Professional Documents
Culture Documents
In this tutorial, we will learn how to install OpenLiteSpeed Server on Ubuntu 20.04
along with PHP 7.4 and MariaDB server.
Prerequisites
● Ubuntu 20.04 based web server.
● A non-root user account with sudo privileges.
We need to enable SSH, HTTP, HTTPS and ports 7080, 8088 for the firewall.
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
7080/tcp ALLOW Anywhere
8088/tcp ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
7080/tcp (v6) ALLOW Anywhere (v6)
8088/tcp (v6) ALLOW Anywhere (v6)
We will use OpenLiteSpeed's official Repository for our tutorial which maintains 1.6.x
version only.
$ wget -qO -
https://rpms.litespeedtech.com/debian/lst_repo.gpg | sudo
apt-key add -
Add the Repository.
Install OpenLiteSpeed
OpenLiteSpeed server ships with PHP 7.3 which is pre-enabled. But we want to use
PHP 7.4 so we will install our own copy.
Advertisement
$ /usr/local/lsws/lsphp74/bin/php7.4 -v
PHP 7.4.5 (cli) (built: May 7 2020 23:08:38) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
with Zend OPcache v7.4.5, Copyright (c), by Zend
Technologies
You can check for the enabled PHP modules.
$ /usr/local/lsws/lsphp74/bin/php7.4 --modules
Secure your MariaDB installation. This script will set your root password, remove
anonymous users, disallow remote root login and drop test tables. Choose a strong
password and answer the questions as described below.
Advertisement
$ sudo mysql_secure_installation
[sudo] password for username:
Setting the root password ensures that nobody can log into the
MariaDB
root user without the proper authorisation.
Cleaning up...
Once this is done, you can log in to the MySQL shell using the following command.
Create a test database and user with access permission. Replace testdb and
testuser with appropriate names for your setup. Replace password with a strong
password.
exit
$ sudo /usr/local/lsws/admin/misc/admpass.sh
Please specify the user name of administrator.
This is the user name required to login the administration Web
interface.
Password:
Retype password:
Administrator's username/password is updated successfully!
You can also use this command in case you forget your login details.
On your first login, your browser will give warnings saying your connection is not
private. Click Advanced and click "Accept the risk and Continue" (in case of Firefox)
or "Proceed to <YOURSERVERIP>(unsafe)" (in case of Chromium-based browser).
You won't see the warning again.
Let us change the default HTTP port to 80. Log in to your administration panel at
http://<YOURSERVERIP>:7080 with the credentials you just created.
Advertisement
Click the View button to see details configuration. On the next page under Listener
Default > General Page, click on the Edit icon and change the port from 8080 to 80.
Click Save and then restart the server by clicking on the Graceful restart button.
In this step, we need to associate our copy of PHP 7.4 with the server.
Click on Server Configuration section on the left and then on the tab External App.
You will see an existing LiteSpeed App for PHP 7.3. We will create our own
LiteSpeed App for PHP 7.4. You can easily switch between them later on if you
want.
Click on the Add button to create a new app. For the type, select LiteSpeed SAPI
App and click on Next.
Next, add the configuration below. Leave all the other fields blank.
Name: lsphp74
Address: uds://tmp/lshttpd/lsphp.sock
Max Connections: 35
Environment: PHP_LSAPI_MAX_REQUESTS=500
PHP_LSAPI_CHILDREN=35
LSAPI_AVOID_FORK=200M
Initial Request Timeout (secs): 60
Retry Timeout : 0
Persistent Connection: Yes
Response Buffering: no
Start By Server: Yes(Through CGI Daemon)
Command: lsphp74/bin/lsphp
Back Log: 100
Instances: 1
Priority: 0
Memory Soft Limit (bytes): 2047M
Memory Hard Limit (bytes): 2047M
Process Soft Limit: 1400
Process Hard Limit: 1500
Now that we have created our own PHP 7.4 based app, we need to tell the server to
start using it.
Go to the Script Handler tab and edit the lsphp handler. Switch the Handle name to
lsphp74 from the drop-down menu.
Click Save and then restart the server by clicking on the Graceful restart button.
Advertisement
Step 7 - Setup Virtual Host
The html directory will hold the public files and the logs directory will contain server
logs.
Next, open the Admin console and access the Virtual Hosts section from the left
and click the Add button.
Click the Save button again to finish creating the Virtual Host.
Once the virtual host is created, go to Virtual Hosts -> Choose Virtual
Host(example.com) -> General and modify the configuration as given.
Click the Save button when finished. Next, we need to setup index files. Click the
edit button against Index files below the General Section. Set the following options.
You can choose the Log Level as DEBUG if you are on a production/development
machine.
Click Save and then click the plus sign in the Access Log section to add a new
entry. Fill in the following values.
Click Save when done. Next, we need to configure Access Control under the
Security section. Set the following Values.
Allowed List: *
Denied List: Not set
Click Save when done. Next, we need to set the Script Handler Definition. Set the
following values.
Suffixes: php
Handler Type: LiteSpeed SAPI
Handler Name: [Server Level]: lsphp74
Next, we need to set Rewrite Control under Rewrite section. Set the following
values.
And at last, we need to set the Listeners. Go to the Listeners section and click on
View button against Default Listener. Then, click on the Add button against Virtual
Host Mappings to add a new mapping and set the following values.
Click Save when done. Now, click on the Graceful restart button to apply all the
changes above and restart the server.
You can press enter through all the fields and leave them empty.
The certificates are now stored at /home/user directory. We will need this information
later.
--------------------------------------------------------------
-----------------
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.
pdf. You must agree
in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
--------------------------------------------------------------
-----------------
(A)gree/(C)ancel: A
--------------------------------------------------------------
-----------------
Would you be willing to share your email address with the
Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project
and the non-profit
organization that develops Certbot? We'd like to send you
email about our work
encrypting the web, EFF news, campaigns, and ways to support
digital freedom.
--------------------------------------------------------------
-----------------
(Y)es/(N)o: N
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for example.com
Using the webroot path /usr/local/lsws/example.com/html for
all unmatched domains.
Waiting for verification...
Cleaning up challenges
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved
at:
/etc/letsencrypt/live/example/fullchain.pem. Your key file
has
been saved at:
/etc/letsencrypt/live/linode.nspeaks.com/privkey.pem Your
cert will
expire on 2020-09-04. To obtain a new or tweaked version of
this
certificate in the future, simply run certbot again. To
non-interactively renew *all* of your certificates, run
"certbot
renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should
make a
secure backup of this folder now. This configuration
directory will
also contain certificates and private keys obtained by
Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work
by:
Now open the Admin console and go to Listeners >> Add New Listener and add
the following values.
Click Save when done. Next, go to Virtual Host Mappings section under the SSL
Listener by clicking on SSL, click on the Add button and fill the following values.
Next, go to Listeners >> SSL Listener >> SSL Tab >>SSL Private Key &
Certificate (Edit button) and fill the following values for the self-signed certificate we
created before.
Next go to Virtual Hosts >> example.com >> SSL Tab >> SSL Private Key &
Certificate (Edit button) and fill the following values with the Let's Encrypt Certificate.
<html>
<head>
<h2>OpenLiteSpeed Server Install Test</h2>
</head>
<body>
<?php echo '<p>Hello,</p>';
Visit your site at https://example.com in a browser and you should see the following
page.
That's all for this tutorial. If you have any questions, shoot them in the comments
below.