← Writings

Set up an NGINX website on Ubuntu in 10 minutes

03 Jul, 2022

I often find myself setting up a new domain/website for a new project. In order to streamline the setup process, I have this handy guide with step by step instructions on how to setup an NGINX server on Ubuntu in 10 minutes.

  1. Install the latest LEMP module from the Digital Ocean marketplace.
  2. Add a new sudo user using the following commands:
    • adduser advait
    • usermod -aG sudo advait
  3. Upgrade all existing dependencies using the following commands:
    • sudo apt update
    • sudo apt upgrade
    • sudo apt full-upgrade
    • sudo apt autoremove
    • sudo reboot
  4. Setup domain folders by creating the following directories in /var/www/:
    • sudo mkdir domain.ext
    • cd domain.ext
    • sudo mkdir cron_scripts
    • sudo mkdir executables
    • sudo mkdir public_html
    • sudo touch public_html/index.html
  5. Secure the directory permissions using the following commands:
    • sudo chown -R advait /var/www/
    • sudo chgrp -R www-data /var/www/
    • sudo chmod -R 750 /var/www/
    • sudo chmod g+s /var/www/
  6. Setup NGINX Server Blocks using the following commands:
    • Go to /etc/nginx/sites-available/
    • Remove any existing files and their syslinks from /sites-enabled as well
    • Create a server block for your domain using the following command:
      • sudo vi domain.ext
    • Enter the following server block template and replace the variables with the correct values:
      • server {
            root /var/www/domain.ext/public_html;
            index index.php index.html index.htm index.nginx-debian.html;

            server_name domain.ext;

            location / {
            try_files $uri $uri/ =404;
            }

            location ~ \.php$ {
            include snippets/fastcgi-php.conf;
            fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
            }

            location ~ /\.ht {
            deny all;
            }
        }

    • Create a syslink to sites-enables using the following commands:
      • sudo ln -s /etc/nginx/sites-available/domain.ext /etc/nginx/sites-enabled/
  7. Verify that the configuration syntax is OK by using the following command: sudo nginx -t
  8. Restart the server using the following command: sudo systemctl restart nginx
  9. Open NGINX config using the following command: sudo vi /etc/nginx/nginx.conf
    • Make sure the following lines are uncommented:
      • server_names_hash_bucket_size 64;
      • server_tokens off;
    • Add the following to the top of the http block:
      • more_set_headers 'Server: ';
  10. Install dependencies:
    1. Install nginx-extras using the following command: sudo apt install nginx-extras
    2. Reboot the server for changes to take effect: sudo systemctl restart nginx
  11. Turn off MySQL strict mode by opening MySQL conf with the following command: vi /etc/mysql/my.cnf and adding the following line under [mysqld] (adding mysqld block if it doesn't exist): sql_mode= . Following this reboot the server using the command reboot.
  12. Setup PHPMyAdmin:
    1. Go to the website root directory using: cd /var/www/domain.ext/public_html/
    2. Create the database directory using the following command: mkdir database
    3. Get the latest PHPMyAdmin application download URL from https://www.phpmyadmin.net/downloads/ and download the zip file using the following command: wget https://files.phpmyadmin.net/phpMyAdmin/5.2.0/phpMyAdmin-5.2.0-all-languages.zip
    4. Install zip/unzip: sudo apt install zip unzip
    5. Unzip PHPMyAdmin and rename the unzipped folder to a random value like dEpofpP923iFFoid or some similar randomized value (obfuscate the directory to make it harder for strangers to find the PHPMyAdmin folder)
    6. Setup config.inc.php
      1. Open the PHPMyAdmin folder using mkdir dEpofpP923iFFoid
      2. Add a similarly randomized string for the blowfish secret
      3. Add the following to the cfg array
        1. $cfg['TempDir'] = '/tmp';
        2. $cfg['ExecTimeLimit'] = 0;
        3. $cfg['TablePrimaryKeyOrder'] = 'DESC';
  13. Change your DNS A record to match your server's IP address
  14. Setup HTTPS for your domain via CertBot by running: sudo certbot --nginx
  15. Setup a MYSQL user for PHPMyAdmin database administration:
    1. Enter MYSQL using the following command: sudo mysql
    2. Create a MYSQL user with all access using the following commands:
      1. CREATE USER 'adminUser'@'localhost' IDENTIFIED BY 'password';
      2. GRANT ALL PRIVILEGES ON *.* TO 'adminUser'@'localhost' WITH GRANT OPTION;
      3. FLUSH PRIVILEGES;
  16. Similarly, setup a MYSQL user for programmatic access (without administration privileges)