Lighttpd is a secure, fast, standards-compliant web server designed for speed-critical environments. This tutorial shows how you can install Lighttpd on an OpenSUSE 11.4 server with PHP5 support (through FastCGI) and MySQL support.
I do not issue any guarantee that this will work for you!
1 Preliminary Note
In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate.
2 Installing MySQL 5
First we install MySQL 5 like this:
yast2 -i mysql mysql-client mysql-community-server
Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:
chkconfig -f –add mysql
To secure the MySQL installation, run:
Now you will be asked several questions:
server1:~ # mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we’ll need the current
password for the root user. If you’ve just installed MySQL, and
you haven’t set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): <– ENTER
OK, successfully used password, moving on…
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] <– Y
New password: <– fill in your desired MySQL root password
Re-enter new password: <– confirm that password
Password updated successfully!
Reloading privilege tables..
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
Remove anonymous users? [Y/n] <– Y
Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] <– Y
By default, MySQL comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] <– Y
– Dropping test database…
– Removing privileges on test database…
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] <– Y
All done! If you’ve completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!
Now your MySQL setup should be secured.
3 Installing Lighttpd
Lighttpd is available as an OpenSUSE package, therefore we can install it like this:
yast2 -i lighttpd
Then we create the system startup links for Lighttpd (so that Lighttpd starts automatically whenever the system boots) and start it:
chkconfig -f –add lighttpd
Now direct your browser to http://192.168.0.100, and you should see that Lighttpd delivers a page (well, it’s a 404 page because there’s no index file in Lighttpd’s document root, but at least this means that Lighttpd is working ok):
Lighttpd’s default document root is /srv/www/htdocs on OpenSUSE, and the configuration file is /etc/lighttpd/lighttpd.conf.
4 Installing PHP5
We can make PHP5 work in Lighttpd through FastCGI. There’s a FastCGI package for PHP5 available on OpenSUSE, php5-fastcgi, which we install like this:
yast2 -i php5-fastcgi
5 Configuring Lighttpd And PHP5
To enable PHP5 in Lighttpd, we must modify three files, /etc/php5/fastcgi/php.ini, /etc/lighttpd/modules.conf, and /etc/lighttpd/conf.d/fastcgi.conf. First we open /etc/php5/fastcgi/php.ini and uncomment the line cgi.fix_pathinfo=1 somewhere in the middle of the file:
[...] ; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's ; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok ; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting ; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting ; of zero causes PHP to behave as before. Default is 1. You should fix your scripts ; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. ; http://php.net/cgi.fix-pathinfo cgi.fix_pathinfo=1 [...]
(If you get the message You do not have a valid vim binary package installed. Please install either “vim”, “vim-enhanced” or “gvim”., please run
yast2 -i vim
to install vi and try again. )
Then we open /etc/lighttpd/modules.conf and uncomment the line include “conf.d/fastcgi.conf”:
[...] ## ## FastCGI (mod_fastcgi) ## include "conf.d/fastcgi.conf" [...]
Finally we open /etc/lighttpd/conf.d/fastcgi.conf and make sure that it contains the line server.modules += ( “mod_fastcgi” ); then we comment out the fastcgi.server stanza:
####################################################################### ## ## FastCGI Module ## --------------- ## ## http://www.lighttpd.net/documentation/fastcgi.html ## server.modules += ( "mod_fastcgi" ) ## ## PHP Example ## For PHP don't forget to set cgi.fix_pathinfo = 1 in the php.ini. ## ## The number of php processes you will get can be easily calculated: ## ## num-procs = max-procs * ( 1 + PHP_FCGI_CHILDREN ) ## ## for the php-num-procs example it means you will get 17*5 = 85 php ## processes. you always should need this high number for your very ## busy sites. And if you have a lot of RAM. :) ## fastcgi.server = ( ".php" => ( "php-local" => ( "socket" => socket_dir + "/php-fastcgi-1.socket", "bin-path" => server_root + "/cgi-bin/php5", "max-procs" => 1, "broken-scriptfilename" => "enable", ) ), ( "php-tcp" => ( "host" => "127.0.0.1", "port" => 9999, "check-local" => "disable", "broken-scriptfilename" => "enable", ) ), ( "php-num-procs" => ( "socket" => socket_dir + "/php-fastcgi-2.socket", "bin-path" => server_root + "/cgi-bin/php5", "bin-environment" => ( "PHP_FCGI_CHILDREN" => "16", "PHP_FCGI_MAX_REQUESTS" => "10000", ), "max-procs" => 5, "broken-scriptfilename" => "enable", ) ), ) [...]
Then we restart Lighttpd:
6 Testing PHP5 / Getting Details About Your PHP5 Installation
The document root of the default web site is /srv/www/htdocs. We will now create a small PHP file (info.php) in that directory and call it in a browser. The file will display lots of useful details about our PHP installation, such as the installed PHP version.
<?php phpinfo(); ?>
Now we call that file in a browser (e.g. http://192.168.0.100/info.php):
As you see, PHP5 is working, and it’s working through FastCGI, as shown in the Server API line. If you scroll further down, you will see all modules that are already enabled in PHP5. MySQL is not listed there which means we don’t have MySQL support in PHP5 yet.
7 Getting MySQL Support In PHP5
To get MySQL support in PHP, we can install the php5-mysql package. It’s a good idea to install some other PHP5 modules as well as you might need them for your applications:
yast2 -i php5-mysql php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dom php5-ftp php5-gd php5-gettext php5-gmp php5-iconv php5-imap php5-ldap php5-mbstring php5-mcrypt php5-odbc php5-openssl php5-pcntl php5-pgsql php5-posix php5-shmop php5-snmp php5-soap php5-sockets php5-sqlite php5-sysvsem php5-tokenizer php5-wddx php5-xmlrpc php5-xsl php5-zlib php5-exif php5-pear php5-sysvmsg php5-sysvshm
Now restart Lighttpd:
Now reload http://192.168.0.100/info.php in your browser and scroll down to the modules section again. You should now find lots of new modules there, including the MySQL module:
- Lighttpd: http://www.lighttpd.net/
- PHP: http://www.php.net/
- MySQL: http://www.mysql.com/
- OpenSUSE: http://www.opensuse.org/