Installing and running nginx

[dos2unix]

Installing Nginx on RPM-Based and DEB-Based Linux Systems​

RPM-Based Systems (e.g., CentOS, Fedora, RHEL)​

Install Nginx:

 sudo dnf install nginx

Enable and Start Nginx:

 sudo systemctl enable nginx
sudo systemctl start nginx

DEB-Based Systems (e.g., Ubuntu, Debian)​

Install Nginx:

sudo apt update
sudo apt install nginx

Enable and Start Nginx:

sudo systemctl enable nginx
sudo systemctl start nginx

Understanding /etc/nginx/nginx.conf​

The file /etc/nginx/nginx.conf is the main configuration file for Nginx. It defines the global settings, such as user permissions, worker processes, and logging. It also includes directives for configuring server blocks, which determine how Nginx handles requests for different domains and paths.

HTML Directory Path​

The default directory where Nginx serves HTML files is typically:

• RPM-Based Systems: /usr/share/nginx/html
• DEB-Based Systems: /var/www/html

Naming the Initial Home Page​

The initial home page should always be named index.html (or index.php if you're using PHP). While Linux doesn't care about filename extensions, web pages typically need to end in .html to be correctly interpreted by browsers.

Opening the Firewall​

DEB-Based Systems (using ufw)​

Allow HTTP Traffic:

 sudo ufw allow 80/tcp 
sudo ufw reload

​

RPM-Based Systems (using firewall-cmd)​

Allow HTTP Traffic:

 sudo firewall-cmd --permanent --add-service=http sudo firewall-cmd --reload

Accessing Your Web Server​

If you're running Nginx on your local computer with a GUI, you can browse to your web server using the localhost address (http://localhost).

If you've opened your firewall on port 80, other computers on your local network (including Windows, Apple Mac, and your cell phone) can browse to your web server by typing in the IP address (e.g., http://10.0.1.12).

SSL and Port 443​

Port 80 typically does not use SSL, meaning its pages are not encrypted. Port 443, on the other hand, is used for SSL/TLS and provides encrypted communication. When you visit a website using HTTPS, you'll see a little padlock icon in the browser near the URL, indicating that the connection is secure.

 

[dos2unix]

Installing and Configuring Nginx with SSL on RPM-Based and DEB-Based Linux Systems​

Installing Nginx​

RPM-Based Systems (e.g., CentOS, Fedora, RHEL)

1. Install Nginx:

    sudo dnf install nginx

2. Enable and Start Nginx:

    sudo systemctl enable nginx sudo systemctl start nginx

DEB-Based Systems (e.g., Ubuntu, Debian)

1. Install Nginx:

    sudo apt update sudo apt install nginx

2. Enable and Start Nginx:

    sudo systemctl enable nginx sudo systemctl start nginx

Understanding /etc/nginx/nginx.conf​

The file /etc/nginx/nginx.conf is the main configuration file for Nginx. It defines the global settings, such as user permissions, worker processes, and logging. It also includes directives for configuring server blocks, which determine how Nginx handles requests for different domains and paths.

HTML Directory Path​

The default directory where Nginx serves HTML files is typically:

• RPM-Based Systems: /usr/share/nginx/html
• DEB-Based Systems: /var/www/html

Naming the Initial Home Page​

The initial home page should always be named index.html (or index.php if you're using PHP). While Linux doesn't care about filename extensions, web pages typically need to end in .html to be correctly interpreted by browsers.

Opening the Firewall​

DEB-Based Systems (using ufw)

1. Allow HTTP Traffic:

    sudo ufw allow 80/tcp sudo ufw reload

RPM-Based Systems (using firewall-cmd)

1. Allow HTTP Traffic:

    sudo firewall-cmd --permanent --add-service=http sudo firewall-cmd --reload

Accessing Your Web Server​

If you're running Nginx on your local computer with a GUI, you can browse to your web server using the localhost address (http://localhost).

If you've opened your firewall on port 80, other computers on your local network (including Windows, Apple Mac, and your cell phone) can browse to your web server by typing in the IP address (e.g., http://10.0.1.12).

SSL and Port 443​

Port 80 typically does not use SSL, meaning its pages are not encrypted. Port 443, on the other hand, is used for SSL/TLS and provides encrypted communication. When you visit a website using HTTPS, you'll see a little padlock icon in the browser near the URL, indicating that the connection is secure.

Installing SSL Modules for Nginx​

RPM-Based Systems (e.g., CentOS, Fedora, RHEL)

1. Install the SSL Module:

    sudo yum install nginx-mod-http-ssl

2. Restart Nginx:

    sudo systemctl restart nginx

DEB-Based Systems (e.g., Ubuntu, Debian)

1. Install the SSL Module:

    sudo apt update sudo apt install nginx sudo apt install nginx-extras

2. Restart Nginx:

    sudo systemctl restart nginx

Creating Your Own Self-Signed SSL Certificate​

1. Generate the Private Key:

    openssl genpkey -algorithm RSA -out /etc/ssl/private/nginx-selfsigned.key

2. Generate the Certificate Signing Request (CSR):

    openssl req -new -key /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.csr

3. Generate the Self-Signed Certificate:

    openssl x509 -req -days 365 -in /etc/ssl/certs/nginx-selfsigned.csr -signkey /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt

Configuring Nginx to Use the Self-Signed Certificate​

1. Edit the Nginx Configuration:

    server { listen 443 ssl; server_name your_domain.com;
   ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
   ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
   
   location / {
       root /var/www/html;
       index index.html index.htm;
   }
   
   }

2. Restart Nginx:

    sudo systemctl restart nginx

Using ufw (Uncomplicated Firewall)​

1. Allow HTTPS traffic:

    sudo ufw allow 443/tcp

2. Enable the firewall (if not already enabled):

    sudo ufw enable

3. Check the status to confirm the rule is added:

    sudo ufw status

Using firewall-cmd (FirewallD)​

1. Add the rule to allow HTTPS traffic:

    sudo firewall-cmd --permanent --add-port=443/tcp

2. Reload the firewall to apply the changes:

    sudo firewall-cmd --reload

3. Verify the rule is added:

    sudo firewall-cmd --list-ports

Difference Between Self-Signed and CA Authority Signed Certificates​

• Self-Signed Certificates:
  • Generated by the user.
  • Not trusted by default by browsers and operating systems.
  • Suitable for internal testing or development environments.
  • No cost involved.
• CA Authority Signed Certificates:
  • Issued by a trusted Certificate Authority (CA).
  • Trusted by default by browsers and operating systems.
  • Suitable for production environments where trust and security are critical.
  • Involves a cost for the certificate.

Testing SSL in Your Browser​

1. Access Your Web Server Using HTTPS: Open your web browser and navigate to https://your_domain.com or https://your_server_ip. If everything is set up correctly, you should see your website served over HTTPS.
2. Check for the Padlock Icon: Look for the padlock icon in the browser's address bar. This indicates that the connection is secure and encrypted using SSL/TLS.

I hope this guide helps!

 

[dos2unix]

Installing PHP Modules for Nginx on RPM-Based and DEB-Based Linux Servers​

Overview of PHP​

PHP (Hypertext Preprocessor) is a popular server-side scripting language designed for web development. It is widely used to create dynamic web pages and applications. PHP can be embedded into HTML, making it a versatile tool for web developers.

Prerequisites​

• Nginx is already installed on your server.

Installing PHP on RPM-Based Systems (e.g., CentOS, Fedora, RHEL)​

1. Install PHP and PHP-FPM:

    sudo yum install php php-fpm

2. Start and enable PHP-FPM service:

    sudo systemctl start php-fpm sudo systemctl enable php-fpm

Installing PHP on DEB-Based Systems (e.g., Ubuntu, Debian)​

1. Install PHP and PHP-FPM:

    sudo apt update sudo apt install php php-fpm

2. Start and enable PHP-FPM service:

    sudo systemctl start php7.4-fpm sudo systemctl enable php7.4-fpm

Configuring Nginx to Use PHP Processor​

1. Edit the Nginx configuration file (usually located at /etc/nginx/sites-available/default or /etc/nginx/conf.d/default.conf):

    server { listen 80; server_name your_domain_or_IP;
   root /var/www/html;
   index index.php index.html index.htm;
   
   location / {
       try_files $uri $uri/ =404;
   }
   
   location ~ \.php$ {
       include snippets/fastcgi-php.conf;
       fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
   }
   
   location ~ /\.ht {
       deny all;
   }
   
   }

2. Restart Nginx to apply the changes:

    sudo systemctl restart nginx

Important Notes​

• File Extensions: While Linux itself does not care about filename extensions, PHP files must end with a .php extension to be processed correctly by the PHP interpreter.
• Default Web Page: Similar to index.html, you can use index.php as the default web page.

Creating a PHP Info Page​

1. Create a PHP file named phpinfo.php in your web root directory (e.g., /var/www/html):

    sudo nano /var/www/html/phpinfo.php

2. Add the following code to the phpinfo.php file:

   <php? phpinfo(); ?>

3. Save and close the file.

Testing the PHP Installation​

1. Open your web browser and navigate to:

    http://localhost/phpinfo.php

2. You should see a page displaying detailed information about your PHP configuration.

By following these steps, you can successfully install and configure PHP modules for Nginx on both RPM-based and DEB-based Linux servers. This setup allows you to run PHP scripts and create dynamic web applications.