Christian WellsLighttpd is a lightweight web server that is designed to be fast and efficient. It is a popular choice for low-resource systems, such as embedded devices and low-end servers. In this article, we will explain how to install Lighttpd with PHP and a free Let’s Encrypt SSL certificate on Debian 11.
Before you begin, make sure that you have a Debian 11 server that is connected to the internet, and that you have a non-root user with sudo privileges.
To install Lighttpd with PHP on Debian 11, you first need to update the package list and install the required packages by running the following commands:
sudo apt update
sudo apt install lighttpd php-cgi
These commands will update the package list, and install Lighttpd and PHP-CGI, which is the FastCGI interface for PHP.
Once the required packages are installed, you need to enable the PHP-CGI module in Lighttpd by adding the following line to the server.modules section in the Lighttpd configuration file (/etc/lighttpd/lighttpd.conf):
"mod_fastcgi",
This line will enable the PHP-CGI module in Lighttpd, which will allow Lighttpd to process PHP scripts.
Next, you need to configure Lighttpd to handle PHP scripts by adding the following lines to the server.modules section in the Lighttpd configuration file:
fastcgi.server = ( ".php" =>
((
"socket" => "/var/run/lighttpd/php.socket",
"bin-path" => "/usr/bin/php-cgi"
))
)
These lines will configure Lighttpd to handle PHP scripts, and specify the path to the PHP-CGI binary.
Once you have added these lines to the Lighttpd configuration file, you need to save the file and restart the Lighttpd service to apply the changes:
sudo systemctl restart lighttpd
This will restart the Lighttpd service and apply the new configuration.
Now that Lighttpd is installed and configured to handle PHP scripts, you can test the installation by creating a PHP script in the Lighttpd document root (/var/www/html by default), and accessing it through a web browser. For example, create a file named test.php in the document root, and add the following PHP code to it:
<?php
phpinfo();
?>
This PHP code will display information about the PHP configuration, such as the version, installed modules, and more.
Once you have saved the test.php file, you can access it through a web browser by visiting the URL http://your_server_ip/test.php. If everything is working correctly, you should see a page with information about the PHP configuration.
Now that Lighttpd is installed and configured to handle PHP scripts, the next step is to install a free Let’s Encrypt SSL certificate for your domain. Let’s Encrypt is a free, automated, and open certificate authority (CA) that provides SSL/TLS certificates for web servers.
To install a Let’s Encrypt SSL certificate on your domain, you first need to install the certbot client, which is the official Let’s Encrypt client, by running the following command:
sudo apt install certbot
Once the certbot client is installed, you can use it to obtain and install a Let’s Encrypt SSL certificate for your domain. To do this, you need to run the certbot command with the --nginx and --agree-tos options, and specify your domain name and email address as arguments. For example, if your domain name is example.com, and your email address is admin@example.com, you can run the following command:
sudo certbot --nginx --agree-tos -d example.com -m admin@example.com
This command will obtain a Let’s Encrypt SSL certificate for your domain, and install it on Lighttpd.
Once the SSL certificate is installed, you need to configure Lighttpd to use it by adding the following lines to the server.modules section in the Lighttpd configuration file (/etc/lighttpd/lighttpd.conf):
ssl.engine = "enable"
ssl.pemfile = "/etc/letsencrypt/live/example.com/fullchain.pem"
ssl.privkey = "/etc/letsencrypt/live/example.com/privkey.pem"
These lines will enable SSL support in Lighttpd, and specify the path to the SSL certificate and private key that were installed by certbot.
Once you have added these lines to the Lighttpd configuration file, you need to save the file and restart the Lighttpd service to apply the changes:
sudo systemctl restart lighttpd
This will restart the Lighttpd service and apply the new configuration.
Now that Lighttpd is installed, configured to handle PHP scripts, and secured with a Let’s Encrypt SSL certificate, you can use it to host your website or web application. To do this, you need to create the necessary directories and files in the Lighttpd document root (/var/www/html by default), and make sure that they are readable by Lighttpd. For example, you can create a file named index.php in the document root, and add the following PHP code to it:
<?php
echo "Hello, World!";
?>
This PHP code will display the “Hello, World!” message when you access the index page of your website.
To configure the firewall for the Lighttpd setup on Debian 11, you can use the ufw (Uncomplicated Firewall) tool. ufw is a user-friendly front-end for the iptables firewall that comes pre-installed on Debian 11.
To configure the firewall for Lighttpd, you need to open the ports that Lighttpd uses to listen for incoming connections. By default, Lighttpd listens on port 80 for HTTP connections, and port 443 for HTTPS connections. To open these ports, you can run the following ufw commands:
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
These commands will open port 80 and port 443 in the firewall, and allow incoming connections to Lighttpd on these ports.
Once you have opened the necessary ports, you need to enable the ufw firewall by running the following command:
sudo ufw enable
This command will enable the ufw firewall and apply the rules that you have defined.
Now that the firewall is configured and enabled, you can check the status of the firewall by running the following command:
sudo ufw status
This command will show you the current status of the firewall, including the enabled rules and the active connections.
In conclusion, installing Lighttpd with PHP and a free Let’s Encrypt SSL certificate on Debian 11 is a simple process that involves installing the required packages, configuring Lighttpd to handle PHP scripts, and obtaining and installing a Let’s Encrypt SSL certificate. Once Lighttpd is installed and configured, you can use it to host your website or web application, and serve it over a secure HTTPS connection.
