phpBB is a highly customizable and widely used open-source forum software that provides a robust platform for building online communities. When combined with NGINX, MariaDB, and PHP, you get a powerful and efficient stack that ensures high performance and scalability for your forum. NGINX serves as the web server, MariaDB as the database management system, and PHP as the server-side scripting language, forming a solid foundation for phpBB.
Follow the steps outlined in this guide to install phpBB on Debian 12, 11, or 10 with NGINX, MariaDB, and PHP. This setup will provide a high-performance and secure environment for your online forum.
Install LEMP (Nginx, MariaDB, PHP)
Update Debian Before phpBB Installation
Ensure that your Debian system is up-to-date before installing the LEMP stack. This step helps avoid package conflicts and ensures smooth execution of subsequent processes. It also aligns your system with the latest security patches and software improvements.
To update your system, execute the following command:
sudo apt update && sudo apt upgrade
The sudo apt update command updates the list of available packages and their versions, while the sudo apt upgrade installs the latest versions of your packages.
Install NGINX (LEMP Stack Part 1)
NGINX, an open-source, high-performance HTTP server and reverse proxy, is the cornerstone of the LEMP stack. To install NGINX, execute the following command:
sudo apt install nginx
After the installation of NGINX, the service usually starts automatically. However, it’s good practice to confirm this and ensure it’s operating as expected. You can verify the status of the NGINX service by issuing the following command:
systemctl status nginx
You should see an output indicating the active (running) status of the NGINX service, confirming the successful initiation of NGINX. If the server hasn’t started for any reason, the following command can start it and also set NGINX to launch automatically upon system reboot:
sudo systemctl enable nginx --now
This command ensures that the NGINX service can start on boot (enable) and start immediately (–now).
Optionally, you can visit the server IP address to verify Nginx is installed; you should see a similar test page:
Install MariaDB (LEMP Stack Part 2)
Installing the database module is the next step in setting up the LEMP stack. MariaDB, known for its performance and various supplementary attributes, is preferred over MySQL within the LEMP stack. To install MariaDB, execute the following command:
sudo apt install mariadb-server mariadb-client
Step 4: Verify MariaDB Service
Once MariaDB is installed, it’s crucial to confirm the status of the MariaDB service. It’s important to ensure the MariaDB service is enabled and operating correctly. The command to inspect the service’s status is as follows:
systemctl status mariadb
You can execute the following command if the server has not been activated. This will ensure that MariaDB is started immediately and set to boot up automatically upon every system reboot.
sudo systemctl enable mariadb --now
Secure MariaDB Installation (Security Run-Script)
Securing your database is fundamental in setting up a robust and reliable system; MariaDB is no exception. After the installation, it’s highly recommended that the security script that comes with the installation be run. This script strengthens the MariaDB installation by modifying its default settings, often considered insecure, thereby protecting the system from potential unauthorized access or exploitation.
To run the MariaDB security script, known as mysql_secure_installation, issue the following command:
sudo mysql_secure_installation
Once the security script is executed, the next step involves adjusting various settings to enhance the security of your MariaDB installation. These changes include setting up the root password, restricting remote access, eliminating anonymous user accounts, and removing the test database. Each of these adjustments adds a layer of security to your MariaDB installation, helping to protect it from potential security threats.
Let’s delve into each of these adjustments:
- Setting up the root password: This is the password for the root user of your MariaDB installation. It’s crucial to choose a strong password to prevent unauthorized access.
- Restricting remote access: The root user can access the database from any location by default. Restricting remote access ensures that the root user can only access the database from the local machine, reducing the risk of remote attacks.
- Eliminating anonymous user accounts: Anonymous user accounts have no names. These accounts pose a security risk as they can be used to gain unauthorized access to the database. The security script allows you to remove these accounts.
- Removing the test database: MariaDB has a test database that any user can access. This database is unnecessary for production use and can be safely removed to reduce the attack surface.
By taking the time to secure your MariaDB installation, you’re taking a significant step toward ensuring the integrity and security of your data.
Install PHP (LEMP Stack Part 3)
The final component of the LEMP stack is the PHP service, which acts as the bridge between Nginx and MariaDB. This bridging is accomplished by the PHP-FPM service and extra modules required by phpMyAdmin. To install PHP, PHP-FPM, and the required modules on your Debian system, run the following command:
sudo apt install php-fpm php php-cli php-mysql php-curl php-common php-mbstring php-xml
Verifying PHP Service Status
After the installation, it’s critical to confirm the status of the PHP service. This validation ensures that PHP is enabled and operates flawlessly without any errors. The command is contingent on the version of PHP installed; in our case, it was PHP 8.2.
systemctl status php8.2-fpm
Activating PHP Service
If the PHP service is inactive, the following command enables it and ensures it auto-starts with every reboot.
sudo systemctl enable php-fpm --now
This command will activate the PHP-FPM service and ensure it starts automatically during each system boot-up.
phpBB Backend Installation
It’s time to install phpBB forums with the LEMP stack successfully installed. As of the time of this tutorial, the latest version is phpBB 3.3.10. However, this may change over time, as new releases are typically rolled out every six months. To verify the current version, visit the phpBB downloads page.
Note: Do not forget to grab the latest phpBB-x.x.x.zip and adjust the commands below; this is critical.
Download phpBB and Setting Up Directories
First, download the phpBB package:
cd /tmp && wget https://download.phpbb.com/pub/release/3.3/3.3.10/phpBB-3.3.10.zip
unzip phpBB-3.3.10.zip
sudo mv phpBB3 /var/www/html/phpbb
Next, modify the directory permissions for NGINX:
sudo chown -R www-data:www-data /var/www/html/phpbb
sudo chmod -R 755 /var/www/html/phpbb
Configuring MariaDB for phpBB
Now, create a database for your phpBB installation. First, open the MariaDB terminal as root:
sudo mysql -u root -p
Create the database for your forums:
CREATE DATABASE phpbb;
Create a new database user called phpbbuser
with a new password:
CREATE USER 'phpbbuser'@'localhost' IDENTIFIED BY 'new_password_here';
Grant the user full access to the database:
GRANT ALL ON phpbb.* TO 'phpbbuser'@'localhost' IDENTIFIED BY 'user_password_here' WITH GRANT OPTION;
Flush the privileges to apply the changes:
FLUSH PRIVILEGES;
Exit the MariaDB terminal:
EXIT;
Your phpBB database is now ready. You will enter these details during the web UI installation part of the tutorial.
Configuring PHP for phpBB
To ensure a successful phpBB installation and its optimal operation, you should adjust a few options in the php.ini
configuration file.
Open the php.ini
file:
sudo nano /etc/php/{version}/fpm/php.ini
Please remember to replace {version}
with the specific PHP-FPM version you installed, such as 83., 8.2, 8.1, 8.0, or 7.4.
Locate the following settings and adjust them as follows:
max_execution_time = 180 max_input_time = 90 memory_limit = 256M upload_max_filesize = 64M
These settings are generally standard, but if you’re using a VPS with limited resources or shared hosting, you may need to adjust them lower. Remember that each phpBB installation, like any other CMS system, can vary.
Once done, save and exit the file. You will need to restart PHP FPM for the changes to take effect:
sudo systemctl restart php8.2-fpm
Configuring Nginx for phpBB
In your Nginx server block, declare the PHP upstream and then the PHP locations. The best way to do this is to create a new server block using a subdomain such as forums
or community
.
First, create the server block:
sudo nano /etc/nginx/sites-available/phpbb.conf
Copy and paste the following into the server block, modifying the domain name, SSL, root path, and anything else to suit your needs. Do not touch the locations or PHP unless you know what you’re doing.
Attention: The following Nginx configuration syntax markdown includes annotated comments to guide you in personalizing the configuration according to your specific requirements. We highly recommend carefully scrutinizing each segment and making appropriate adjustments to suit your system configuration. Your attention to these details is greatly appreciated.
# Upstream to abstract backend connection(s) for PHP
upstream phpbb {
# Path to PHP 8.2 FPM socket, replace this with your own socket path
server unix:/run/php/php8.2-fpm.sock;
}
server {
listen 80;
listen [::]:80;
# Change these to your main server name(s)
server_name www.example.com example.com;
# Replace this with your site root directory
root /var/www/html/example.com-root/;
index index.php index.html index.htm index.nginx-debian.html;
# Change this to your specific server name
server_name forums.linuxcapable.com;
# Replace this with your site root directory
root /var/www/html/phpbb/;
index index.php index.html index.htm index.nginx-debian.html;
# Log files, replace these paths if you have different log file paths
access_log /var/log/nginx/forums-access.log;
error_log /var/log/nginx/forums-error.log;
location / {
try_files $uri $uri/ @rewriteapp;
# PHP processing, make sure to use your own upstream name if different
location ~ \.php(/|$) {
include fastcgi.conf;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
try_files $uri $uri/ /app.php$is_args$args;
fastcgi_pass phpbb;
fastcgi_intercept_errors on;
}
# Deny access to certain PHPBB files
location ~ /(config\.php|common\.php|cache|files|images/avatars/upload|includes|(?<!ext/)phpbb(?!\w+)|store|vendor) {
deny all;
internal;
}
}
location @rewriteapp {
rewrite ^(.*)$ /app.php/$1 last;
}
location /install/ {
try_files $uri $uri/ @rewrite_installapp =404;
# PHP processing for installer
location ~ \.php(/|$) {
include fastcgi.conf;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
try_files $uri $uri/ /install/app.php$is_args$args =404;
fastcgi_pass phpbb;
fastcgi_intercept_errors on;
}
}
location @rewrite_installapp {
rewrite ^(.*)$ /install/app.php/$1 last;
}
# Deny access to version control system directories
location ~ /\.svn|/\.git {
deny all;
internal;
}
gzip on;
gzip_comp_level 6;
gzip_min_length 1000;
gzip_proxied any;
gzip_disable "msie6";
# Gzip compression types
gzip_types
application/atom+xml
application/geo+json
application/javascript
application/x-javascript
application/json
application/ld+json
application/manifest+json
application/rdf+xml
application/rss+xml
application/xhtml+xml
application/xml
font/eot
font/otf
font/ttf
image/svg+xml
text/css
text/javascript
text/plain
text/xml;
# Static assets, media
location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
expires 90d;
access_log off;
}
# SVG, fonts
location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
add_header Access-Control-Allow-Origin "*";
expires 90d;
access_log off;
}
}
After setting up, enable the new server block:
sudo ln -s /etc/nginx/sites-available/phpbb.conf /etc/nginx/sites-enabled/
You can now check the configuration:
sudo nginx -t
If all is set correctly, you’ll see:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Restart the Nginx service to make phpBB accessible via the web UI:
sudo systemctl restart nginx
This completes the backend installation of phpBB.
Implementing SSL Encryption with Let’s Encrypt (Optional)
If you intend to secure your Nginx server with HTTPS, a smart choice would be to utilize Let’s Encrypt. Let’s Encrypt is a reputable, free, fully automated certificate authority governed by the nonprofit Internet Security Research Group (ISRG).
Installing Certbot
Our first step involves installing the Certbot package. Certbot is an efficient client for Let’s Encrypt that can automate certificate issuance and installation with no downtime. It also has a fairly rich command-line interface.
To install the Certbot package, use the following command:
sudo apt install python3-certbot-nginx -y
Creating Your Certificate
With Certbot installed, we can now generate your SSL certificate. This procedure involves running the following command:
sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email you@example.com -d forums.example.com
The command we’ve issued facilitates an optimal setup, which includes force HTTPS 301 redirects, a Strict-Transport-Security header, and OCSP Stabling. Each of these elements contributes to your server’s security.
Replacing ‘you@example.com’ and ‘forums.example.com’ with your email and domain name is crucial.
Transition to HTTPS
Upon successfully executing these commands, your forum should now be accessible via HTTPS at https://forums.example.com instead of the previous http://forum.example.com. Any attempts to access the old HTTP URL will be seamlessly redirected to the secure HTTPS version.
For further reading on securing Nginx, refer to our detailed guide on How to Secure Nginx with Let’s Encrypt on Debian Linux.
Complete the phpBB Web UI Installation
Having successfully set up the backend, we’ll now transition to the frontend to complete the phpBB installation. You can access the installation page by visiting your designated phpBB forum URL. For illustrative purposes, we’re using https://forums.linuxcapable.com.
Initiating the Installation
Upon visiting the specified URL, you’ll land on the phpBB installation page. Initiate the process by clicking the install button in the page’s upper left corner.
You will then be directed to a page detailing the minimum system requirements and other essential technical specifications for phpBB.
Once your system meets these prerequisites, click Install at the bottom of the page.
Setting Up the Admin Account
The next stage involves creating your phpBB admin account. A strong password for this account is vital for recovery and overall security.
Configuring Database Details
After establishing your admin account, you’ll be prompted to provide database details. Maintain the default ‘MySQL with MySQLi Extension’ and enter ‘localhost’ unless your database resides on a different server. In that case, input the server IP and port (if it’s not the default).
Our tutorial utilizes a database named ‘phpbb’, with ‘phpbbuser’ as the user granted access (alongside root) to the phpBB database. Retain the default prefix’ phpbb_’, unless you plan on hosting multiple forums, in which case, altering the prefix can help differentiate them.
Finalizing Server Configuration
Next, you’ll have the opportunity to configure your server settings. The default configurations should suffice if you’re not running SSL. However, if you’ve implemented SSL, adjust the settings to align with your specific requirements.
SMTP Setup
Following server configuration, you can establish SMTP settings, if applicable. If not, you can skip this step and proceed with the default settings.
Establishing Forum Details
Finally, designate your forum title and choose the desired language. If you’re uncertain about the forum title, use the default option for now; you can always revise it later.
Upon completing these steps, you should reach a concluding screen, confirming the successful installation of your phpBB forum, along with a link directing you to the ACP (Admin Control Panel). If you encounter any errors, you might need to revisit previous steps to ensure no steps or permissions have been overlooked.
Completion of phpBB Installation and Configuration
Delete phpBB Installation Directory
Congratulations on reaching this stage. Upon your initial login into the phpBB Admin Control Panel (ACP), you’ll be greeted with a prominent red alert instructing you to either rename or eliminate your install directory. It’s highly recommended that you delete this directory rather than just move it. To accomplish this, execute the following command in your terminal:
sudo rm -R /var/www/html/phpbb/install
If you do not do this, you will most likely find your forum will not be able to be used until you have removed the install directory:
Setting the Correct CHMOD Permissions (Vital Step)
While we’re engaged with terminal commands, assigning the appropriate CHMOD permissions following the installation is crucial. Bypassing this step could expose your system to significant security vulnerabilities, so please execute this exactly or utilize your method if you believe it’s superior, but refrain from maintaining the default permissions!!
Execute the following commands:
sudo find /var/www/html/phpbb -type d -exec chmod 755 {} \;
sudo find /var/www/html/phpbb -type f -exec chmod 644 {} \;
Subsequently, we need to accord some special permissions to certain directories and files:
sudo chmod 777 -R /var/www/html/phpbb/files
sudo chmod 777 -R /var/www/html/phpbb/cache
sudo chmod 777 -R /var/www/html/phpbb/store
sudo chmod 777 -R /var/www/html/phpbb/images/avatars/upload
Neglecting to do this will disrupt your board’s functions. Ensure you adhere to these paths strictly; otherwise, you may inadvertently grant the entire phpBB directory unrestricted read and write access, reintroducing a security issue.
Instituting a Cronjob for phpBB (Recommended)
The concluding step in this guide is establishing a cronjob. On forums with substantial traffic or slow response times, it’s recommended to configure cron jobs to execute every 5 minutes, per phpBB’s guidelines. Here’s how to do this.
Launch crontab with this command:
sudo crontab -e
Option for the first cronjob:
*/5 * * * * /usr/bin/php /var/www/html/phpbb/bin/phpbbcli.php cron:run > /dev/null 2>&1
To save, press CTRL+O, and to exit, press CTRL+X. If done correctly, you’ll see the following response in your terminal:
crontab: installing new crontab
This response indicates that the cronjob is active and functioning. Although phpBB recommends running cronjobs every 5 minutes, you can adjust the frequency to suit your needs.
Finally, return to your phpBB Admin Panel and enable the server cron job in your server settings.
With these steps, you’ve completed the post-installation phase for your phpBB installation on Debian.
Conclusion
With phpBB successfully installed on your Debian system using NGINX, MariaDB, and PHP, you can now create and manage a robust online community. Ensure you regularly update all components to maintain security and performance. Enjoy the flexibility and power that this setup brings to your phpBB forum, providing a seamless and engaging experience for your users.
- How to Install ModSecurity 2 with Apache on Debian 12 or 11 - Tuesday, September 17, 2024
- How to Install Remi RPM on Rocky Linux 9 or 8 - Monday, September 16, 2024
- How to Install Akregator on Ubuntu 24.04, 22.04 or 20.04 - Tuesday, September 3, 2024