This content originally appeared on Level Up Coding - Medium and was authored by Tara Prasad Routray
Learn how to set up Nginx on Ubuntu VPS, create domains and subdomains, and configure SSL for secure and fast hosting, optimizing your online presence for speed and reliability.
In the dynamic world of web hosting, speed and security are paramount. Nginx, a high-performance web server software, excels in this arena. When combined with an Ubuntu VPS, it forms a potent solution for hosting websites, handling high traffic, and scaling infrastructure.
This in-depth guide will navigate you through setting up a Nginx server on an Ubuntu VPS, securing your site with HTTPS via SSL certificates, and managing subdomains for both HTTP and HTTPS. Whether you’re a seasoned sysadmin or a beginner, this comprehensive tutorial will empower you to master the essentials of Nginx on Ubuntu VPS.
By the end of this journey, you’ll have a fully functional, secure Nginx server on your Ubuntu VPS, ready to deliver your content with lightning speed and ironclad security. With this solid foundation, you’ll be equipped to host your website with confidence, ensuring a seamless experience for your users and a competitive edge in the online landscape.
Table of Contents
- Introduction to Nginx and Ubuntu VPS
- Prerequisites and Initial Setup
- Updating and Upgrading Your Server
- Installing Nginx on Ubuntu VPS
- Setting Up Your Domain Name
- Creating Domain and Subdomain for HTTP
- Testing Nginx Configuration Syntax
- Installing Cert bot for SSL Certificates
- Obtain Wildcard Certificates for All Subdomains
- Creating Domain and Subdomain for HTTPS With SSL
- Verifying HTTPS and SSL Setup
1. Introduction to Nginx and Ubuntu VPS
In the realm of web hosting, efficiency, reliability, and security are the most important thing. Nginx, a high-performance web server and reverse proxy server, stands out for its remarkable ability to handle massive traffic with minimal resource consumption. Its modular architecture and robust feature set make it the go-to choice for both small websites and large-scale applications.
Ubuntu, a rock-solid Linux distribution, provides a stable and secure environment for web applications to thrive. When paired with Nginx, an Ubuntu VPS (Virtual Private Server) becomes a formidable platform for deploying and managing websites with precision. With full control over your server environment, Ubuntu VPS is perfect for hosting web applications, whether it’s a personal blog or a large scale business application.
This comprehensive guide will take you on a journey to master Nginx on Ubuntu VPS. You’ll learn the intricacies of configuring Nginx to handle both HTTP and HTTPS traffic, ensuring your website is accessible and secure. From initial server setup to SSL certificate installation, we’ll cover it all. By the end of this tutorial, you’ll have a fully functional, secure web server that serves your content with lightning speed and efficiency.
Whether you’re a newcomer to web server management or looking to elevate your existing setup, this guide will empower you with the knowledge and tools to succeed with Nginx on Ubuntu VPS.
2. Prerequisites and Initial Setup
Before starting on the Nginx setup journey on your Ubuntu VPS, ensure you have the following essential elements in place for a seamless installation experience:
- Active Ubuntu VPS: Secure an active Ubuntu VPS from reputable cloud service providers like AWS, DigitalOcean, Linode, or Vultr. This server will be the foundation for your Nginx installation.
- Domain Name: Register a domain name that will be associated with your Nginx server. This is crucial for website access and SSL certificate configuration.
- Root or Sudo Access: Verify that you have root or sudo privileges on your Ubuntu VPS. This access is vital for software installation, system file modifications, and service management.
- Basic Command-Line Knowledge: Familiarize yourself with fundamental command-line operations and SSH (Secure Shell) access. This guide will involve terminal-based commands and configuration file editing.
- Updated Server: Ensure your server’s package list is updated. This is critical for installing the latest software versions and security patches.
With these prerequisites in place, you’re ready to begin the Nginx setup process. The subsequent steps will guide you through updating your server, installing Nginx, and configuring it to serve your website efficiently.
3. Updating and Upgrading Your Server
Keeping your server’s software up to date is crucial for security and stability. Here’s how you can update and upgrade your Ubuntu server:
Connect to Your Server: Use SSH to log into your Ubuntu VPS. Open your terminal and execute:
ssh your_username@your_server_ip
Replace your_username with your actual username and your_server_ip with your server’s IP address.
Update Package Lists: Refresh the package index to ensure you have the latest information on available updates. Run:
sudo apt update
Upgrade Installed Packages: Apply updates to all installed packages. This step ensures you have the latest features and security patches. Execute:
sudo apt upgrade
Upgrade Distribution (Optional): If you’re ready to move to a newer version of Ubuntu, you can perform a distribution upgrade. This step is optional and typically done when a new Ubuntu release is available. Run:
sudo apt dist-upgrade
Again, confirm the process if prompted.
Reboot Server (If Necessary): Some updates, particularly kernel updates, may require a reboot. Restart your server to apply these changes:
sudo reboot
By completing these steps, you ensure that your server is equipped with the latest software updates and security patches, laying a solid foundation for installing and configuring Nginx.
4. Installing Nginx on Ubuntu VPS
With your server now up-to-date, it’s time to install Nginx. Start by using the package manager to install Nginx. Open your terminal and execute:
sudo apt install nginx
This command will download and install Nginx along with any necessary dependencies. Once the installation is complete, you need to start the Nginx service to begin using it. Run:
sudo systemctl start nginx
To ensure that Nginx starts automatically whenever the server reboots, enable the service with:
sudo systemctl enable nginx
To confirm that Nginx is running properly, check its status using:
sudo systemctl status nginx
You should see output indicating that Nginx is active (running). Press `q` to exit the status view.
To verify that Nginx is serving content correctly, open a web browser and navigate to your server’s IP address (`http://your_server_ip`). You should see the default Nginx welcome page, which indicates that Nginx is installed and operational.
If your server has a firewall enabled, you’ll need to allow HTTP and HTTPS traffic. Configure your firewall with:
sudo ufw allow 'Nginx HTTP'
sudo ufw allow 'Nginx HTTPS'
With these steps, Nginx will be installed, running, and accessible, ready for further configuration.
5. Setting Up Your Domain Name
Once Nginx is installed and running, the next step is to set up your domain name to point to your Ubuntu VPS. This involves configuring DNS settings and ensuring that your domain resolves to your server’s IP address.
First, you need to update your domain’s DNS records. Log in to the control panel of your domain registrar (the service where you purchased your domain). Locate the DNS management section.
Create an `A` record for your domain. This record will map your domain name to the IP address of your VPS. In the DNS management interface, enter the following details:
- Name: `@` (or leave blank, depending on your registrar’s requirements)
- Type: `A`
- Value: Your VPS IP address (e.g., `123.456.78.90`)
- TTL: Set this to a value like `Auto` during setup to ensure quick propagation. You can increase it later.
If you want to set up subdomains (e.g., `app.yourdomain.com`), create additional `A` records with similar settings:
- Name: `app`
- Type: `A`
- Value: Your VPS IP address
Save the DNS changes. DNS propagation might take some time, typically up to 6 hours, though it often happens faster. During this period, your domain, and subdomains will gradually start pointing to your VPS.
To verify that your domain is pointing to your VPS correctly, use a command-line tool like `dig` or `nslookup` to check the DNS records:
dig yourdomain.com
or
nslookup yourdomain.com
nslookup app.yourdomain.com
These commands should return your VPS IP address. Once propagation is complete, your domain will be fully set up to point to your Ubuntu VPS, ready for further Nginx configuration.
6. Creating Domain and Subdomin for HTTP
With your domain name set up, the next step is to configure Nginx server blocks to handle requests for your domain and any subdomains. Server blocks are similar to virtual hosts in Apache; they allow Nginx to serve different websites or applications based on the requested domain.
Begin by creating a new configuration file for your domain. Navigate to the Nginx configuration directory:
cd /etc/nginx/sites-available/
Create a new file for your domain. For example, if your domain is yourdomain.com, you might name the file yourdomain.com:
sudo nano yourdomain.com
Add the following configuration to this file, adjusting server_name, root, and other parameters as needed:
server {
listen 80;
server_name yourdomain.com;
root /var/www/yourdomain.com/html;
index index.html index.htm; location / {
try_files $uri $uri/ =404;
}
}To create a subdomain, you can create a file name app.yourdomain.com.
sudo nano app.yourdomain.com
Add the following configuration to this file, adjusting server_name, root, and other parameters as needed:
server {
listen 80;
server_name app.yourdomain.com;
root /var/www/app.yourdomain.com/html;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
}Here’s what each directive does:
- listen 80; – Listens for incoming HTTP traffic on port 80.
- server_name yourdomain.com www.yourdomain.com; – Specifies the domain names that this server block will respond to.
- root /var/www/yourdomain.com/html; – Defines the directory where your website files are located.
- index index.html index.htm; – Lists the default files to serve if a directory is requested.
- location / { try_files $uri $uri/ =404; } – Tries to serve the requested file or directory and returns a 404 error if not found.
Save and exit the file by pressing CTRL+X, then Y, and finally Enter.
Create a symbolic link to this configuration file in the sites-enabled directory to activate it:
sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/
Test the Nginx configuration for syntax errors:
sudo nginx -t
If the test is successful, reload Nginx to apply the changes:
sudo systemctl reload nginx
Your Nginx server block is now set up to serve your domain. To verify, place an index.html file in the directory you specified (e.g., /var/www/yourdomain.com/html) with some test content. Then, open your web browser and navigate to your domain to ensure everything is working as expected.
7. Testing Nginx Configuration Syntax
Once you’ve configured your Nginx server blocks, it’s important to ensure that the configuration is error-free before applying the changes. Testing the Nginx configuration for syntax errors helps prevent issues that could disrupt your web server.
To check the syntax of your Nginx configuration files, run the following command:
sudo nginx -t
This command will perform a syntax check on all Nginx configuration files and report any errors or warnings. If everything is configured correctly, you should see an output similar to:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
If there are errors, the output will indicate the specific line and file where the problem occurs. Review the error messages, correct the issues in the respective configuration files, and re-run the syntax check until the configuration is error-free.
Once you’ve confirmed that there are no syntax errors, you need to reload Nginx to apply the changes. This can be done with the following command:
sudo systemctl reload nginx
Reloading Nginx applies the new configuration without interrupting active connections, ensuring a smooth transition.
By following these steps, you ensure that your Nginx configuration is correctly set up and ready to serve your content as intended. This practice helps maintain the stability and reliability of your web server.
8. Installing Certbot for SSL Certificates
To secure your website with HTTPS, you’ll need SSL certificates. Certbot is a popular tool for obtaining and managing these certificates. Here’s how to install Certbot and its Nginx plugin on your Ubuntu VPS:
First, ensure that your package list is updated:
sudo apt update
Next, install Certbot and the Nginx plugin with the following command:
sudo apt install certbot python3-certbot-nginx
This command installs Certbot and the necessary plugin to automatically configure SSL certificates for Nginx.
Once the installation is complete, you can use Certbot to obtain and install SSL certificates for your domain and subdomains. For example, to obtain a certificate for yourdomain.com and app.yourdomain.com, run:
sudo certbot --nginx -d yourdomain.com -d app.yourdomain.com
Certbot will guide you through the process of configuring SSL for your Nginx server. It will automatically generate the necessary SSL certificates and update your Nginx configuration files to include the correct SSL settings
9. Obtain Wildcard Certificates for All Subdomains
To secure your domain and all of its subdomains with HTTPS, you can obtain a wildcard SSL certificate using Certbot. A wildcard certificate allows you to secure *.yourdomain.com and any subdomain under yourdomain.com with a single certificate. Here’s how to obtain and install a wildcard SSL certificate:
Set Up DNS-01 Challenge
Wildcard certificates require DNS-01 challenge validation. This involves creating DNS TXT records to prove domain ownership.
First, request a wildcard certificate by running:
sudo certbot -d "*.yourdomain.com" -d "yourdomain.com" --manual --preferred-challenges dns certonly
This command instructs Certbot to use the DNS-01 challenge to verify domain ownership for both yourdomain.com and *.yourdomain.com.
Certbot will prompt you to create a TXT record in your domain’s DNS settings. Follow the instructions provided by Certbot to add the required DNS records. For instance, you might be asked to create a TXT record with a specific value for _acme-challenge.yourdomain.com.
After adding the TXT record, allow some time for DNS propagation. You can verify the TXT record using tools like MXToolbox or the dig command:
dig -t TXT _acme-challenge.yourdomain.com
Once the DNS TXT record has propagated, return to the Certbot prompt and press Enter to complete the verification process. Certbot will then issue the wildcard certificate.
10. Creating Domain and Subdomain for HTTPS With SSL
To configure a domain and its subdomains with HTTPS using SSL, you’ll need to set up Nginx to handle secure connections and apply the appropriate SSL certificates. Here’s a detailed guide on how to achieve this:
Configure Nginx for HTTPS
Start by creating or updating the Nginx configuration for your domain and subdomains. Navigate to the Nginx configuration directory:
cd /etc/nginx/sites-available/
Create a new configuration file for your domain. For example, if your domain is yourdomain.com, you would create a file named yourdomain.com:
sudo nano yourdomain.com
# for subdomain, your can do this:
sudo nano app.yourdomain.com
Add the following configuration to the file, which includes settings for both your primary domain:
server {
listen 443 ssl;
server_name yourdomain.com;
# for subdomain, your can do this:
# server_name app.yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
root /var/www/yourdomain.com/html;
# for subdomain, your can do this:
# root /var/www/app.yourdomain.com/html;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
}This configuration sets up Nginx to listen for HTTPS traffic on port 443 for yourdomain.com domain or any other subdomain as specified by you. The ssl_certificate and ssl_certificate_key directives point to the SSL certificate files, which should be obtained and stored in /etc/letsencrypt/live/yourdomain.com/.
After saving the configuration file, create a symbolic link to enable the server block:
sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/
Reload Nginx
Reload Nginx to apply the changes and enable your domain.
sudo systemctl reload nginx
11. Verifying HTTPS and SSL Setup
After configuring your Nginx server for HTTPS and installing SSL certificates, it’s essential to verify that everything is working correctly. Here’s a comprehensive guide to check your HTTPS and SSL setup:
1. Test in a Web Browser
The simplest way to verify your HTTPS setup is to check your website in a web browser. Open a browser and navigate to your domain and subdomains using https://. For example, go to:
Ensure that:
- The browser shows a padlock icon next to the URL, indicating a secure connection.
- No security warnings or errors are displayed.
2. Check SSL Certificate Details
Click on the padlock icon in the browser’s address bar to view the SSL certificate details. Verify that:
- The certificate is issued to your domain.
- The certificate is valid and not expired.
- The certificate is issued by a trusted Certificate Authority (CA).
3. Use Online SSL Test Tools
To get a detailed analysis of your SSL configuration, use online tools such as:
- SSL Labs’ SSL Test: Enter your domain to receive a comprehensive report on your SSL configuration, including certificate validity, supported protocols, and potential vulnerabilities.
- Why No Padlock?: Check for mixed content issues and other SSL-related problems.
Kudos! You’ve Achieved a Secure Web Hosting Milestone!
By completing this comprehensive guide, you’ve successfully set up Nginx on an Ubuntu VPS, configured it for both HTTP and HTTPS, and secured your domain and subdomains with SSL certificates. This accomplishment demonstrates your commitment to providing a secure and reliable web environment, safeguarding your visitors’ data, and enhancing your site’s credibility.
You’ve mastered the essential steps for installing and configuring Nginx, obtaining and deploying SSL certificates, and ensuring secure HTTPS connections. Additionally, you’ve learned how to leverage wildcard certificates for comprehensive subdomain coverage, streamlining your security management.
To maintain a secure web presence, it’s crucial to regularly verify your HTTPS setup and monitor SSL certificate renewals to prevent lapses in security. Stay vigilant and address potential security issues promptly to ensure a secure and performant web environment. Continuously update your knowledge with the latest best practices and security advancements to stay ahead of emerging threats.
Thank you for joining me on this journey. With your newfound expertise, you’re well-equipped to manage a secure, efficient, and high-performing web server. Keep shining, and happy hosting!
If you enjoyed reading this article and have found it useful, then please give it a clap, share it with your friends, and follow me to get more updates on my upcoming articles. You can connect with me on LinkedIn. Or, you can visit my official website: tararoutray.com to know more about me.
The Ultimate Guide to Set up Nginx on Ubuntu VPS was originally published in Level Up Coding on Medium, where people are continuing the conversation by highlighting and responding to this story.
This content originally appeared on Level Up Coding - Medium and was authored by Tara Prasad Routray
Tara Prasad Routray | Sciencx (2024-07-22T00:38:46+00:00) The Ultimate Guide to Set up Nginx on Ubuntu VPS. Retrieved from https://www.scien.cx/2024/07/22/the-ultimate-guide-to-set-up-nginx-on-ubuntu-vps/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.