Hey there! Welcome to Hostman! 🎉

How to Install Nginx on Ubuntu: Step-by-Step Guide

23.11.2023
Reading time: 7 min
Hostman Team
Technical writer

Nginx is one of the most popular open-source web servers. It is often used as a web server, reverse proxy, or mail proxy.

This article will describe how to install Nginx on Ubuntu and make its basic configuration.

Installing Nginx

You will need a local machine or a cloud server with the Ubuntu operating system installed to install the Nginx server. 

Nginx is available in the official Ubuntu repositories, so you can install it using the apt package management system.

First, you need to update the package lists from the repositories:

sudo apt update

After the update is finished, you can install Nginx on the machine:

sudo apt install nginx

Wait for the installation to finish, and then use this command to start up the service at boot:

sudo systemctl enable nginx

Now check that the web server is running and configured to start at boot. Check the status of the web server:

sudo service nginx status

The line "Active: active (running)..." indicates the successful operation of the server. 

There is another way to check it. Paste the server's IP address into the browser's address bar. If the result is the same as in the picture below, the web server is running.

1a2ea369 28cc 4095 A670 374bc0be5629

Now let's check that it's configured to start at boot:

sudo systemctl is-enabled nginx

If the output shows "enabled", the web server has been added to startup.

Below are the basic commands to manage your web server.

Action

Command

Start

sudo systemctl start nginx

Shutdown

sudo systemctl stop nginx

Restart

sudo systemctl restart nginx

Reload

sudo systemctl reload nginx

Status check

sudo systemctl status nginx

Configuration testing

sudo nginx -t

Firewall settings

Installing and configuring a firewall will allow you to close all ports except those that we need: 22 (SSH), 80 (HTTP), 443 (HTTPS). The first one is required to connect to a remote server. The second and third are necessary for communication between the client and the site. 

Install UFW:

sudo apt install ufw

Then add the web server to the available applications list:

sudo nano /etc/ufw/applications.d/nginx.ini

Let's fill the file like this:

[nginx HTTP]
title=Web Server
description=Enable NGINX HTTP traffic
ports=80/tcp

[nginx HTTPS]\
title=Web Server (HTTPS) \
description=Enable NGINX HTTPS traffic
ports=443/tcp

[nginx full]
title=Web Server (HTTP,HTTPS)
description=Enable NGINX HTTP and HTTPS traffic
ports=80,443/tcp

Check the list of available applications:

sudo ufw app list

If there is a web server among them, everything is done correctly. Now you need to start the firewall and allow traffic on the ports we mentioned above:

sudo ufw enable
sudo ufw allow 'Nginx Full'
sudo ufw allow 'OpenSSH'

To check the changes, enter the command:

sudo ufw status

The output should list all the ports we need.

-

Setting up Nginx

Web server administration is the modification and maintenance of configuration files. Among them are one configuration file and two directories. These are nginx.conf, sites-available, and sites-enabled, respectively. All of them are in the /etc/nginx directory.

The nginx.conf file is the main configuration file. The sites-available directory contains virtual host configuration files. Each file stores a specific site's name, IP address, and other data. The sites-enabled directory, in turn, consists of active site configurations only. Only the sites-enabled directory reads configuration files for virtual hosts. It also stores links to the sites-available. This structure allows you to temporarily disable sites without losing their configurations.

Let's take a closer look at the main configuration file. To do this, open it using the editor:

sudo nano /etc/nginx/nginx.conf

After executing the command, a file divided into modules will open. By default, it looks like in the image below:

F6aa1f6e E360 4ab1 8333 D4ff31ff9c76

Each module is a directive responsible for specific web server settings. There are simple directives and block ones. In addition to the name and parameters, block directives store additional instructions placed inside curly brackets.

Let's list some of the directives of the main configuration file:

  • user is the user that runs all the worker processes.

  • worker_processes is the number of server worker processes. It shouldn't exceed the number of processor cores. The auto option will set the number automatically.

  • pid is a file showing the main process's ID.

  • include is responsible for including other configuration files matching the specified mask.

  • events consists of directives that manage the network connection.

    • worker_connections is the maximum number of concurrent connections for a single worker process.

    • multi_accept is a flag that can be either enabled (on) or disabled (off). If enabled, the worker process will accept all new connections; otherwise, only one.

    • use specifies the connection handling method. By default, the server chooses the most efficient.

  • http consists of directives responsible for the operation of the HTTP server.

    • sendfile enables (on) or disables (off) the sendfile() data sending method.

    • tcp_nopush, tcp_nodelay are parameters that affect the performance. The first forces the server to send HTTP response headers in one packet, and the second allows you not to buffer the data and send it in short bursts.

    • keepalive_timeout is responsible for the keep-alive connection timeout before the server terminates it.

    • keepalive_requests is the maximum number of requests in one keep-alive connection.

    • error_log is a web server error log. To collect errors for a specific section (http, server, etc.), you need to place the directive inside that section.

    • gzip is for content compression.

Setting up virtual hosts

A server can host multiple sites. All requests come to its IP address, and the web server determines how to respond, depending on the domain. Virtual hosts ensure that the server understands what data belongs to which domain. 

For example, we'll create the site testsite.dev.

Let's create a folder for the site:

sudo mkdir -p /var/www/testsite.dev/html

Then add the index file:

sudo nano /var/www/testsite.dev/html/index.html

Let's fill it with the basic data needed to display the site:

<!DOCTYPE html>
<html lang="en">
<head>
     <title>testsite.dev</title>
     <metacharset="utf-8">
</head>
<body>
     <h1>Hello, user</h1>
</body>
</html>

Then we'll create a site configuration file in the sites-available folder:

sudo nano /etc/nginx/sites-available/testsite.dev.conf

Let's fill it with the simplest configuration:

server {
     listen 80;
     listen[::]:80;
     server_name testsite.dev www.testsite.dev;
     root /var/www/testsite.dev/html;
     index index.html index.xml;
}

The last thing to do is create a link in the sites-enabled directory to the testsite.dev site configuration, so it is added from available to enabled:

sudo ln -s /etc/nginx/sites-available/testsite.dev.conf /etc/nginx/sites-enabled/

Now let's test the configuration:

sudo nginx -t

Disable the default site by deleting the default virtual host entry:

sudo rm /etc/nginx/sites-enabled/default

It is worth clarifying that after we disable the default site, Nginx will use the first server block it encounters as a fallback site (that is, the very first site from the Nginx configuration will open at the server IP address).

Restart the web server:

sudo systemctl restart nginx

Let's check that the site works. To do this, you can paste the server IP address or domain, if it is registered, into the address bar of the browser:

Ac149b6e 120e 490f 9e60 509ad3549c76

Another option is to use the curl command:

A469a009 221f 4f35 9628 F6b555d2e085

Conclusion

In this article, we have shown the process of installing Nginx on Linux, namely on the Ubuntu distribution. 

Using this guide you can set up the web server and deploy your first website. We have also prepared the server to use the encrypted HTTPS protocol. Remember that to set up a secure connection, you will need an SSL certificate.