The following text will describe a configuration procedure of LEMP server on Debian 9 Stretch Linux. The LEMP stack described by the below guide will consist of:
  • Debian 9 Stretch Linux
  • Nginx Web server
  • MariaDB or MySQL relational database
  • PHP 7 scripting language
Please be aware that our main objective is to configure bare bones LEMP stack on Debian 9 Stretch Linux. From this reason, no security hardening or performance fine-tuning recommendations are included in the article.

Once you have your bare bones, LEMP stack configured, consider a further hardening of your server based on the target deployment environment.


  • # - requires given command to be executed with root privileges either directly as a root user or by use of sudo command
  • $ - given command to be executed as a regular non-privileged user

Prerequisites Instalation

This section illustrates a common installation of all LEMP stack components. At this stage, we are not concerned about a specific configuration of each LEMP component. Rather, we solely perform an installation of all components using a single apt-get command.

Select your desired LEMP stack flavour between MariaDB and MySQL.

MariaDB flavoured LEMP stack

# apt-get install nginx mariadb-server php-fpm php-mysql

MySQL flavoured LEMP stack

# apt-get install nginx mysql-server php-fpm php-mysql
In case no errors were produced by the above command we should now have all of the LEMP stack components installed.

Start fastCGI process manager

php7.0-fpm comes pre-configured. All we need to do is to start it, is to turn on the switch:
# service php7.0-fpm start 
# service php7.0-fpm status
[ ok ] php-fpm7.0 is running.
To start php7.0-fpm after reboot, you should enable it with systemctl command:
# systemctl enable  php7.0-fpm
Optionally, you can test the status and php7.0-fpm.sock socket location using cgi-fcgi. The cgi-fcgi is part of libfcgi0ldbl package which may not be available on your system. To install libfcgi0ldbl package execute:
# apt-get install libfcgi0ldbl
Attempt to connect php7.0-fpm.sock socket. Please note, the name of the socket may differ based on PHP version installed on your system.
# cgi-fcgi -bind -connect /run/php/php7.0-fpm.sock
Content-type: text/html; charset=UTF-8
The following error appears if the cgi-fcgi command fails to connect to php7.0-fpm.sock socket:
# cgi-fcgi -bind -connect /run/php/php7.0-fpm.sock
Could not connect to /run/php/php7.0-fpm.sock

Configure and Start Nginx Server

For Nginx web server to connect with FastCGI process manager, we need to provide it with a full path to FastCGI process manager running socket. In the previous section, we have determined FastCGI process manager socket's full path by the use cgi-fcgi -bind command.

Replace the existing Nginx's default site configuration file /etc/nginx/sites-available/default with the following configuration:
server {
        listen 80 default_server;
        listen [::]:80 default_server;
        root /var/www/html;
        index index.php index.html index.htm index.nginx-debian.html;

        server_name _;
        location / {
                try_files $uri $uri/ =404;

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
Next, create a basic PHP page to display information about installed PHP:
# echo "<?php phpinfo(); ?>" > /var/www/html/index.php
Lastly, start Nginx server:
# service nginx start  
[ ok ] Starting nginx: nginx.
If applicable, for Nginx server to start after reboot you must enable it with systemctl command:
# systemctl enable nginx

Start and enable database server

Lastly, we need to start database service. Depending on your previous installation selection you may use the bellow the command to start both MariaDB and MySQL databases:
# service mysql start
[ ok ] Starting MariaDB database server: mysqld.
For database to start after reboot run:
# systemctl enable mysql
lemp installation on debian 9 stretch with php 7


PHP 7 database connection script

The following PHP database connection code can be used to connect to your relational database:
$dbh = mysqli_connect('localhost', 'admin', 'pass');
if (!$dbh) {
    die('Could not connect: ' . mysqli_error());
echo 'Connected successfully to MySQL database';
Save the above code into a new /var/www/html/db.php file. Next, create a database user:
# mysql -u root -e "CREATE USER 'admin'@'%' IDENTIFIED BY 'pass';"
# mysql -u root -e "GRANT ALL PRIVILEGES ON *.* TO 'admin'@'%' WITH GRANT OPTION;"
Lastly, execute db.php script:
# php /var/www/html/db.php
# curl -i http://localhost/db.php
Connected successfully to MySQL database