How To Install LEMP Stack on Fedora 43
The LEMP stack represents one of the most powerful and efficient web server configurations available for modern web applications. This comprehensive guide walks you through installing and configuring Nginx, MariaDB, and PHP on Fedora 43, creating a robust foundation for your web hosting needs.
LEMP stands for Linux, Nginx (pronounced “Engine-X”), MariaDB, and PHP. Unlike traditional LAMP stacks that use Apache, LEMP leverages Nginx’s event-driven architecture to handle concurrent connections more efficiently. This makes it an excellent choice for high-traffic websites, content management systems, and resource-intensive web applications. Fedora 43, with its cutting-edge packages and robust security features, provides an ideal operating system foundation for your LEMP installation.
Whether you’re deploying WordPress, building custom web applications, or setting up an e-commerce platform, this tutorial provides everything you need to get your web server environment production-ready. By the end of this guide, you’ll have a fully functional web stack capable of serving dynamic PHP content backed by a secure database system.
What is LEMP Stack?
The LEMP stack combines four open-source technologies to create a complete web development environment. Each component plays a specific role in delivering dynamic web content to users.
Linux serves as the operating system foundation. Fedora 43 offers enterprise-grade stability with modern package versions, making it ideal for web server deployments.
Nginx functions as the web server, handling HTTP requests and serving static content with exceptional efficiency. Its asynchronous, event-driven architecture allows it to process thousands of concurrent connections using minimal system resources. This contrasts with Apache’s process-driven model, which consumes more memory under heavy loads.
MariaDB provides the database management system. As a community-developed fork of MySQL, MariaDB offers enhanced performance, improved security features, and complete compatibility with MySQL applications. It stores and retrieves data for dynamic websites and applications.
PHP handles server-side scripting, generating dynamic content based on user requests and database queries. When integrated with PHP-FPM (FastCGI Process Manager), PHP delivers superior performance and resource management compared to traditional PHP implementations.
This stack excels at powering content management systems like WordPress and Drupal, e-commerce platforms, RESTful APIs, and custom web applications requiring dynamic content generation.
Prerequisites
Before beginning the installation process, ensure your system meets the following requirements.
You’ll need a fresh or existing Fedora 43 installation with root or sudo privileges. Your server should have at least 2GB of RAM, though 4GB is recommended for production environments. Allocate a minimum of 20GB disk space to accommodate the LEMP components and your web applications.
Verify your Fedora version by running:
cat /etc/fedora-releaseEnsure you have an active internet connection for downloading packages. Basic command-line knowledge will help you navigate the installation process more smoothly. Ports 80 (HTTP) and 443 (HTTPS) should be available for web traffic.
If you’re upgrading an existing system or installing on a server with important data, create backups before proceeding. This precaution protects against potential data loss during the configuration process.
Step 1: Update System Packages
Updating your Fedora system ensures you have the latest security patches and software versions before installing the LEMP stack components.
Start by cleaning the package cache:
sudo dnf clean allCheck for available updates:
sudo dnf check-updateUpgrade all installed packages to their latest versions:
sudo dnf upgrade -yThis process may take several minutes depending on your internet connection speed and the number of packages requiring updates. The -y flag automatically confirms the installation without prompting.
Optionally, set a proper hostname for your server:
sudo hostnamectl set-hostname your-server-nameAfter updates complete, you may need to reboot if kernel updates were installed. Check if a reboot is required:
sudo needs-restarting -rStep 2: Install Nginx Web Server
Nginx serves as the cornerstone of your LEMP stack, handling all incoming HTTP requests and serving both static and dynamic content.
Install Nginx using DNF package manager:
sudo dnf install nginx -yThe installation automatically resolves and installs all necessary dependencies. Once complete, start the Nginx service:
sudo systemctl start nginxEnable Nginx to start automatically at system boot:
sudo systemctl enable nginxVerify the service is running properly:
sudo systemctl status nginxYou should see an “active (running)” status in green text. Check the installed Nginx version:
nginx -vUnderstanding Nginx’s directory structure helps with future configuration tasks. The main configuration file resides at /etc/nginx/nginx.conf. Server block configurations (virtual hosts) are stored in /etc/nginx/conf.d/. The default web root directory is /usr/share/nginx/html/, and log files are written to /var/log/nginx/.
Test your Nginx installation by finding your server’s IP address:
ip addr showOpen a web browser and navigate to http://your-server-ip. You should see the default Nginx welcome page, confirming successful installation.
Step 3: Configure Firewall for Web Traffic
Fedora 43 uses firewalld by default to manage firewall rules. You must open ports 80 and 443 to allow web traffic to reach your Nginx server.
Check if the firewall is active:
sudo firewall-cmd --stateAdd the HTTP service to allow port 80 traffic:
sudo firewall-cmd --permanent --zone=public --add-service=httpAdd the HTTPS service for secure connections on port 443:
sudo firewall-cmd --permanent --zone=public --add-service=httpsThe --permanent flag ensures these rules persist after reboots. Reload the firewall to apply changes:
sudo firewall-cmd --reloadVerify the rules were added successfully:
sudo firewall-cmd --list-allYou should see both http and https listed under services. This configuration allows external users to access your web server while maintaining security for other ports.
For enhanced security in production environments, consider implementing rate limiting to prevent DDoS attacks and restricting access to specific IP addresses for administrative functions.
Step 4: Install MariaDB Database Server
MariaDB provides the database backend for storing and managing your web application data. Proper installation and security configuration are crucial for protecting sensitive information.
Install MariaDB server and client packages:
sudo dnf install mariadb-server mariadb -yStart the MariaDB service:
sudo systemctl start mariadbEnable the service to start at boot:
sudo systemctl enable mariadbVerify MariaDB is running correctly:
sudo systemctl status mariadbSecure your MariaDB installation by running the security script:
sudo mysql_secure_installationThe script prompts you through several security configurations. Since this is a fresh installation, press Enter when asked for the current root password. Choose to set a root password and create a strong, complex password combining uppercase letters, lowercase letters, numbers, and special characters.
Answer “Y” to the following prompts:
- Remove anonymous users
- Disallow root login remotely
- Remove test database and access to it
- Reload privilege tables now
These security measures significantly reduce your database’s vulnerability to unauthorized access.
Create a database and user for your web application:
sudo mysql -u root -pEnter your root password when prompted. At the MariaDB prompt, execute these commands:
CREATE DATABASE mywebsite;
CREATE USER 'webuser'@'localhost' IDENTIFIED BY 'strong_password_here';
GRANT ALL PRIVILEGES ON mywebsite.* TO 'webuser'@'localhost';
FLUSH PRIVILEGES;
EXIT;Replace mywebsite, webuser, and strong_password_here with your preferred values. These commands create a dedicated database, a user with full privileges on that database, and reload the privilege tables to apply changes immediately.
The main MariaDB configuration file is located at /etc/my.cnf, with additional configurations in /etc/my.cnf.d/. Database files are stored in /var/lib/mysql/.
Step 5: Install PHP and PHP-FPM
PHP processes server-side scripts and generates dynamic content for your web applications. PHP-FPM (FastCGI Process Manager) provides superior performance when paired with Nginx.
Install PHP along with essential extensions:
sudo dnf install php php-fpm php-mysqlnd php-opcache php-gd php-xml php-mbstring php-json php-cli php-pdo -yThese extensions provide crucial functionality:
- php-mysqlnd: MySQL/MariaDB database connectivity
- php-opcache: Performance optimization through bytecode caching
- php-gd: Image manipulation capabilities
- php-xml: XML parsing and generation
- php-mbstring: Multibyte string handling for international character support
- php-json: JSON encoding and decoding
- php-cli: Command-line interface for PHP
- php-pdo: Database abstraction layer
Configure PHP-FPM to work with Nginx by editing the pool configuration:
sudo nano /etc/php-fpm.d/www.confFind the lines specifying user and group (around lines 23-24) and change them from apache to nginx:
user = nginx
group = nginxThis ensures PHP-FPM processes run under the same user account as Nginx, preventing permission issues.
Save and close the file (Ctrl+X, then Y, then Enter).
Start the PHP-FPM service:
sudo systemctl start php-fpmEnable it to start at boot:
sudo systemctl enable php-fpmVerify the service status:
sudo systemctl status php-fpmCheck your PHP version:
php -vThe main PHP configuration file is /etc/php.ini, while PHP-FPM pool configurations are in /etc/php-fpm.d/. Logs are written to /var/log/php-fpm/.
Step 6: Configure PHP for Nginx
Optimizing PHP settings enhances security, performance, and compatibility with your web applications.
Edit the main PHP configuration file:
sudo nano /etc/php.iniLocate and modify these critical settings:
Set cgi.fix_pathinfo to 0 for security (around line 768):
cgi.fix_pathinfo=0This prevents PHP from trying to execute the nearest file if the requested file isn’t found, closing a potential security vulnerability.
Adjust memory limits for PHP scripts (around line 409):
memory_limit = 256MConfigure upload size limits (around lines 843-844):
upload_max_filesize = 20M
post_max_size = 20MSet script execution timeout (around line 389):
max_execution_time = 60For production environments, disable error display to prevent sensitive information leakage (around line 479):
display_errors = OffEnable error logging (around line 495):
log_errors = On
error_log = /var/log/php_errors.logEnable OPcache for performance (around lines 1770-1772):
opcache.enable=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60Save and close the file. Restart PHP-FPM to apply changes:
sudo systemctl restart php-fpmStep 7: Integrate Nginx with PHP-FPM
Proper integration between Nginx and PHP-FPM enables your server to process dynamic PHP content efficiently.
Create a new server block configuration:
sudo nano /etc/nginx/conf.d/default.confAdd this configuration:
server {
listen 80;
server_name your_domain.com www.your_domain.com;
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}Replace your_domain.com with your actual domain or server IP address. This configuration tells Nginx to:
- Listen on port 80 for HTTP requests
- Serve files from
/usr/share/nginx/html - Process PHP files through PHP-FPM using the Unix socket
- Deny access to .htaccess files for security
Set proper ownership and permissions:
sudo chown -R nginx:nginx /usr/share/nginx/html
sudo chmod -R 755 /usr/share/nginx/htmlTest the Nginx configuration syntax:
sudo nginx -tYou should see “syntax is ok” and “test is successful”. Reload Nginx to apply changes:
sudo systemctl reload nginxIf you encounter errors, restart Nginx instead:
sudo systemctl restart nginxStep 8: Test LEMP Stack Installation
Verification ensures all components are working together correctly.
Create a PHP info file:
echo "<?php phpinfo(); ?>" | sudo tee /usr/share/nginx/html/info.phpSet appropriate permissions:
sudo chmod 644 /usr/share/nginx/html/info.phpCreate a database connection test file:
sudo nano /usr/share/nginx/html/test.phpAdd this code:
<?php
$servername = "localhost";
$username = "webuser";
$password = "strong_password_here";
$dbname = "mywebsite";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo "Database connection successful!";
} catch(PDOException $e) {
echo "Connection failed: " . $e->getMessage();
}
?>Replace the credentials with those you created earlier. Save and close the file.
Open your web browser and navigate to:
http://your-server-ip/info.php– You should see detailed PHP configuration informationhttp://your-server-ip/test.php– Should display “Database connection successful!”
These confirmations indicate your LEMP stack is fully operational.
For security, remove the test files after verification:
sudo rm /usr/share/nginx/html/info.php /usr/share/nginx/html/test.phpNever leave phpinfo() accessible on production servers as it exposes sensitive configuration details.
Step 9: Set Up Virtual Hosts (Optional)
Virtual hosts allow you to host multiple websites on a single server, each with its own configuration.
Create directory structure for your website:
sudo mkdir -p /var/www/example.com/{html,logs}Set proper ownership:
sudo chown -R nginx:nginx /var/www/example.comSet permissions:
sudo chmod -R 755 /var/www/example.comCreate a new server block configuration:
sudo nano /etc/nginx/conf.d/example.com.confAdd this configuration:
server {
listen 80;
server_name example.com www.example.com;
root /var/www/example.com/html;
index index.php index.html;
access_log /var/www/example.com/logs/access.log;
error_log /var/www/example.com/logs/error.log;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}Create a test file:
echo "<?php echo '<h1>Virtual host working!</h1>'; ?>" | sudo tee /var/www/example.com/html/index.phpTest and reload Nginx:
sudo nginx -t
sudo systemctl reload nginxTroubleshooting Common Issues
Even with careful installation, you may encounter issues. Here are solutions to common problems.
502 Bad Gateway Error: This typically indicates Nginx cannot communicate with PHP-FPM. Verify PHP-FPM is running:
sudo systemctl status php-fpmCheck the socket path matches in both PHP-FPM configuration (/etc/php-fpm.d/www.conf) and Nginx server block.
Permission Denied Errors: Ensure files are owned by nginx user and have correct permissions. On Fedora, SELinux may block access. Check SELinux context:
ls -Z /usr/share/nginx/htmlRestore proper context:
sudo restorecon -Rv /usr/share/nginx/htmlConfiguration Errors: Always test Nginx syntax before reloading:
sudo nginx -tReview error messages carefully for line numbers and specific issues.
Database Connection Failures: Verify MariaDB is running and credentials are correct. Check the error log:
sudo tail -f /var/log/mariadb/mariadb.logPHP-FPM Socket Not Found: Ensure the socket path exists:
ls -la /run/php-fpm/www.sockIf missing, check PHP-FPM service status and review /var/log/php-fpm/error.log.
For persistent issues, review service logs:
sudo journalctl -xe
sudo tail -f /var/log/nginx/error.log
sudo tail -f /var/log/php-fpm/www-error.logCongratulations! You have successfully installed LEMP. Thanks for using this tutorial for installing the LEMP Stack on Fedora 43 Linux system. For additional help or useful information, we recommend you check the Fedora website.
