

2. Adjust the firewall

Before we can test Nginx, we need to reconfigure our firewall software to allow access to the service.

We can list the applications configurations that ufw knows how to work with by typing:

$ sudo ufw app list

You should get a listing of the application profiles:

Available applications:
  Nginx Full
  Nginx HTTP
  Nginx HTTPS

As you can see, there are three profiles available for Nginx:

Nginx Full: This profile opens both port 80 (normal, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic)
Nginx HTTP: This profile opens only port 80 (normal, unencrypted web traffic)
Nginx HTTPS: This profile opens only port 443 (TLS/SSL encrypted traffic)

It is recommended that you enable the most restrictive profile that will still allow the traffic you've configured. Since we haven't configured SSL for our server yet, in this guide, we will only need to allow traffic on port 80. However, we will still still allow all traffic.

You can enable this by typing:

$ sudo ufw allow 'Nginx Full'

and to allow ssh access:

$ sudo ufw allow ssh


$ sudo ufw enable

If you see:

Command may disrupt existing ssh connections. Proceed with operation (y|n)?

just select ‘y' to proceed.

You can verify everything by typing:

$ sudo ufw status

You should see HTTP traffic allowed in the displayed output:

Status: active

To                         Action      From
--                         ------      ----
Nginx HTTP                 ALLOW       Anywhere
Nginx Full                 ALLOW       Anywhere
Nginx HTTP (v6)            ALLOW       Anywhere (v6)
Nginx Full (v6)            ALLOW       Anywhere (v6)

to check that nginx is running:

$ systemctl status nginx

3. Install MariaDB

$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo apt-key adv --recv-keys --keyserver hkp:// 0xF1656F24C74CD1D8
$ sudo add-apt-repository 'deb [arch=amd64,i386] xenial main'
$ sudo apt-get update
$ sudo apt-get install mariadb-server

during installation, enter a password for the ‘root' user.

To secure mariadb,

$ sudo mysql_secure_installation

enter the password you just set for the ‘root' user.

then ‘n' to not change the password.

remove anonymous users? enter ‘y'

disallow root login remotely? ‘y' or ‘n'

remove test database and access to it? ‘y'

reload privileges tables now? ‘y'

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

some steps referenced from:

4. Install PHP7-FPM

$ sudo apt-get install -y php-fpm php-mysql php-xml php-gd php7.0-zip

Adjust php settings:

$ sudo nano /etc/php/7.0/fpm/php.ini

enter CTRL +W to access search function and type ‘cgi.fix_pathinfo’. Where you see the line ‘cgi.fix_pathinfo=1’, uncomment the line (by deleting the semicolon) and edit as follows: cgi.fix_pathinfo=0

Enter CTRL +W again and search for ‘post_max_size’ and change this value to whatever size you would like. Do the same for ‘upload_max_filesize’:

CTRL-X to save, then ‘Y’ and ENTER to exit.

Restart php:

$ sudo service php7.0-fpm restart

confingure nginx to use php:

$ sudo nano /etc/nginx/sites-available/default

1. First, we need to add index.php as the first value of our index directive

2. modify the server_name directive to point to our server's domain name or public IP address, in this case ‘localhost'.

3. uncomment a segment of the file that handles PHP requests. This will be the location ~\.php$ location block, the included fastcgi-php.conf snippet, and the socket associated with php-fpm.

4. uncomment the location block dealing with .htaccess files. Nginx doesn't process these files.

the final file will look something like (without the commented lines):

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;

    server_name localhost;

    location / {
        try_files $uri $uri/ =404;

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;

    location ~ /\.ht {
        deny all;

CTRL-X to save, then ‘Y’ and ENTER to exit.

test the configuration file:

$ sudo nginx -t

reload nginx:

$ sudo systemctl reload nginx

5. Install phpMyAdmin

5.1 Install phpmyadmin

$ sudo apt-get update
$ sudo apt-get install phpmyadmin
  1. When prompted to choose the web server that will be automatically configured to run phpmyadmin, just click the ‘tab' key then ‘OK' to continue. There is no need to configure any of the 2 options listed (apache2 and lighttpd).
  2. When promopted to configure database for phpmyadmin with dbconfig-common, choose ‘No' (the database was already installed in step 3 above).

5.2 Enable the mcrypt PHP module and restart PHP:

$ sudo apt-get install mcrypt php7.0-mcrypt
$ sudo service php7.0-fpm restart

5.3 Update nginx default block

$ sudo nano /etc/nginx/sites-available/default

find the block of code below:

 location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/run/php/php7.0-fpm.sock;

add the code below after the block above:

# Phpmyadmin Configurations
    location /phpmyadmin {
       root /usr/share/;
       index index.php index.html index.htm;
       location ~ ^/phpmyadmin/(.+\.php)$ {
               try_files $uri =404;
               root /usr/share/;
               #fastcgi_param HTTPS on; # <-- add this line
               fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
               fastcgi_index index.php;
               fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
               include fastcgi_params;
       location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
               root /usr/share/;

   # Dealing with the uppercased letters
   location /phpMyAdmin {
       rewrite ^/* /phpmyadmin last;

then reload nginx:

$ sudo systemctl reload nginx

Now you can access phpmyadmin at using the username ‘root' and the password you created when installing mariadb.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.