Install and Setup Nginx Server on Ubuntu Server

Install Nginx on Ubuntu Server

EasiestSoft@ubuntu:~$ sudo apt update EasiestSoft@ubuntu:~$ sudo apt install nginx

Adjust the firewall

EasiestSoft@ubuntu:~$ sudo ufw app list EasiestSoft@ubuntu:~$ sudo ufw allow 'Nginx Full' EasiestSoft@ubuntu:~$ sudo ufw status

Make sure the Nginx service is running by typing:

EasiestSoft@ubuntu:~$ systemctl status nginx

Navigate to server ip address will show: "Welcome to nginx!", it seems the server started automatically

Manage teh Nginx process

EasiestSoft@ubuntu:~$ sudo systemctl stop nginx EasiestSoft@ubuntu:~$ sudo systemctl start nginx EasiestSoft@ubuntu:~$ sudo systemctl restart nginx EasiestSoft@ubuntu:~$ sudo systemtl reload nginx EasiestSoft@ubuntu:~$ sudo systemctl enable nginx EasiestSoft@ubuntu:~$ sudo systemctl disable nginx

Set nginx.conf bucket

EasiestSoft@ubuntu:~$ sudo vi /etc/nginx/nginx.conf server_names_hash_bucket_size 128; server_tokens off;

Reload config without nginx restart

EasiestSoft@ubuntu:~$ nginx -t EasiestSoft@ubuntu:~$ nginx -s reload

How to Config Ubuntu Nginx Server

To see the default server block and help links

EasiestSoft@ubuntu:~$ cat /etc/nginx/sites-available/default

Create Serve Block:

EasiestSoft@ubuntu:~$ sudo touch /etc/nginx/sites-available/EasiestSoft.com EasiestSoft@ubuntu:~$ sudo vi /etc/nginx/sites-available/EasiestSoft.com

Note: www/public directory permission should be 755

EasiestSoft@ubuntu:~$ sudo ln -s /etc/nginx/sites-available/EasiestSoft.com /etc/nginx/sites-enabled/ EasiestSoft@ubuntu:~$ sudo rm /etc/nginx/sites-enabled/default

How to prevent processing requests with undefined server names

If requests without the “Host” header field should not be allowed, a server that just drops the requests can be defined:

server { listen 80; return 444; }

About privilege

Check to make sure the www/public dir has right permissions, it is 755 in my test

EasiestSoft@ubuntu:~$ ls -l Public_html: 755 Public_html\folder:755 Public_html\files:644 find . -type d -exec chmod 755 {} \; find . -not -type d -exec chmod 644 {} \; find . -type d -print0 | xargs -0 chmod 755 find . -not -type d -print0 | xargs -0 chmod 644 find . -type f -name "*.sh" -print0 | xargs -0 chmod 700

Globally disabling css image access logging for all sites:

  • Create file /etc/nginx/exclude_files.conf with content as bellow:

    location ~* .(css|js|png|jpg|jpeg|gif|ico|woff|woff2|otf|ttf|eot|svg|txt|webp|asp|php)$ { access_log off; log_not_found off; expires max; add_header Pragma public; add_header Cache-Control "public"; add_header Vary "Accept-Encoding"; }

  • Include exclude_files.conf in every server config

    server { # ... include exclude_files.conf; }

Nginx redirect sub domains to sub directories

server { listen 443 ssl; listen [::]:443 ssl; server_name ~^(?<sub>one|two)\.EasiestSoft\.com$; return 301 "https://EasiestSoft.com/${sub}${uri}"; }

©2012-2019 EasiestSoft