Bulldog Blog

CentOS LEMP stack

The LEMP stack is one of our favorites. LEMP is an acronym for Linux, nginx (engine-x), MySQL/MariaDB, and PHP. While it seems Ubuntu is a fan favorite for hosting websites, I enjoy using CentOS. I'll go into a little bit more detail about each piece of software.


My first Linux experience was with Redhat 6.2, and I loved it. For several years I would go back and forth between Redhat, Slackware, and FreeBSD. Since CentOS (Community Enterprise Operating System) is the free edition of RHEL (Red Hat Enterprise Linux), I wanted to try it out. Also, after giving it a shot, I found it to be very stable and enjoyable to work with for web servers.

Since CentOS releases package updates less frequently than Ubuntu that may be the main reason some prefer Ubuntu. I've always enjoyed compiling software from source, but I understand that isn't something everyone is comfortable doing. Back when IRC was thriving I would compile my Eggdrop bots on servers and loved it.


I grew up during the days when the Apache HTTP server dominated the web server market. The Apache HTTP Server configuration always gave me problems, and I spent countless hours trying to figure it out when I was younger.

When I first discovered nginx, I was curious and skeptical at first. However, it didn't take me long to fall in love with the ease of configuration, speed, and features. Even though there is a paid version of nginx, I think I'll stick with the free version for my projects.


MariaDB is a drop-in replacement for MySQL. When Oracle acquired Sun Microsystems, the original two developers of MySQL decided to create MariaDB.


I started writing PHP around version 4, but I don't remember specifically which version. The language has matured over the years and currently runs on 79.1% of the websites that exist today.

With packages like PHP-OPCache and PHP-FPM making it faster, it is an obvious choice for most projects. Moreover, the Laravel framework allows us to get started very quickly on any project.


A technology developed by the NSA, SELinux (Security-Enhanced Linux), is incredibly powerful. While configuring it and overcoming the challenges it adds can be difficult, it is worth it. If an attacker were able to find an exploit, SELinux is going to hinder their ability to do any damage.


In addition to the software mentioned above, we do use other software when necessary to augment the speed and security. Software like Varnish, Redis, HAProxy, and more are commonly involved with our deployments. We are also doing some research on Envoy proxy to see if it would be a good fit.

SELinux, in addition to our website security policies make our attack surface very small. That said, we are always monitoring our servers and looking for ways to increase security.

Levi Durfee
posted August 24, 2019