nginx-logoThis is guide howto install Nginx with PHP 7.1.0 and PHP-FPM on Fedora 25/24/23, CentOS 7.2/6.8 and Red Hat (RHEL) 7.2/6.8. PHP-FPM is easier to use and configure than FastCGI and some tests says that PHP-FPM is even much more efficient than FastCGI.

Nginx (engine x) is a robust, small and high performance http server, reverse proxy server and also mail proxy server.

PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites.

1. Install Nginx, PHP 7.1.0 and PHP-FPM on Fedora 25/24/23, CentOS 7.2/6.8, Red Hat (RHEL) 7.2/6.8

1.1 Change to root user.


sudo -i
## OR ##
su -

1.2 Install needed repositories

Fedora 25/24/23 Remi repository


## Remi Dependency on Fedora 25/24/23
rpm -Uvh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm 
rpm -Uvh http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm

## Fedora 25 ##
rpm -Uvh http://rpms.famillecollet.com/fedora/remi-release-25.rpm

## Fedora 24 ##
rpm -Uvh http://rpms.famillecollet.com/fedora/remi-release-24.rpm

## Fedora 23 ##
rpm -Uvh http://rpms.famillecollet.com/fedora/remi-release-23.rpm

CentOS 7.2/6.8 and Red Hat (RHEL) 7.2/6.8 Remi repository


## Remi Dependency on CentOS 7 and Red Hat (RHEL) 7 ##
rpm -Uvh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-8.noarch.rpm

## CentOS 7 and Red Hat (RHEL) 7 ##
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm


## Remi Dependency on CentOS 6 and Red Hat (RHEL) 6 ##
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
 
## CentOS 6 and Red Hat (RHEL) 6 ##
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

CentOS 7.2/6.8 and Red Hat (RHEL) 7.2/6.8 Nginx repository

Create file /etc/yum.repos.d/nginx.repo and add following content to repo file:
CentOS


[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1

Red Hat (RHEL)


[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/rhel/$releasever/$basearch/
gpgcheck=0
enabled=1

1.3 Install Nginx, PHP 7.1.0 and PHP-FPM

Fedora 25/24/23


dnf --enablerepo=remi --enablerepo=remi-php71 install nginx php-fpm php-common

CentOS 7.2/6.8 and Red Hat (RHEL) 7.2/6.8


yum --enablerepo=remi,remi-php71 install nginx php-fpm php-common

1.4 Install PHP 7.1.0 modules

  • OPcache (php-opcache) – The Zend OPcache provides faster PHP execution through opcode caching and optimization.
  • APCu (php-pecl-apcu) – APCu userland caching
  • CLI (php-cli) – Command-line interface for PHP
  • PEAR (php-pear) – PHP Extension and Application Repository framework
  • PDO (php-pdo) – A database access abstraction module for PHP applications
  • MySQL (php-mysqlnd) – A module for PHP applications that use MySQL databases
  • PostgreSQL (php-pgsql) – A PostgreSQL database module for PHP
  • MongoDB (php-pecl-mongodb) – PHP MongoDB database driver
  • Redis (php-pecl-redis) – Extension for communicating with the Redis key-value store
  • Memcache (php-pecl-memcache) – Extension to work with the Memcached caching daemon
  • Memcached (php-pecl-memcached) – Extension to work with the Memcached caching daemon
  • GD (php-gd) – A module for PHP applications for using the gd graphics library
  • XML (php-xml) – A module for PHP applications which use XML
  • MBString (php-mbstring) – A module for PHP applications which need multi-byte string handling
  • MCrypt (php-mcrypt) – Standard PHP module provides mcrypt library support

Select what you need: OPcache, APCu, CLI, PEAR, PDO, MySQL, PostgreSQL, MongoDB, Memcache, Memcached, GD, MBString, MCrypt, XML

More info about PHP APC from PHP APC Configuration and Usage Tips and Tricks

Fedora 25/24/23


dnf --enablerepo=remi --enablerepo=remi-php71 install php-opcache php-pecl-apcu php-cli php-pear php-pdo php-mysqlnd php-pgsql php-pecl-mongodb php-pecl-redis php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml

CentOS 7.2/6.8 and Red Hat (RHEL) 7.2/6.8


yum --enablerepo=remi,remi-php71 install php-opcache php-pecl-apcu php-cli php-pear php-pdo php-mysqlnd php-pgsql php-pecl-mongodb php-pecl-redis php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml

1.5 Stop httpd (Apache) server, Start Nginx HTTP server and PHP-FPM (FastCGI Process Manager)

Stop httpd (Apache)


## Fedora 25/24/23 and CentOS/RHEL 7.2 ##
systemctl stop httpd.service

## CentOS/RHEL 6.8 ##
/etc/init.d/httpd stop
## OR ##
service httpd stop

Start Nginx


## Fedora 25/24/23 and CentOS/RHEL 7.2 ##
systemctl start nginx.service

## CentOS/RHEL 6.8 ##
/etc/init.d/nginx start ## use restart after update
## OR ##
service nginx start ## use restart after update

Start PHP-FPM


## Fedora 25/24/23 and CentOS/RHEL 7.2 ##
systemctl start php-fpm.service

## CentOS/RHEL 6.8 ##
/etc/init.d/php-fpm start ## use restart after update
## OR ##
service php-fpm start ## use restart after update

1.6 Autostart Nginx and PHP-FPM on boot, also prevent httpd (Apache) autostarting on boot

Prevent httpd (Apache) autostarting on boot


## Fedora 25/24/23 and CentOS/RHEL 7.2 ##
systemctl disable httpd.service

## CentOS/RHEL 6.8 ##
chkconfig httpd off

Autostart Nginx on boot


## Fedora 25/24/23 and CentOS/RHEL 7.2 ##
systemctl enable nginx.service

## CentOS/RHEL 6.8 ##
chkconfig --add nginx
chkconfig --levels 235 nginx on

Autostart PHP-FPM on boot


## Fedora 25/24/23 and CentOS/RHEL 7.2 ##
systemctl enable php-fpm.service

## CentOS/RHEL 6.8 ##
chkconfig --add php-fpm
chkconfig --levels 235 php-fpm on

1.7 Configure Nginx and PHP-FPM

Latest Fedora Nginx + PHP-FPM builds use custom config, first restore default config


## Restore nginx default config ##
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
cp /etc/nginx/nginx.conf.default /etc/nginx/nginx.conf

## Modify PHP-FPM to listen ip instead of socket ##
vi /etc/php-fpm.d/www.conf

## Change following ##
;listen = /run/php-fpm/www.sock
listen = 127.0.0.1:9000

Note: You can of course use socket also, but then change this guide virtual host accordingly.

Create directory layout for your site

I use here testsite.local site, but this could of course be your real site, like www.if-not-true-then-false.com.


## public_html directory and logs directory ##
mkdir -p /srv/www/testsite.local/public_html
mkdir /srv/www/testsite.local/logs
chown -R apache:apache /srv/www/testsite.local

Alternative setup to add logs under /var/log directory.


## public_html directory and logs directory ##
mkdir -p /srv/www/testsite.local/public_html
mkdir -p /var/log/nginx/testsite.local
chown -R apache:apache /srv/www/testsite.local
chown -R nginx:nginx /var/log/nginx

Note: I use apache user and group here, because PHP-FPM runs as apache default (apache choosed to be able to access some dir as httpd). If you use some other user on your php-fpm conf then change this accordingly.

Create and configure virtual host directories under /etc/nginx


mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled

Add following lines to /etc/nginx/nginx.conf file, after “include /etc/nginx/conf.d/*.conf” line (inside http block).


## Load virtual host conf files. ##
include /etc/nginx/sites-enabled/*;

Create testsite.local virtual host file

Add following content to /etc/nginx/sites-available/testsite.local file. This is very basic virtual host config.


server {
    server_name testsite.local;
    access_log /srv/www/testsite.local/logs/access.log;
    error_log /srv/www/testsite.local/logs/error.log;
    root /srv/www/testsite.local/public_html;

    location / {
        index index.html index.htm index.php;
    }

    location ~ \.php$ {
        include /etc/nginx/fastcgi_params;
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
}

Link your virtual host to /etc/nginx/sites-enabled


cd /etc/nginx/sites-enabled/
ln -s /etc/nginx/sites-available/testsite.local

## Fedora 25/24/23 and CentOS/RHEL 7.2 ##
systemctl restart nginx.service ## or reload

## CentOS/RHEL 6.8 ##
/etc/init.d/nginx restart ## or reload
## OR ##
service nginx restart ## or reload

Add your testsite.local “domain” to /etc/hosts file

/etc/hosts file Nginx on same machine
127.0.0.1 … row should look like example following:


127.0.0.1               localhost.localdomain localhost testsite.local

And if you use another machine where you are running your Nginx server, then add it’s public IP as following:


10.0.2.19               wordpress

Note: This is just very simple basic configuration, but if you want configure and optimize Nginx and PHP-FPM more then check following guide, Nginx and PHP-FPM Configuration and Optimizing Tips and Tricks

1.8 Test your Nginx and PHP-FPM setup

Create /srv/www/testsite.local/public_html/index.php file with following content:


<?php 
    phpinfo();
?>

Access following address, with your browser. http://testsite.local/
CentOS 7 Running Nginx and PHP-FPM 5.6.0

Note:
If you get 403 forbidden error, then you probably have problem with SELinux, then run simply following command:


chcon -R -t httpd_sys_content_t /srv/www/testsite.local/public_html
 
## Or some apps might need httpd_sys_rw_content_t ##
chcon -R -t httpd_sys_rw_content_t /srv/www/testsite.local/public_html

2. Enable Remote Connection to Nginx Web Server (Open Port 80 on Iptables Firewall)

2.1. CentOS/Red Hat (RHEL) 6.8

2.1.1 Edit /etc/sysconfig/iptables file:

nano -w /etc/sysconfig/iptables

2.1.2 Add following INPUT rule:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

2.1.3 Restart Iptables Firewall:


service iptables restart
## OR ##
/etc/init.d/iptables restart

2.2. Fedora 25/24/23 and CentOS/Red Hat (RHEL) 7.2

2.2.1 List Your Active Firewalld Zones


firewall-cmd --get-active-zones

Example output:

public
  interfaces: wlp1s0

2.2.2 Add New Rule to Firewalld

You might have active zone like public, FedoraWorkstation, FedoraServer.


firewall-cmd --permanent --zone=public --add-service=http

## OR ##

firewall-cmd --permanent --zone=public --add-port=80/tcp

2.2.3 Restart firewalld.service


systemctl restart firewalld.service

3. Test remote connection

Access following address, with your browser. http://your.domain/