4. Configure Nginx Server Blocks
In Apache, you can host multiple websites in a server with a single IP address using virtual hosts. In Nginx, it is called server blocks. Each website needs its own server block so that the server would know from which directory would it get the correct website files to display in the visitors’ web browser. It also contains the rules to process on how to redirect or restrict the visitors depending on their requests.
First thing, let us isolate each of the websites from one another by creating a separate php-fpm pool being owned by separate user/s and group/s.
|
1 2 |
sudo groupadd SITE_GROUP sudo useradd -g SITE_GROUP SITE_USER |
Create a separate php-fpm config file for each website that would be hosted in the server.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
sudo vim /etc/php5/fpm/pool.d/SITE_USER.conf [SITE_USER] user = SITE_USER group = SITE_GROUP listen = /var/run/php5-fpm-SITE_USER.sock listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,pass thru,shell_exec,system php_admin_flag[allow_url_fopen] = off pm = dynamic pm.max_children = 5 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 chdir = / |
Note: You should add/edit the configurations and values in this file depending on what your website needs and your server resource.
Create the directory to hold the website files for each of your domain. For now, let’s create one directory first. We will have this directory owned by the new user/group we created in the previous step.
|
1 2 3 4 |
sudo mkdir -p /var/www/example.com/html sudo chown -R SITE_USER:SITE_GROUP /var/www/example.com/html sudo chmod -R 755 /var/www sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/example.com |
Edit the new Nginx server block config we just created to point it to the newly created directory.
|
1 2 3 4 5 |
sudo vim /etc/nginx/sites-available/example.com # Edit the following root /var/www/example.com/html server_name example.com www.example.com |
Enable the server block by creating a symbolic link in the sites-enabled directory.
|
1 2 |
sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/ sudo rm /etc/nginx/sites-enabled/default |
Edit the main Nginx configuration file.
|
1 2 3 4 |
sudo vim /etc/nginx/nginx.conf # Edit/Add the following server_names_hash_bucket_size 64; |
Restart the webserver afterwards.
|
1 |
sudo service nginx restart |
5. Install Free SSL Using Let’s Encrypt
Let’s Encrypt is a Certificate Authority (CA) which provides trusted TLS/SSL certificate so you could enable encrypted HTTPS on your webserver. The only price you have to pay is to renew it every 90 days.
We need to install git and bc and clone the Let’s Encrypt repository.
|
1 2 3 |
sudo apt-get update sudo apt-get -y install git bc sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt |
After cloning the Let’s Encrypt repository, let’s proceed in getting our SSL certificate.
|
1 2 3 |
sudo service nginx stop cd /opt/letsencrypt ./letsencrypt-auto certonly —standalone |
After getting the SSL certificate, we need to edit our site configuration file /etc/nginx/sites-available/example.com to use it.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
# Inside the server { block, delete the following lines listen 80 default_server; listen [::]:80 default_server ipv6only=on; # Inside the server { block, add the following lines listen 443 ssl; listen [::]:443 ssl; server_name example.com www.example.com; ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers ‘EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH’; # Permanently redirect all HTTP requests to HTTPS by creating a new server {} block server { listen 80; server_name example.com; return 301 https://$host$request_uri; } |
6. Install WordPress
Finally, the last step we would do is to install the one of the most popular blogging platforms, WordPress. You would easily put your website up without worrying much about coding. Themes and plugins are widely available for you to download and use in your WordPress.
Let us first prepare a database which would be use by our WordPress to store all data it would use.
|
1 2 3 4 5 6 7 |
mysql -u root -p CREATE DATABASE wordpressdb;
CREATE USER wordpressuser@ocalhost IDENTIFIED BY ‘wordpressuserpassword’; GRANT ALL PRIVILEGES ON wordpressdb.* TO wordpressuser@localhost; FLUSH PRIVILEGES; exit |
Note: Provide the MySQL root password if you set any during MySQL/MariaDB installation
Let’s now download WordPress and some packages that it would be use.
|
1 2 3 4 5 6 |
cd wget http://wordpress.org/latest.tar.gz tar zxvf latest.tar.gz sudo apt-get update sudo apt-get install php5-gd libssh2-php |
Next, we would configure our WordPress configuration file wp-config.php and edit it to use the new database we just created.
|
1 2 3 4 5 6 7 |
cd ~/wordpress cp wp-config-sample.php wp-config.php # Edit the following lines to contain the MySQL information we used in the previous step define(‘DB_NAME’, ‘wordpressdb’); define(‘DB_USER’, ‘wordpressuser’); define(‘DB_PASSWORD’, ‘wordpressuserpassword’); |
After editing the WP configuration file, we can now move it to our website root directory so we can access it from the internet.
|
1 2 3 |
sudo rsync -avP ~/wordpress/ /var/www/example.com/html mkdir wp-content/uploads sudo chown -R SITE_USER:SITE_GROUP /var/www/example.com/html/wp-content/uploads |
Before we proceed with the final process in installing WordPress, let us adjust our Nginx configuration file /etc/nginx/sites-available/example.com to instruct how it would handle the request.
|
1 2 3 4 5 6 7 8 9 |
# Remove the following... location / { try_files $uri $uri/ =404; } # ... and replace it with location / { try_files $uri $uri/ /index.php?q=$uri&$args; } |
Finally, complete the installation by accessing WordPress through your web browser.
http://example.com/
. This setup is done using a 512MB Digital Ocean Droplet.){kind=link}