Why Use LOMP Over Other Stacks (LAMP, LEMP)?
LOMP is a popular choice for web development because it is open source and has a wide range of support. Additionally, all of the components in the LOMP stack are compatible with each other, making it easy to set up and maintain. Furthermore, OpenLiteSpeed is a high-performance web server when comparing it to other web servers, such as Apache and Nginx. OpenLiteSpeed is able to handle more concurrent requests and utilize fewer resources, making it a great choice for high-traffic websites.
Prerequisites
Before you begin this guide, there are a few things you’ll need to have in place.
Linux server. This tutorial uses Ubuntu 22.04, the latest release at the time of writing.
Non-root user account with sudo privileges set up on your server.
Domain name that points to your server.
Installing OpenLiteSpeed
In the LOMP stack, OpenLiteSpeed is used as the web server. A Web server is software that responds to requests for files that make up your website. When someone types in your domain name, their browser sends a request to your web server asking for the files that make up your website. The web server then responds by sending those files back to the browser. Before we install OpenLiteSpeed on Ubuntu, first update your server’s package index: Retrieve the OLS repo with the wget command. The -O flag tells wget to write the output of the script to your terminal rather than create a file. The | character (known as a pipe) takes the output of the first command and passes it as input to the second command, which is cat. This allows you to review the script before running it. If the output looks good, you can run the script with the followng command: The sudo bash portion of the command tells your system to run the script with root privileges. This is necessary because the script needs to be able to modify your system’s repositories. Once the repository has been added, update the package index again to reflect the changes: Finally, install OpenLiteSpeed with the following apt command. OpenLiteSpeed will be installed on your server. Start and enable the OpenLiteSpeed service so that it starts automatically when your server boots up: You can check the status of the OpenLiteSpeed service to make sure it’s running properly: The output will look like the one below.
Installing MariaDB
MariaDB is a fork of the popular MySQL database server. It’s used in place of MySQL in the LOMP stack because it’s compatible with the other software in the stack but developed under an open-source license. MariaDB is free to use and distribute. Run the below apt command to install MariaDB: As with OpenLiteSpeed, start and enable the MariaDB service so that it starts automatically when your server boots up. You can check the status of the MariaDB service to make sure it’s running properly. The output will look like the one below.
Securing Your MariaDB Installation
By default, a fresh installation of MariaDB comes with some dangerous defaults that could leave your database server vulnerable to attack. To secure your installation, run the mariadb-secure-installation script packaged with MariaDB. This script changes some of the less secure default options and sets a password for the MariaDB root user. You will be asked a series of questions. For each one, answer “Y” (for yes) or “N” (for no). First, you will be asked to enter the root password. Since you just installed MariaDB, you won’t have set a password for the root user yet, so leave this blank and press Enter. Next, you will be asked if you want the “unix_socket authentication” method for the root user. This means that you can log in to MariaDB automatically when you are logged in as the system root user. Enter Y and press Enter. Whether you want to change the root user’s password will be the next question. Enter Y and press Enter. You will be asked to enter and confirm a new password for the root user. It’s best practice to use a strong password that is difficult to guess. After that, you will be asked if you want to remove anonymous users from your database. An anonymous user is one who has not been given a username or password. Enter Y and press Enter. By default, MariaDB allows anyone to connect to the database server without a username or password. This is not secure, so we will remove these anonymous users. Next, you will be asked if you want to disallow root login remotely. Disallowing remote root login is a good security measure, as it means that an attacker would need physical access to your server to log in as the root user. Enter Y and press Enter. Finally, you will be asked if you want to remove the test databases and access to them. These are used for testing purposes and no longer needed. Enter Y and press Enter. You will be asked to reload the privilege tables so that your changes will take effect. Enter Y and press Enter. Your MariaDB installation is now secure.
Installing PHP
PHP is a server-side scripting language used to process dynamic content, such as form data or images. If you are using WordPress, you will need to install PHP. Run the below command to search for available PHP packages. You will see a list of packages with names that begin with PHP. These are the PHP7.4, PHP8.0, and PHP8.1 packages. For this guide, we will install PHP8.1, the latest version of PHP. This package includes the latest features and security updates. To install PHP8.1, run the below command: The {common,mysql} portion tells apt to install the common and mysql modules for PHP8.1. The common module provides a set of basic functions that are needed by most PHP applications. The mysql module provides functions that allow PHP to interact with MariaDB. Your PHP application might be compatible with a different version of PHP, so be sure to check your application’s documentation before you choose a PHP version. If you want to install other versions of PHP, replace lsphp81 with the desired version. For example, to install PHP7.4, you would use the lsphp74 package name as shown below:
Accessing and Configuring OpenLiteSpeed
Configuring the Firewall
Ubuntu comes with a default firewall called UFW. You will need to allow traffic on ports 7080 and 8088 to access the Web Admin Console and your website. Allow traffic on these ports by running the following command: Check the status of your firewall by running the below command: You will see an output similar to the one below. As you can see, the output shows that traffic on ports 7080 and 8088 is allowed.
Accessing OpenLiteSpeed
Now that we have everything set up, we are ready to access OpenLiteSpeed. To do this, open your web browser and go to http://your_domain:8088. Replace “your_domain” with your domain name. You will see a page similar to the one below: the OpenLiteSpeed welcome page. Scroll down and click on the “Test PHP” link to test whether PHP is working correctly with OpenLiteSpeed. You will see a page similar to the one below. This page shows that PHP is working correctly with OpenLiteSpeed. While the PHP version shows as PHP7.4, we will change that version to PHP8.1 in the next section. Click on the link under the “Hello World CGI” script to test whether the OpenLiteSpeed CGI feature is working correctly. CGI is a mechanism for running programs on a web server in response to requests from web browsers. OpenLiteSpeed can run CGI scripts written in any language, but the most common use for CGI is to run Perl or PHP scripts. This feature is very helpful if you want to use a programming language that is not supported by OpenLiteSpeed. You will see a Hello World page similar to the one below, which means that the CGI feature is working correctly. Next, run the below command to set a password for the Web Admin Console. Provide a username and password for the Web Admin Console when prompted and press ENTER. Navigate to http://your_domain:7080 to open the Web Admin Console: the graphical user interface (GUI) for managing your OpenLiteSpeed server. It allows you to perform all of the tasks that you can perform using the command line in a much easier way. You can configure your server directly on the web browser without having to edit any configuration files, like traditional web servers. Replace your_domain with your actual domain name to see a page like the one below. Enter the User name and Password that you created in the previous step and click “Login” to log in to the Web Admin Console. You will see a page similar to the one below. This page is the main page of the Web Admin Console. It shows you an overview of your server.
Configuring OpenLiteSpeed to Use PHP8.1
By default, OpenLiteSpeed is configured to work with PHP7.4. If you are using a different version of PHP, you will need to tell OpenLiteSpeed which PHP version to use. On the main page of the Web Admin Console, click on the “Server Configuration” tab, then click on “External App.” You will see a list of all of the external applications that are currently configured. Next to “LiteSpeed SAPI App,” click on the “Edit” icon under Action as shown. You will see a page similar to the one below. In the “Command” field, enter lsphp81/bin/lsphp, the path to the lsphp binary. This setting tells OpenLiteSpeed to use PHP8.1 instead of the default PHP7.4. Keep other settings as their defaults and click the Save icon to save your changes. Click the curled arrow icon to perform a grace restart. Your changes will not take effect until you grace restart OpenLiteSpeed. Finally, navigate to http://your_domain:8088/phpinfo.php. You will see a page like the one below, which shows that OpenLiteSpeed is using PHP8.1. Congratulations! You have successfully installed and configured the LOMP stack on your Ubuntu server. Image credit: Unsplash. All screenshots by Nicholas Xuan Nguyen.
