sajad torkamani

Setup Nginx on Ubuntu for production

8 June 2025 (Updated 8 June 2025)
On this page
Create a /var/www directory to serve projects
Set correct file permissions
Create server block and DNS record
Add HTTPS

Assuming you’ve installed Nginx (see instructions here), you can take some steps to optimise it for production.

Create a /var/www directory to serve projects

Whilst logged in as a sudo non-admin user, create the directory:

sudo mkdir -p /var/www

Set correct file permissions

Set the owner to your non-admin user and the group to www-data (the group Nginx runs under):

sudo chown -R sajad:www-data /var/www

Change the file permissions to 755:

find /var/www -type d -exec chmod 755 {} \;

This means:

  • The owner can read, write and execute the files.
  • www-data / Nginx (group) can read and traverse the files.
  • Others can read and traverse the files.

Find and update all references to /usr/share so it references /var/www instead.

 sudo grep -rin "usr/share" /etc/nginx/

Ensure your default nginx config file (typically /etc/nginx/nginx.conf) has the nginx user directive set to www-data.

Check all is ok with the config:

nginx -t

Create server block and DNS record

Create a file at /etc/nginx/conf.d/example.conf:

server {
    listen       80;
    server_name  example.sajadtorkamani.com www.example.sajadtorkamani.com;

    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /var/www/example;
        index  index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /var/www/example;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

Create a DNS A record using the value specified as the server_name (example.sajadtorkamani.com www.example.sajadtorkamani.com in the example config above) and point to your server’s IPv4 address.

Reload Nginx:

nginx -s reload && nginx -t

Verify that the website is served correctly from that domain.

Add HTTPS

See here.

Tagged: Nginx Ubuntu