How to Install LOMP Stack on Rocky Linux

How to Install LOMP Stack on Rocky Linux

We’ve come up with a complete guide on how to install LOMP Stack on Rocky Linux, so you don’t have to dig through the web. Here’s everything you need to know.  

LOMP stack is an acronym for Linux, OpenLiteSpeed, MySQL/MariaDB, and PhP. The advantage of LiteSpeed servers is that they provide high speed. Regarding integration with PhP, they are used with the LightSpeed server application programming interface (LSAPI). They serve the PHP dynamic pages via LSAPI. 

How to Install LOMP Stack on Rocky Linux 

We will now discuss the installation instructions for the LOMP stack on Rocky Linux. Follow the steps below.

Update the system

The very first step you need to do is to update your system. Open your Terminal from the system menu and then type the following command on the Terminal:

$ sudo dnf update

Install prerequisite packages

Then, install the prerequisite packages. All of the prerequisites can be installed via the following command:

$ sudo dnf install wget curl nano unzip yum-utils –y


Configure the firewall

Now, we will configure the firewall using the following steps.

Check firewall status

First, you need to check the firewall status. Type the following command on the Terminal:

$ sudo firewall-cmd --state

After that, you should receive a message that the firewall is running.

Note: The firewall works with different zones. In our case, we will use the default zone, which is a public zone.

Open the ports

In the next step, list all the services and ports running on the firewall with the help of the following command:

$ sudo firewall-cmd --permanent --list-services


You should receive the following output:

cockpit dhcpv6-client ssh


Now, we will open the OpenLite administration port (i.e., 7080) via the following command:

$ sudo firewall-cmd --permanent --add-port=7080/tcp


We will also open ports for HTTP and HTTPS. For this purpose, type the following command:

$ sudo firewall-cmd --permanent --add-service=http
$ sudo firewall-cmd --permanent --add-service=https


Restart the firewall

Finally, we will restart the firewall using the following command:

$ sudo firewall-cmd –reload


Verify the ports are open

Now, list down the services and ports, and check if the administration port and HTTP/HTTPS are opened now via the following command:

$ sudo firewall-cmd --permanent --list-services 


You should receive the following output:

cockpit dhcpv6-client http https ssh


Install OpenLite

We will now install the OpenLite. Follow the steps below.

Download the binary file

You can download the binary file for OpenLite on its official page using the following command:

$ wget https://openlitespeed.org/packages/openlitespeed-1.7.16.tgz


Extract the binary file and run the installer

Now, extract the binary file using the following command:

$ tar -zxf openlitespeed-*.tgz


Move to the extracted folder/ directory via the command below:

$ cd openlitespeed


Finally, run the installer using the following command:

$ sudo ./install.sh


Start the OpenLiteSpeed server

Now we will start the OpenLiteSpeed server using the command below:

$ sudo systemctl start lshttpd


Create admin password

You need to create the admin pass. Run the following command:

$ sudo /usr/local/lsws/admin/misc/admpass.sh


You will be asked to provide a username and password. You can now browse the administration panel at http://<YOURSERVERIP>:7080. The figure shows the snapshot.

administration panel

Install PHP

First, install the OpenLiteSpeed repository via the following command:

$ sudo rpm -Uvh http://rpms.litespeedtech.om/centos/litespeed-repo-1.3-1.el8.noarch.rpm


Now, you can install the latest version of PHP via the following command:

$ sudo dnf install lsphp82 lsphp82-mysqlnd lsphp82-process lsphp82-bcmath lsphp82-pdo lsphp82-common lsphp82-xml lsphp82-opcache lsphp82-soap

Finally, verify the installation of PhP using the command below:

$ /usr/local/lsws/lsphp82/bin/php –v


Install MySQL

The MySQL can be installed via the following command:

$ sudo dnf install mysql-server


After that, enable and start the MySQL server using the command below:

$ sudo systemctl enable mysqld –now


Now, check the status of the service using the following command:

$ sudo systemctl status mysqld


Finally, run the MySQL security script as follows:

$ sudo mysql_secure_installation


Choose ‘Yes’ to install the validated password login when prompted. Then, create a strong password. And press “Y” when asked to increase the security of the database. Now, log in to  MySQL using the following command:

$ mysql -u root –p


Then, run the following commands:

mysql> CREATE DATABASE testdb;
mysql> CREATE USER 'testuser' IDENTIFIED BY 'Your_Password123';
mysql> GRANT ALL PRIVILEGES ON testdb.* TO 'testuser';
mysql> FLUSH PRIVILEGES;


This will create a test database. Once done, exit the MySQL shell as follows:

mysql> exit


Configure OpenLiteSpeed

We will now change the default HTTP port to 80. Follow the steps below:

  • Open the http://<YOURSERVERIP>:7080 and provide your credentials.
  • Goto listeners section from the left.
  • Click on view > Listener default > General page.
  • Click Edit and change the port from 8080 to 80.
  • Save and restart the server.

Configure PHP

We need to associate PHP with a server. For this purpose, click on Server Configuration > External App, then click ‘Edit’. Match the configuration as follows:

Server Configuration

Save and restart the server by clicking on the ‘Graceful restart’ button. Now, browse the following page:

http://<YOURSERVERIP>/phpinfo.php

Create a virtual host

We need to make a lot of configurations in this section to create a virtual host. The steps are as follows:

Create a directory for the virtual host

First, create the directory for the virtual host as follows:

$ sudo mkdir /usr/local/lsws/example.com/{html,logs} –p


Here, the HTML directory will host the public files, and the logs director will contain logs. 

Add virtual host

Select the virtual host section from the admin console and click the ‘Add’ button. Enter the following details:

admin console

Next, click the ‘Save’ button. You may get the error that the configuration file doesn’t exist. So click on the link to create a configuration file and save it again to finish creating the virtual host.

Modify virtual host configuration 

Now go to Virtual Hosts > Choose Virtual Host > General and modify the configuration as follows:

Document Root: $VH_ROOT/html/
Domain Name: example.com
Enable GZIP Compression: Yes
Enable Brotli Compression: Yes


Click on ‘Save’ when finished. 

Setup index file

Now, we’ll set up the index file. In the index files in the General section, click on the ‘Edit’ button. And set these options:

Index file

Once done, click ‘Save’. 

Edit virtual host log

Now, go to the Log section, and in the virtual host log, click on ‘Edit’. Fill in the following values. Don’t change other settings.

Log section

Add access log entry

Add a new entry as follows in the access log and Click on Save.

log control

Add script handler

In the Script Handler Definition, click on the ‘+’ sign to add a new definition as follows:

Add script handler

Edit the Rewrite control section

Finally, in the ‘Rewrite Control’ under the ‘Rewrite section’, set the following values:

Edit the Rewrite control section

Add virtual host mappings

Click the ‘View’ button against the default listener in the listener’s section. In the virtual host mapping, click the ‘Add’ button and set the values as follows:

Virtual Host: example.com
Domains: example.com


Save and restart the server as required.

Install SSL

In this portion, we will now be installing SSL.

Create self-signed certificate

We need two certificates. First, create the self-signed certificate with this command:

$ openssl req -x509 -days 365 -newkey rsa:4096 -keyout key.pem -out cert.pem –nodes


This will be saved in the /home/user directory. 

Install and configure snapd

First, add the EPEL repository as follows:

$ sudo dnf install -y epel-release

Now, install and configure snapd as follows:

configure snapd

Note: The snapd package manager is required for certbot and ‘Let’s encrypt’. 

Install certbot

Finally, we will install Certbot using this command:

$ sudo snap install --classic certbot


Then, we shall create a symbolic link to /usr/bin as follows:

$ sudo ln -s /snap/bin/certbot /usr/bin/certbot

And lastly, verify the installation with this command:

$ certbot –version

Obtain the SSL certificate

To run the SSL certificate, run the following command first:

$ sudo certbot certonly --webroot -w /usr/local/lsws/example.com/html/ --agree-tos --no-eff-email --staple-ocsp --preferred-challenges http -m [email protected] -d example.com


Then, generate a Diffie-Hellman group certificate with this command:

$ sudo openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096


Finally, you must do a dry run as follows:

$ sudo certbot renew --dry-run


Your certificate should renew automatically now. 

Add new listener

From the admin console, add a new listener using this command:

Listener Name: SSL
IP Address: ANY
Port: 443
Secure: Yes


Add virtual host mapping

Add a virtual host mapping by clicking on SSL as follows:

Virtual Host: example.com
Domains: example.com


Add information about the self-signed certificate

In Listeners > SSL Listener > SSL Tab > SSL Private Key & Certificate, fill self-signed certificate as follows:

Add information about the self-signed certificate

Provide SSL protocol values

In Listeners > SSL Listener > SSL Tab > SSL Protocol, provide the following values:

Provide SSL protocol values

Add information about the Private key and certificate

In Virtual Hosts > example.com > SSL Tab > SSL Private Key & Certificate, fill the following values:

How to Install LOMP Stack on Rocky Linux 1

Enable OCSP Stapling

In Virtual Hosts > example.com > SSL Tab > OCSP Stapling, provide following values:

Enable OCSP Stapling

Enable HTTP3/QUIC protocol

In Virtual Hosts > example.com > SSL Tab > Security, fill the following values:

Enable HTTP3/QUIC: Yes


Save all the configurations and click the ‘Graceful restart’ button.

Test the site

Create a test file as follows:

$ sudo nano /usr/local/lsws/example.com/html/index.php


Now, paste the following code into the file:

Test the site

Now, browse the following URL:

https://example.com

You should see the following output. And that’s it for the installation of LOMP.

installation of LOMP

In this article, we discussed how to install LOMP stack on Rocky Linux 9. By following these instructions, users can set up their own LOMP stack on Rocky Linux and benefit from the high-speed performance of OpenLiteSpeed servers.


If this guide helped you, please share it.

Related Posts