Install without Docker

gnulinux beastie



This method is deprecated. Only use it if you cannot install Docker!

Please refer to your distribution’s documentation to install :

  • A webserver (like nginx, Apache, lighttpd, cherokee or caddy)
  • PHP version > 7.3.7
  • MySQL version > 5.5 < 8.0 (5.7 recommended, 8.0 not working fully yet)
  • Git


If you don’t know how to do that, or can’t update php, have a look at installing eLabFTW on a drop or in a docker container.


I wouldn’t recommend HHVM because Gettext support is not here yet (see this issue). Also, PHP 7 is here and is fast.

Getting the files

The first part is to get the eLabFTW files on your server.

Connect to your server with SSH:

ssh user@

cd to the public directory where you want eLabFTW to be installed (can be /var/www/html, ~/public_html, or any folder you’d like, as long as the webserver is configured properly, in doubt use /var/www/html)

cd /var/www/html

Get latest stable version via git:

git clone -b 3.3.12 --depth 1

The –depth 1 option is to avoid downloading the whole history.


If you cannot connect, it’s probably the proxy setting missing; try one of these two commands:

export https_proxy=""
git config --global http.proxy

Install php dependencies with composer:

cd elabftw
# step not described: install composer
# see
./composer.phar install --no-dev

This will populate the vendor directory and also complain about missing php extensions that you should install.

Install and build JavaScript with yarn:

yarn install
yarn buildall

Now create the cache and uploads directory with restrictive permissions:

mkdir cache uploads
chown www-data:www-data cache uploads
chmod 700 cache uploads

SQL part

The second part is putting the database in place.

Option 1: Command line way

# first we connect to mysql
mysql -uroot -p
# we create the database (note the ; at the end!)
mysql> create database elabftw;
# we create the user that will connect to the database.
mysql> grant usage on *.* to elabftw@localhost identified by 'YOUR_PASSWORD';
# we give all rights to this user on this database
mysql> grant all privileges on elabftw.* to elabftw@localhost;
mysql> exit

You will be asked for the password you put after identified by three lines above.

Option 2: Graphical way with phpmyadmin

You need to install the package phpmyadmin if it’s not already done.


It is not recommended to have phpmyadmin installed on a production server (for security reasons).

sudo apt-get install phpmyadmin

Now you will connect to the phpmyadmin panel from your browser on your computer. Type the IP address of the server followed by /phpmyadmin.


Login with the root user on PhpMyAdmin panel (use the password you setup for mysql root user).

Create a user elabftw with all rights on the database elabftw.

Now click the Users tab and click:


Do like this:


Configuring the webserver correctly

The Docker image of eLabFTW contains a lot of little configuration tweaks to improve the security of the web application. Here are some of them that you can apply to your web server configuration.

Nginx or Apache config

Example config files are provided in the config_examples directory.

  • Add security headers (IMPORTANT). See the end of this file.
  • Use a proper TLS certificate, not a self-signed one
  • Use DH params of 2048 bits
  • Disable session tickets
  • Only use TLS version > 1.2
  • Use a modern cipher list
  • Configure API redirect

PHP config

See the phpfpmConf() and phpConf() functions from

  • Hide PHP version (expose_php in php.ini)
  • Set cookies httponly and secure
  • Use strict mode for sessions
  • Store sessions in a separate directory with restrictive permissions
  • disable url_fopen
  • enable opcache
  • configure open_basedir
  • use longer session id length (session.sid_lenght)
  • disable unused functions (see the list in the script)

Note: these configuration changes will affect all the PHP apps on the server, so you can really only do that if the server is only serving eLabFTW (do you see now why Docker is great? :p).

Miscellaneous config

  • Put restrictive permissions on the uploads and cache folders (and config.php file).

Final step

Finally, point your browser to your server and read onscreen instructions.

For example:

Please report bugs on github.

It’s a good idea to subscribe to the newsletter, to know when new releases are out (you can also see that from the Sysadmin panel).

~Thank you for using eLabFTW :)