Installing Nginx With PHP5 (And PHP-FPM) And MySQL Support On CentOS 6.0

Version 1.0
Author: Falko Timme
Follow me on Twitter
Last edited 08/08/2011

Nginx (pronounced "engine x") is a free, open-source, high-performance HTTP server. Nginx is known for its stability, rich feature set, simple configuration, and low resource consumption. This tutorial shows how you can install Nginx on a CentOS 6.0 server with PHP5 support (through PHP-FPM) and MySQL support.

I do not issue any guarantee that this will work for you!

 

1 Preliminary Note

In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate.

 

2 Enabling Additional Repositories

php-fpm is not available from the official CentOS repositories, but from the Remi RPM repository which itself depends on the EPEL repository; we can enable both repositories as follows:

rpm --import https://fedoraproject.org/static/0608B895.txt
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm

rpm --import http://rpms.famillecollet.com/RPM-GPG-KEY-remi
rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

yum install yum-priorities

Edit /etc/yum.repos.d/epel.repo...

vi /etc/yum.repos.d/epel.repo

... and add the line priority=10 to the [epel] section:

[epel]
name=Extra Packages for Enterprise Linux 6 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch
failovermethod=priority
enabled=1
priority=10
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
[...]

Then do the same for the [remi] section in /etc/yum.repos.d/remi.repo, plus change enabled to 1:

vi /etc/yum.repos.d/remi.repo

[remi]
name=Les RPM de remi pour Enterprise Linux $releasever - $basearch
#baseurl=http://rpms.famillecollet.com/enterprise/$releasever/remi/$basearch/
mirrorlist=http://rpms.famillecollet.com/enterprise/$releasever/remi/mirror
enabled=1
priority=10
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi
failovermethod=priority

[remi-test]
name=Les RPM de remi en test pour Enterprise Linux $releasever - $basearch
#baseurl=http://rpms.famillecollet.com/enterprise/$releasever/test/$basearch/
mirrorlist=http://rpms.famillecollet.com/enterprise/$releasever/test/mirror
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi

 

3 Installing MySQL 5

First we install MySQL 5 like this:

yum install mysql mysql-server

Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:

chkconfig --levels 235 mysqld on
/etc/init.d/mysqld start

Now check that networking is enabled. Run

netstat -tap | grep mysql

It should show something like this:

[root@server1 ~]# netstat -tap | grep mysql
tcp        0      0 *:mysql                     *:*                         LISTEN      2302/mysqld
[root@server1 ~]#

If it does not, edit /etc/my.cnf and comment out the option skip-networking:

vi /etc/my.cnf

[...]
#skip-networking
[...]

and restart your MySQL server:

/etc/init.d/mysqld restart

Run

mysql_secure_installation

to set a password for the user root (otherwise anybody can access your MySQL database!):

[root@server1 ~]# mysql_secure_installation




NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!


In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
 <-- ENTER
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n]
 <-- ENTER
New password: <-- yourrootsqlpassword
Re-enter new password: <-- yourrootsqlpassword
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n]
 <-- ENTER
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n]
 <-- ENTER
 ... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n]
 <-- ENTER
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n]
 <-- ENTER
 ... Success!

Cleaning up...



All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!


[root@server1 ~]#

 

4 Installing Nginx

Nginx is available as a package for CentOS 6.0 (from EPEL) which we can install as follows:

yum install nginx

Then we create the system startup links for nginx and start it:

chkconfig --levels 235 nginx on
/etc/init.d/nginx start

Type in your web server's IP address or hostname into a browser (e.g. http://192.168.0.100), and you should see the nginx welcome page:

Share this page:

9 Comment(s)

Add comment

Comments

From: Thiago MadPin at: 2012-03-03 07:10:54

Right one: http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm

 

From: ugur at: 2014-04-05 13:39:27

http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

From: Zenettii at: 2011-08-17 16:58:33

I recently setup my own CentOS box with nginx, php, mysql to run wordpress. also installing a security app or two.

Generally found the process fairly easy, I've used spawn-fcgi binary for looking after php-cgi process. have noticed that it's not the most stable, and had to write a basic bash script to place in cron, to run a quick process check every 60 seconds and if php-cgi is not up, launch it, this is a basic form of watchdog which has proven priceless. 

 I run https (SSL such as openSSL needs to be installed and configured, and certifcates) which was interesting to setup, also only run https with 1 worker_process, or CPU will complain.

 

Strongly advise you not to run these as root. If any of the applications can be remotely exploited, allowing that to happen under a root user is just a recipe for failure and 'pwnage'. Exploits come out on a regular basis, and you can bet that within 1 hour they are used on hundreds of targets before the application developer can produce a patch/fix, and it gets applied by the web hosts.

 

From: tabunon at: 2011-12-17 07:19:37

Hi,

 nginx didn't show up on the browser after going through Step #4. Anything I missed in setting up my box?


From: tabunon at: 2011-12-17 07:55:59

I'm building a web server running from a virtual machine and everything went well. Following the procedures in running the webserver, I don't seem get nginx running - seeing it from the browser. I ran 'netstat' to see the http service running - nothing wrong there, I guess.

From: Vman at: 2012-03-07 05:13:20

Please update your repository link in the beginning steps:

http://lists.fedoraproject.org/pipermail/announce/2012-February/003040.html

Great article, thank you.

From: Anonymous at: 2012-04-15 20:49:13

i followed your guide. everything was ok until this step: Now we call that file in a browser (e.g. http://192.168.0.100/info.php):

when i call "localhost/info.php" it says

You have chosen to open

info.php

which is a: BIN file (20 bytes)

 from: http://localhost

Would you like to save this file?

why this is saying so? whats the problem?

From: Anonymous at: 2013-01-17 23:05:21

the correct way to install repositories:
wget http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm
 

From: Joe T at: 2013-12-21 09:02:28

installing nginx from source and wanted to say thanks for helping me figure it out