Download Repositories Let’s get started by adding the the necessary repositories:
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
Install and Configure MySQL
Install MySQL.yum --enablerepo=remi install mysql mysql-serverStart MySQL and secure it.
service mysqld start /usr/bin/mysql_secure_installationWhen running mysql_secure_installation, just answer yes to all the prompts.
Install and Configure NGINX and PHP
Configure nginx repo.nano /etc/yum.repos.d/nginx.repoAdd the following lines inside the nginx.repo file:
[nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=0 enabled=1Install nginx, php-fpm and the necessary php modules.
yum --enablerepo=remi install nginx php php-fpm php-common yum --enablerepo=remi install php-pear php-pdo php-mysqlnd yum --enablerepo=remi install php-pgsql php-pecl-memcache yum --enablerepo=remi install php-gd php-mbstring php-mcrypt php-xmlInstall and configure apc.
yum --enablerepo=remi install php-pecl-apcThe default APC settings will work out of the box but I suggest you read this article about limiting APC caching to specific virtual sites first if you intend to run a good number of sites on your server. Configure nginx conf
nano /etc/nginx/nginx.confUse the following configuration.
user nginx;
## set to number of cpu cores
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
    worker_connections 1024;
}
http {
    include /etc/nginx/mime.types;
    default_type application/octet-stream;
    # turn off access log
    access_log off;
    server_names_hash_bucket_size   64;
    ## tcp options
    tcp_nodelay on;
    tcp_nopush on;
    keepalive_timeout 10;
    sendfile on;
    ## include virtual host conf
    include /etc/nginx/vhosts/*.conf;
}
Create the directory for virtual hosts and create the virtual host conf file. A note, I turned off logging because I use CloudFlare and I find its access reporting better than using the nginx log file. Make a default virtual host.
mkdir /etc/nginx/vhosts/ nano /etc/nginx/vhosts/default.confUse the following configuration.
server
{
    listen 80 default;
    error_log /var/log/nginx/default.error.log crit;
    root /home/default/public_html;
    index index.php index.html index.htm;
    # use fastcgi for all php files
    location ~ \.php$
    {
        # secure *.php files
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}
I usually setup the user and user directory in this particular manner after I create the corresponding domain.conf file.
adduser default passwd default mkdir /home/default/public_html chown root:nginx /home/default/ chmod 775 /home/default/Take note that whenever you upload files to public_html, you may need to chmod it to 775 (for folders and files that need write permissions) and chown it to nginx:nginx. Configure php-fpm
nano /etc/php-fpm.d/www.confUse the following settings:
[www] listen = 127.0.0.1:9000 listen.allowed_clients = 127.0.0.1 user = nginx group = nginx pm = dynamic pm.max_children = 10 pm.start_servers = 4 pm.min_spare_servers = 2 pm.max_spare_servers = 10 pm.max_requests = 500 request_terminate_timeout = 30 slowlog = /var/log/php-fpm/www-slow.log catch_workers_output = yes security.limit_extensions = .php php_admin_value[error_log] = /var/log/php-fpm/www-error.log php_admin_flag[log_errors] = on php_admin_value[session.save_path] = /tmpChange owner of php-fpm folder:
chown -R nginx:nginx /var/log/php-fpmAlso set the logging level to warning on the main php-fpm configuration file found here /etc/php-fpm.conf so that the log file won’t get bloated by php notices.
log_level = warningYour configuration is done at this point.
Start and Configure Services
service nginx start service php-fpm startIf both daemons ran without a hitch then configure all to start on boot. If you get a permission denied error, it could be due to SELinux security and you’ll have to follow this instruction to disable it.
chkconfig nginx on chkconfig php-fpm on chkconfig mysqld on
Test NGINX
Before you do any tests disable iptables first, this will be configured later on after we are sure everything is running fine.service iptables stopNow try accessing whatever domain you’ve setup on your virtual host, in this case domain.com. If you got everything right you should see a 403 nginx page. That’s all folks. ]]>