Setup Nginx on Ubuntu for production
Assuming you’ve installed Nginx (see instructions here), you can take some steps to optimise it for production.
Create a /var/www
directory to serve projects
Whilst logged in as a sudo
non-admin user, create the directory:
sudo mkdir -p /var/www
Set correct file permissions
Set the owner to your non-admin user and the group to www-data
(the group Nginx runs under):
sudo chown -R sajad:www-data /var/www
Change the file permissions to 755
:
find /var/www -type d -exec chmod 755 {} \;
This means:
- The owner can read, write and execute the files.
www-data
/ Nginx (group) can read and traverse the files.- Others can read and traverse the files.
Find and update all references to /usr/share
so it references /var/www
instead.
sudo grep -rin "usr/share" /etc/nginx/
Ensure your default nginx config file (typically /etc/nginx/nginx.conf
) has the nginx user
directive set to www-data
.
Check all is ok with the config:
nginx -t
Create server block and DNS record
Create a file at /etc/nginx/conf.d/example.conf
:
server {
listen 80;
server_name example.sajadtorkamani.com www.example.sajadtorkamani.com;
#access_log /var/log/nginx/host.access.log main;
location / {
root /var/www/example;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/example;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
Create a DNS A
record using the value specified as the server_name
(example.sajadtorkamani.com www.example.sajadtorkamani.com
in the example config above) and point to your server’s IPv4 address.
Reload Nginx:
nginx -s reload && nginx -t
Verify that the website is served correctly from that domain.
Add HTTPS
See here.