Install and Setup Nginx Server on Ubuntu Server

Install Nginx on Ubuntu Server

EasiestSoft@ubuntu:~$ sudo apt update
EasiestSoft@ubuntu:~$ sudo apt install nginx

Adjust the firewall

EasiestSoft@ubuntu:~$ sudo ufw app list
EasiestSoft@ubuntu:~$ sudo ufw allow 'Nginx Full'
EasiestSoft@ubuntu:~$ sudo ufw status

Make sure the Nginx service is running by typing:

EasiestSoft@ubuntu:~$ systemctl status nginx

Navigate to server ip address will show: "Welcome to nginx!", it seems the server started automatically

Manage teh Nginx process

EasiestSoft@ubuntu:~$ sudo systemctl stop nginx
EasiestSoft@ubuntu:~$ sudo systemctl start nginx
EasiestSoft@ubuntu:~$ sudo systemctl restart nginx
EasiestSoft@ubuntu:~$ sudo systemtl reload nginx
EasiestSoft@ubuntu:~$ sudo systemctl enable nginx
EasiestSoft@ubuntu:~$ sudo systemctl disable nginx

Set nginx.conf bucket

EasiestSoft@ubuntu:~$ sudo vi /etc/nginx/nginx.conf

server_names_hash_bucket_size 128;
server_tokens off;

Reload config without nginx restart

EasiestSoft@ubuntu:~$ nginx -t
EasiestSoft@ubuntu:~$ nginx -s reload

How to Config Ubuntu Nginx Server

To see the default server block and help links

EasiestSoft@ubuntu:~$ cat /etc/nginx/sites-available/default

Create Serve Block:

EasiestSoft@ubuntu:~$ sudo touch /etc/nginx/sites-available/EasiestSoft.com
EasiestSoft@ubuntu:~$ sudo vi /etc/nginx/sites-available/EasiestSoft.com

Note: www/public directory permission should be 755

EasiestSoft@ubuntu:~$ sudo ln -s /etc/nginx/sites-available/EasiestSoft.com /etc/nginx/sites-enabled/
EasiestSoft@ubuntu:~$ sudo rm /etc/nginx/sites-enabled/default

How to prevent processing requests with undefined server names

If requests without the “Host” header field should not be allowed, a server that just drops the requests can be defined:

server {
    listen      80;
    return      444;
}

About privilege

Check to make sure the www/public dir has right permissions, it is 755 in my test

EasiestSoft@ubuntu:~$ ls -l

Public_html: 755
Public_html\folder:755
Public_html\files:644

find . -type d -exec chmod 755 {} \;
find . -not -type d -exec chmod 644 {} \;
find . -type d -print0 | xargs -0 chmod 755
find . -not -type d -print0 | xargs -0 chmod 644
find . -type f -name "*.sh" -print0 | xargs -0 chmod 700

Globally disabling css image access logging for all sites:

  • Create file /etc/nginx/exclude_files.conf with content as bellow:

    location ~* .(css|js|png|jpg|jpeg|gif|ico|woff|woff2|otf|ttf|eot|svg|txt|webp|asp|php)$ { access_log off; log_not_found off; expires max; add_header Pragma public; add_header Cache-Control "public"; add_header Vary "Accept-Encoding"; }

  • Include exclude_files.conf in every server config

    server { # ... include exclude_files.conf; }

Nginx redirect sub domains to sub directories

server {
    listen 443 ssl;
    listen [::]:443 ssl;

    server_name ~^(?<sub>one|two)\.EasiestSoft\.com$;
    return 301 "https://EasiestSoft.com/${sub}${uri}";
}

©2012-2019 EasiestSoft