The LEMP stack consists of open-source software to get web servers up and running. Available as a one-click install, get NGINX, MySQL, and PHP-FPM installed on your Droplet in less than a minute.

Software Included

Package Version License
Nginx 1.18 Custom
MySQL server 8.0.32 GPL 2 with modifications
PHP 8.0.27 PHP v3.01
Fail2ban 0.11.2 GPL 2
Postfix 3.4.10 IBM Public
Certbot 1.21.0 Apache 2

Creating an App using the Control Panel

Click the Deploy to DigitalOcean button to create a Droplet based on this 1-Click App. If you aren’t logged in, this link will prompt you to log in with your DigitalOcean account.

Deploy to DO

Creating an App using the API

In addition to creating a Droplet from the LEMP 1-Click App using the control panel, you can also use the DigitalOcean API. As an example, to create a 4GB LEMP Droplet in the SFO2 region, you can use the following curl command. You need to either save your API access token) to an environment variable or substitute it in the command below.

curl -X POST -H 'Content-Type: application/json' \
         -H 'Authorization: Bearer '$TOKEN'' -d \
        '{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image": "lemp-20-04"}' \

Getting Started After Deploying LEMP

After your droplet is created, you can access your LEMP stack by typing the droplet’s IP address in your browser:

LEMP Welcome Screen

Note: If you see the Site can’t be reached error, give it 2-3 minutes and reload the page.

Configuring Nginx

After you have created your LEMP droplet, it is highly recommended you configure an Nginx server block file for each site you plan to host. Doing so will make the default configuration the fallback, as intended, and will make it easier to manage changes when hosting multiple sites.

To do so, you’ll need to create two things for each domain: a new directory in /var/www for that domain’s content, and a new server block file in /etc/nginx/sites-available for that domain’s configuration. For a detailed walkthrough, you can follow How to Set Up Nginx Server Blocks.

Adding a domain name

A domain name allows others to access your website with an encrypted connection. If you intend to host a website on your LEMP Droplet 1-Click.

LEMP Droplet 1-Click comes with certbot installed, making it easier to enable HTTPS on your 1-Click.

First, make sure that your domain is pointing to the new droplet IP. If your DNS is managed by DigitalOcean, it should look like this:


The DNS Host may be the same company you registered the domain with or another entity you designate. To connect your DNS hosting to DigitalOcean, check out this guide.

Once your A record is set up, you should configure nginx to properly host your new domain. Detailed instructions can be found in this article.

After you have configured the domain and nginx, you can run certbot to acquire HTTPS certificates for your droplet:

LEMP Certbot example

After you answer questions from certbot, your HTTPS setup is finished.

Use your domain in the web browser to access your LEMP Droplet.

You can serve files from the web server by adding them to the web root (/var/www/html) using SFTP or other tools.

A newly-created LEMP Droplet includes an index.html web page. You can change this by uploading a custom index.html file or removing it.

Droplet Summary

  • UFW firewall allows only SSH (port 22, rate limited), HTTP (port 80), and HTTPS (port 443) access.
  • MySQL root password is set and mysql_secure_installation is configured.
  • A debian-sys-maint user in MySQL is set so the system’s init scripts for MySQL will work without requiring the MySQL root user password.
  • The MySQL root password is in /root/.digitalocean_password.
  • The web root is /var/www/html.
  • You can get information about the PHP installation by logging into the Droplet and running php -i.