How to Install LEMP Stack on Linux Server with Let’s Encrypt SSL

  • Post last modified:October 21, 2023
  • Post category:Linux / Web
  • Post comments:0 Comments
  • Reading time:9 mins read

the LEMP stack, which stands for Linux, Nginx, MySQL and PHP. In this post, I will show you the steps to install a LEMP stack on a Linux server, and also secure it with Let’s Encrypt SSL.

Make sure you have the following:

  • A Linux server (Ubuntu 18.04 or 20.04 recommended)
  • SSH access to your server as a root user or a user with sudo privileges
  • A domain name pointed to your server IP address

Table of Contents:

Step 1: Update the System

update the system packages.:

sudo apt-get update
sudo apt-get upgrade

Step 2: Install Nginx

sudo apt-get install nginx

Start the Nginx service:

sudo systemctl start nginx

To enable Nginx to start at boot time, run:

sudo systemctl enable nginx

Step 3: Install MySQL

sudo apt-get install mysql-server


Start the MySQL:

sudo systemctl start mysql

To enable MySQL with system boot:

sudo systemctl enable mysql

You can use these commands to create a database(optional):

sudo mysql -u root -p
CREATE USER 'mydbuser'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON mydatabase.* TO 'mydbuser'@'localhost';

Make sure to replace the DB name, DB username, and password.

  • database name: mydatabase.
  • database username mydbuser
  • database password: password

you can exit MySQL using:


Step 4: Install PHP and Configure Nginx to use PHP

sudo apt-get install php-fpm php-mysql

By default, Nginx does not know how to handle PHP files. We need to configure Nginx to pass the PHP requests to PHP-FPM. To do this, create a new server block configuration file:

sudo nano /etc/nginx/sites-available/

Replace with your domain name. Copy and paste the following configuration:

server {
    listen 80;
    listen [::]:80;

    root /var/www/;
    index index.php index.html index.htm;


    location / {
        try_files $uri $uri/ =404;

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.4-fpm.sock;

    location ~ /\.ht {
        deny all;

Save and close the file.

Note: replace fastcgi_pass unix:/run/php/php7.4-fpm.sock; with your php version. to check php version run php -v

Enable the site by creating a symbolic link to the sites-enabled directory:

sudo ln -s /etc/nginx/sites-available/ /etc/nginx/sites-enabled/

Test the Nginx configuration:

sudo nginx -t

If the test is successful, restart Nginx:

sudo systemctl restart nginx

Step 5: Install Let’s Encrypt SSL

To install Let’s Encrypt SSL:

sudo apt-get install certbot python3-certbot-nginx

Generate the SSL certificate:

sudo certbot --nginx -d -d

Replace with your domain name. Follow the prompts to configure the SSL certificate. Once the installation is complete, Nginx will automatically be configured to use SSL.

Step 6: Test the Setup

Open a web browser and navigate to your domain name using HTTPS. You should see a lock icon in the address bar indicating that the website is secured with SSL.

In Step 5, we have mentioned the directory /var/www/ as the root directory for the website. This is just an example directory and you can replace it with the actual directory where your website files are located.

If you haven’t yet created the directory for your website files, you can create it using the following command:

sudo mkdir -p /var/www/

Replace with your actual domain name.


Once you have created the directory, you can copy your website files to this directory.

After copying the files, you can set the ownership and permissions for the files using:

sudo chown -R www-data:www-data /var/www/
sudo chmod -R 755 /var/www/

These commands set the ownership of the files to the www-data user and group, which is the user and group used by Nginx, and set the permissions to 755, which allows Nginx to access the files.

check the lemp stack
If you are receiving a 403 error because the directory is empty, it means that the web server is denying access to the directory because there are no files or directories in it. To resolve this issue, you need to add some content to the directory.


In this post, I have shown the steps to install a LEMP stack on a Linux server and secure it with Let’s Encrypt SSL. If you have any questions about this post please comment…

Leave a Reply