sajad torkamani

Assuming you’ve installed Nginx (see instructions here), you can take some steps to optimise it for production.

Create a /var/www directory to serve projects

Whilst logged in as a sudo non-admin user, create the directory:

sudo mkdir -p /var/www

Set correct file permissions

Set the owner to your non-admin user and the group to www-data (the group Nginx runs under):

sudo chown -R sajad:www-data /var/www

Change the file permissions to 755:

find /var/www -type d -exec chmod 755 {} \;

This means:

  • The owner can read, write and execute the files.
  • www-data / Nginx (group) can read and traverse the files.
  • Others can read and traverse the files.

Find and update all references to /usr/share so it references /var/www instead.

 sudo grep -rin "usr/share" /etc/nginx/

Ensure your default nginx config file (typically /etc/nginx/nginx.conf) has the nginx user directive set to www-data.

Check all is ok with the config:

nginx -t

Create server block and DNS record

Create a file at /etc/nginx/conf.d/example.conf:

server {
    listen       80;
    server_name  example.sajadtorkamani.com www.example.sajadtorkamani.com;

    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /var/www/example;
        index  index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /var/www/example;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

Create a DNS A record using the value specified as the server_name (example.sajadtorkamani.com www.example.sajadtorkamani.com in the example config above) and point to your server’s IPv4 address.

Reload Nginx:

nginx -s reload && nginx -t

Verify that the website is served correctly from that domain.

Add HTTPS

See here.