This guide will walk you through the process of setting up a PHP website on an Amazon EC2 instance using Nginx as the web server, MySQL as the database, PHP for server-side scripting, and Git for version control. We'll cover everything from initial setup to troubleshooting common issues.
Table of Contents
- Launch an EC2 Instance
- Connect to Your EC2 Instance
- Update and Upgrade the System
- Install Nginx
- Install MySQL
- Install PHP
- Install Git
- Configure Nginx
- Set Up Your Website Directory
- Clone Your Repository
- Set Correct Permissions
- Configure PHP
- Set Up SSL (Optional but Recommended)
- Troubleshooting Common Issues
- Best Practices and Security Considerations
1. Launch an EC2 Instance
- Log in to your AWS Management Console.
- Navigate to EC2 and click "Launch Instance".
- Choose an Ubuntu Server AMI (e.g., Ubuntu Server 22.04 LTS).
- Select an instance type (t2.micro is eligible for free tier).
- Configure instance details, add storage, and tags as needed.
- Configure security group to allow SSH (port 22), HTTP (port 80), and HTTPS (port 443) traffic.
- Review and launch the instance, selecting or creating a key pair.
2. Connect to Your EC2 Instance
Use SSH to connect to your instance:
ssh -i /path/to/your-key.pem ubuntu@your-instance-public-dns
Replace /path/to/your-key.pem
with the path to your key file and your-instance-public-dns
with your instance's public DNS name.
3. Update and Upgrade the System
Once connected, update and upgrade your system:
sudo apt update
sudo apt upgrade -y
4. Install Nginx
Install Nginx web server:
sudo apt install nginx -y
sudo systemctl start nginx
sudo systemctl enable nginx
Verify Nginx is running:
sudo systemctl status nginx
5. Install MySQL
Install MySQL server:
sudo apt install mysql-server -y
sudo systemctl start mysql
sudo systemctl enable mysql
Secure your MySQL installation:
sudo mysql_secure_installation
Follow the prompts to set a root password and remove insecure default settings.
6. Install PHP
We'll install PHP 8.1 (or the latest stable version available in the Ubuntu repositories):
sudo apt install php8.1-fpm php8.1-mysql php8.1-common php8.1-cli php8.1-curl php8.1-mbstring php8.1-xml php8.1-zip -y
Verify PHP installation:
php -v
7. Install Git
Install Git for version control:
sudo apt install git -y
Verify Git installation:
git --version
8. Configure Nginx
Create a new Nginx server block configuration:
sudo nano /etc/nginx/sites-available/your_domain
Add the following configuration (replace your_domain
with your actual domain or IP address):
server {
listen 80;
server_name your_domain www.your_domain;
root /var/www/your_domain;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
Enable the new site:
sudo ln -s /etc/nginx/sites-available/your_domain /etc/nginx/sites-enabled/
Test Nginx configuration:
sudo nginx -t
If the test is successful, reload Nginx:
sudo systemctl reload nginx
9. Set Up Your Website Directory
Create the web root directory:
sudo mkdir -p /var/www/your_domain
sudo chown -R $USER:$USER /var/www/your_domain
sudo chmod -R 755 /var/www/your_domain
10. Clone Your Repository
If you have an existing Git repository for your website, clone it into your web root:
cd /var/www/your_domain
git clone https://github.com/your-username/your-repo.git .
Replace https://github.com/your-username/your-repo.git
with your actual repository URL.
If you're starting a new project, initialize a new Git repository:
cd /var/www/your_domain
git init
11. Set Correct Permissions
Set the correct permissions for your web files:
sudo chown -R www-data:www-data /var/www/your_domain
sudo find /var/www/your_domain -type d -exec chmod 755 {} \;
sudo find /var/www/your_domain -type f -exec chmod 644 {} \;
To allow the Ubuntu user to manage files:
sudo usermod -a -G www-data ubuntu
sudo chmod g+s /var/www/your_domain
You may need to log out and log back in for the group changes to take effect.
12. Configure PHP
Adjust PHP settings if needed:
sudo nano /etc/php/8.1/fpm/php.ini
Common settings to adjust:
upload_max_filesize = 64M
post_max_size = 64M
max_execution_time = 300
memory_limit = 256M
After making changes, restart PHP-FPM:
sudo systemctl restart php8.1-fpm
13. Set Up SSL (Optional but Recommended)
To secure your website with HTTPS, you can use Let's Encrypt:
sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d your_domain -d www.your_domain
Follow the prompts to set up SSL.
14. Troubleshooting Common Issues
Permission Denied Errors
If you encounter "Permission denied" errors in Nginx error logs:
- Check file ownership:
ls -l /var/www/your_domain
- Ensure Nginx is running as the correct user:
ps aux | grep nginx
- Check Nginx configuration:
sudo nano /etc/nginx/nginx.conf
Ensure the user is set to www-data
.
PHP Errors
For PHP-related errors:
- Check PHP-FPM logs:
sudo tail -f /var/log/php8.1-fpm.log
- Ensure PHP-FPM is running:
sudo systemctl status php8.1-fpm
- Verify PHP-FPM socket file exists:
ls /var/run/php/php8.1-fpm.sock
Git Issues
If you encounter Git permission issues:
- Ensure the
.git
directory is owned by your user:
sudo chown -R ubuntu:ubuntu /var/www/your_domain/.git
- Use
sudo
for Git operations or temporarily change ownership:
sudo chown -R ubuntu:ubuntu /var/www/your_domain
git pull
sudo chown -R www-data:www-data /var/www/your_domain
15. Best Practices and Security Considerations
- Regularly update your system and software:
sudo apt update && sudo apt upgrade -y
Use strong passwords for all services (MySQL, SSH, etc.).
Configure a firewall (e.g., UFW) to restrict incoming traffic:
sudo ufw allow OpenSSH
sudo ufw allow 'Nginx Full'
sudo ufw enable
- Implement fail2ban to protect against brute-force attacks:
sudo apt install fail2ban -y
sudo systemctl start fail2ban
sudo systemctl enable fail2ban
Regularly backup your website and database.
Monitor your server logs for unusual activity:
sudo tail -f /var/log/nginx/access.log
sudo tail -f /var/log/nginx/error.log
Use version control (Git) for all your code changes.
Implement proper error handling and logging in your PHP application.
Use prepared statements or ORM to prevent SQL injection attacks.
Keep your application dependencies up-to-date and use a dependency manager like Composer for PHP projects.
By following this guide, you should have a fully functional PHP website running on an EC2 instance with Nginx, MySQL, and Git.
Remember to adapt the instructions to your specific needs and always prioritize security in your setup.
Top comments (1)
Very detailed list, congrats! I'd suggest setting up a PHP debugger / logger like XDebug or bcons for easier detection of PHP related issues.
Also, while regular database backup is of course mandatory, those backups won't be available if there is any problem with the instance storage. I'd add an additional step to set up automatic sync of the DB backups folder to an S3 bucket (using AWS CLI is just a matter of adding a line to the crontab file).