Nginx – installation and first configuration

I have already created a series of entries related to the configuration of the Nginx server, PHP-FPM and MariaDB database few years ago but all of them were in the Polish and also are currently outdated. I decided to create this series again, this time in English and with all fresh information about this modules and nice “tricks”. This post is first one with Nginx installation and global, standard configuration of this web server. I based on Ubuntu Server (16.04) and repositories for this distrubution. Installation may look different on other systems, but configuration is the same, independent of platform.

Nginx installation and first configuration

Nginx virtual host configuration

Use PHP-FPM with Nginx

Describe and change php.ini settings

PHP-FPM – config improvements

Use strong Nginx encryption settings

Nginx optimizations, tips and tricks

Why Nginx?

First of all, why I prefer Nginx instead of Apache or other web server? It’s very, very fast, we can also use other external modules like Ruby or PHP (maybe not good word – not modules, but send requests to other wrappers) and… simple, clean in configuration. One small disadvantage is that we can’t use rewrite rules directly from Apache (mod_rewrite), because syntax is different. We also can’y using these rules on Nginx dynamically like on Apache with .htaccess files – all rules must be saved in virtual hosts configuration and any changes need server reloading. Some hosting companies changed that modifying Nginx core, but we will use clean version from repository.

I recommended to use Dotdeb repository for Debian on first version of this series. Now we will change this to something else – Phusion Passenger version. Why? Because it has more modules in Nginx, newer version and it’s also ready to use with Ruby. According to official manual it’s very simple because of PPA:

sudo apt-get install -y dirmngr gnupg
sudo apt-key adv --keyserver hkp:// --recv-keys 561F9B9CAC40B2F7
sudo apt-get install -y apt-transport-https ca-certificates

# Add our APT repository
sudo sh -c 'echo deb trusty main > /etc/apt/sources.list.d/passenger.list'
sudo apt-get update

# Install Passenger + Nginx
sudo apt-get install -y nginx-extras

First configuration

And… it’s all, really – we have ready Nginx web server installed on our machine. What’s next? We can now add new virtual hosts, but first edit Nginx main config located on /etc/nginx/nginx.conf. I will describe only most important parts of this config:

worker_processes auto;

This describes how many Nginx process should be created to handle requests. Auto option is best, because it’s related to our processor cores. Other config will be located in http block, or we should add them:

server_tokens off;

This will hide our server information for requests response. It’s important for security – we should not reveal our server configuration if it’s possible. We can also overwrite default server name with new one using this:

more_set_headers 'Server: Apache 2.2.1';

Next settings are related to gzip compression. Nginx can support response data to speedup page loading. It can also use pre-compressed data if exists. It’s disabled on default configuration and… I don’t recommend to enable this option. Why? better option is to use compression on third-party service like Cloudflare – we can then hide our real server IP, fight with spam boots, set expire headers and also optimize and proxy data. I will describe Cloudflare on other post, so feel free to change this settings:

#gzip on;

# Disable gzip for non-supported User Agents
#gzip_disable "msie6";

#gzip_vary on;
#gzip_proxied any;
#gzip_comp_level 6;
#gzip_buffers 16 8k;
#gzip_http_version 1.1;

# Mime types to compress
#gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

It’s all. Rest of options should be clear (ex. global error report file location). Of course you must restart nginx (service nginx restart) after any changes. We will configure our first virtual host on second chapter. Any ideas, questions? Please comment!