There is a point to this story, but it has temporarily escaped my mind...
Contact Me MyFaceBook MyLinkedIn MyGitHub MyTwitter

Install Web Server

First, make sure that all of the latest patches are installed

sudo apt-get update
sudo apt-get dist-upgrade
sudo reboot

Install NGINX Web Server

I prefer NGINX as the front-facing web server. It has the ability to easily act as a reverse proxy so I typically configure it to listen on the “public” interface IP address and then any other applications to run on the interface. I'll also use this “reverse proxy” to host one SSL site that redirects to other non-HTTPS web sites runing on the interface. This is an easy way to not worry if the application itself support HTTPS and allows me to test/debug a site without SSL.

sudo apt-get -y install nginx
sudo sed -i 's/# server_tokens off;/server_tokens off;/g' /etc/nginx/nginx.conf
sudo service nginx start

Test that it's working (should see “Welcome to nginx!”)

sudo /bin/rm /etc/nginx/sites-enabled/default
sudo service nginx stop

Install Application Engines

Most servers don't serve static content and therefore need an application engine to produce the content:


sudo apt-get -y install php7.0-common php7.0-cli php7.0-fpm php-apcu
sudo sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/7.0/fpm/php.ini 
sudo sed -i "s,;date.timezone =,date.timezone = \"$(cat /etc/timezone)\",g" /etc/php/7.0/fpm/php.ini

Once PHP is installed, you can test it to make sure it is installed correctly:

cat > /tmp/php-test << EOF
server {
  listen 8080;

  root /usr/share/nginx/html;

  location / { 
    index info.php;

  location ~ \.php\$ {
    include fastcgi_params;
    fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
    fastcgi_param PATH_INFO \$uri;  # necessary for URL rewrite
    fastcgi_index info.php;

sudo mv /tmp/php-test /etc/nginx/sites-available/
sudo ln -s /etc/nginx/sites-available/php-test /etc/nginx/sites-enabled/php-test

cat > /tmp/info.php << EOF
<?php phpinfo(); ?>

sudo mv /tmp/info.php  /usr/share/nginx/html/info.php

Then restart the server for the changes to take effect.

sudo service php7.0-fpm restart
sudo service nginx restart

Test the PHP installation opening the info.php which should display the PHP information page. After testing, delete the file to prevent “exposing” too much information to the public about your installation.

sudo rm -f /usr/share/nginx/html/info.php
sudo /bin/rm /etc/nginx/sites-enabled/php-test
sudo /bin/rm /etc/nginx/sites-available/php-test
sudo service nginx stop

I prefer to configure each application with only the application engine it needs as opposed to at the server level but each site will need the above configuration at a minimum…

Site Configuration Files

I put each web site/application in a separate configuration file named by the URL then enable it, test the configuration:

sudo ln -s /etc/nginx/sites-available/url.domain.tld /etc/nginx/sites-enabled/url.domain.tld
sudo service nginx configtest

Finally, reload the web server configuration:

sudo service nginx reload
Copyright © 2019 by Julian Easterling. SOME RIGHTS RESERVED.
Privacy Policy              Terms of Use             

Creative Commons License
Except where otherwise noted, content on this site is
licensed under a Creative Common Attribution-Share Alike 4.0 International License.

All of the opinions expressed on this website are those of Julian Easterling and
do not represent the views of any of my current and previous clients or employers in any way.

If you notice an error on the site or content that has not been properly attributed, bring
it to my attention using the contact page and I will endeavor to fix it as soon as I can.

I accept no responsibility or liability for any damages incurred by following any of
my advice or by using any of the information on my site or of those sites that I link to.