How to Install Nginx, MariaDB and PHP (FEMP) Stack on FreeBSD

This tutorial will guide you on how to install and configure FBEMP in FreeBSD 11.x latest release. FBEMP is an acronym which describes the following collection of software:

FreeBSD 11.1 Unix-like distribution, Nginx web server, MariaDB relational database management system (a community fork of MySQL) and PHP dynamic programming language which runs on server-side.


  1. Installation of FreeBSD 11.x
  2. 10 Things to Do After FreeBSD Installation

Step 1: Install Nginx Web Server on FreeBSD

1. The first service we’ll install for our FBEMP stack in FreeBSD is the web server, represented by Nginx software.

Nginx web server has more pre-complied packages available in FreeBSD 11.x PORTS. In order to get a list of Nginx binaries from Ports repositories, issue the following commands in your server terminal.

# ls /usr/ports/www/ | grep nginx
# pkg search -o nginx
Find Nginx Packages
Find Nginx Packages

2. In this particular configuration, we’ll install the main package version of Nginx by issuing the below command. The pkg package management will ask you if you want to proceed with installing the nginx package. Answer with yes (y in command line) in order to start the installation process.

# pkg install nginx
Install Nginx on FreeBSD
Install Nginx on FreeBSD

3. After Nginx web server package was installed in your system, execute the following commands in order to enable the daemon system-wide and start the service in your system.

# sysrc nginx_enable="yes"
# service nginx start
Start and Enable Nginx on FreeBSD
Start and Enable Nginx on FreeBSD

4. Next, using the sockstat command, verify Nginx service network sockets, if they are binding on 80/TCP port, by issuing the below command. The output of sockstat command will be piped through grep utility in order to reduce the returned results only to nginx string.

# sockstat -4 | grep nginx

5. Finally, open a browser on a desktop computer in your network and visit Nginx default web page via HTTP protocol. Write the FQDN of your machine or your domain name or the IP address of your server in browser’s URL filed to request Nginx web server default web page. The message “Welcome to nginx!” should be displayed in your browser, as illustrated in the below screenshot.
Verify Nginx on FreeBSD
Verify Nginx on FreeBSD

6. The default weboot directory for Nginx web content in located in /usr/local/www/nginx/ absolute system path. In this location you should create, copy or install web content files, such as .html or .php files, for your website.

To change this location, edit nginx main configuration file and change the root directive to reflect your new webroot path.

# nano /usr/local/etc/nginx/nginx.conf

Here, search and update the following line to reflect your new webroot path:

root	/path/to/new/webroot;

Step 2: Install PHP on FreeBSD

7. Unlike Apache HTTP server, Nginx does not have the capability to natively process PHP code. In return, Nginx web server passes PHP requests to a PHP interpreter, such as php-fpm FastCGI daemon, which inspects and executes the code. The resulted code is then returned back to Nginx, which re-assembles the code back to the requested html format and sends the code further to visitor web browser.

FreeBSD 11.x Ports repositories offers multiple binary versions for PHP programming language, such as PHP 5.6, PHP 7.0 and PHP 7.1 releases. In order to display all available pre-compiled PHP versions in FreeBSD 11.x, run the below commands .

# pkg search -o php
# ls /usr/ports/lang/ | grep php

8. You can choose to install whatever version of PHP you find best suited for the web application you run in your system. However, in this guide we’ll install PHP latest version.

To install PHP 7.1 release and some PHP important modules required for diverse web applications, run the following command.

# pkg install php71 php71-mysqli php71-mcrypt php71-zlib php71-gd php71-json mod_php71 php71-mbstring php71-curl

9. After you’ve installed PHP packages in your system, open PHP-FPM configuration file for Nginx and adjust the user and group values to match the value on the Nginx runtime user, which is www. First, make a backup of the file with the below command.

# cp /usr/local/etc/php-fpm.d/www.conf{,.backup}

Then, open the file and update the following lines as presented in the below sample.

user = www
group = www
Configure PHP-FPM on FreeBSD
Configure PHP-FPM on FreeBSD

10. Also, create a PHP configuration file used for production by issuing the below command. On this file you can make custom changes that will be applied to PHP interpreter at runtime.

# cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini

For instance, change the date.timezone setting for PHP interpreter in order to update your machine physical location as shown in the below example. PHP timezone list can be found here:

# vi /usr/local/etc/php.ini

Add following timezone (set timezone as per your country).

date.timezone = Europe/London

You can also adjust other PHP variables, such as maximum file size of uploaded file, which can be increased by modifying the below values:

upload_max_filesize = 10M
post_max_size = 10M

11. After, you’ve made the custom settings for PHP, enable and start PHP-FPM daemon in order to apply the new configurations by issuing the below commands.

# sysrc php_fpm_enable=yes
# service php-fpm start
Start and Enable PHP-FPM on FreeBSD
Start and Enable PHP-FPM on FreeBSD

12. By default, PHP-FPM daemon in FreeBSD binds on a local network socket on port 9000/TCP. To display PHP-FPM network sockets execute the following command.

# sockstat -4 -6| grep php-fpm

13. In order for Nginx web server to pass the PHP scripts to FastCGI gateway server, which is listening on socket, open Nginx main configuration file and add the following block of code as illustrated in the below sample.

# vi /usr/local/etc/nginx/nginx.conf

FastCGI code block for nginx:

 location ~ \.php$ {
        root	/usr/local/www/nginx;
        fastcgi_index  index.php;
        fastcgi_param SCRIPT_FILENAME $request_filename;    
        include        fastcgi_params;
Configure FastCGI for Nginx on FreeBSD
Configure FastCGI for Nginx on FreeBSD

14. In order to view the current PHP information for your server, create an info.php file in Nginx weboot path by issuing the following command.

# echo "<?php phpinfo(); ?>" | tee /usr/local/www/nginx/info.php

15. Then, test and restart Nginx daemon to apply the PHP FastCGI settings and visit the info.php page in a browser.

# nginx -t # Test nginx configuration file for syntax errors
# service nginx restart

Replace the IP address or domain name in the below links accordingly. PHP info page should display information as illustrated in the below screenshot.
Check PHP Information in FreeBSD
Check PHP Information in FreeBSD

Step 3: Install MariaDB on FreeBSD

16. The last component missing from your FEMP stack in the database. MariaDB/MySQL is one of the most associated open source RDBMS software with Nginx web server used for deploying dynamic websites.

Actually, MariaDB/MySQL is one of the most used relational databases in the world. Searching through FreeBSD Ports, you can find multiple releases of MariaDB/MySQL.

In this guide we’ll install MariaDB database, which is a community fork of MySQL database. To search for available versions of MariaDB, issue the following commands in terminal.

# ls -al /usr/ports/databases/ | grep mariadb
# pkg search mariadb
Find MariaDB Packages
Find MariaDB Packages

17. To install the latest version of MariaDB database server execute the following command. You should also install the PHP relational database driver module used by PHP scripts for connecting to MySQL.

# pkg install mariadb102-server php71-mysqli

18. After the database has been installed, enable MySQL daemon and start the database service by running the following commands.

# sysrc mysql_enable="YES" 
# service mysql-server start

19. Also, make sure you restart PHP-FPM daemon in order to load MySQL driver extension.

# service php-fpm restart
20. On the next step, secure MariaDB database by launching mysql_secure_installation script. Use the below sample of the installation script in order to answer the questions. Basically, say yes (y) for all asked questions to secure the database and type a strong password for MySQL root user.
# /usr/local/bin/mysql_secure_installation
MySQL Secure Installation Script Output
In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
 ... Success!
Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
 ... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
 ... Success!
Cleaning up...
All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!

21. To test MariaDB database connection from console, execute the below command.

# mysql -u root -p -e "show status like ‘Connections’"

22. In order to further secure MariaDB, which by default to listens for incoming network connections on socket, issue the below command to force the service to bind on loopback interface and completely disallow remote access. Afterwards, restart MySQL service to apply the new configuration.

# sysrc mysql_args="--bind-address="
# service mysql-server restart
Bind MariaDB to Loopback Address
Bind MariaDB to Loopback Address

Verify if the localhost binding was successfully applied by running netstat command as shown in the below example.

# netstat -an -p tcp

That’s all! You’ve successfully installed Nginx web server, MariaDB relational database and PHP server-side programming language in FreeBSD. You can now start building dynamic web pages to serve web content to your visitors.

Matei Cezar
I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.


Leave a Reply
  1. The article is wrong and should be removed, leave FreeBSD up to the experts and stop teaching people the wrong information

    • @Mickey,

      If are so expert, then tell me whats’ wrong with the article? I will tell author to correct based on your findings..


Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.