Ubuntu + Nginx + PHP + Certbot Setup

technology

10 months ago

post image

Ubuntu + Nginx + PHP + Certbot Setup

In this blog post, I will show you how to set up a web server on Ubuntu using Nginx, PHP 8.1, and Certbot. Nginx is a fast and lightweight web server that can handle high traffic and serve static and dynamic content. PHP 8.1 is the latest version of the popular scripting language that can run on the server side and generate dynamic web pages. Certbot is a tool that automates the process of obtaining and renewing SSL certificates from Let’s Encrypt, a free and trusted certificate authority. SSL certificates enable HTTPS, which encrypts the communication between the web server and the clients, and also verifies the identity of the website.

By following this guide, you will be able to:

  • Install the latest Ubuntu version on your server
  • Install Nginx and PHP 8.1 on your server
  • Configure Nginx with one virtual host - www.example.com
  • Install Certbot and set up automatic renew SSL certificates for your domain

Prerequisites

Before you start, you will need:

  • A server running Ubuntu 20.04 or later. You can use any cloud provider or hosting service that offers Ubuntu servers, such as DigitalOcean, Linode, or AWS.
  • A domain name registered with a DNS service. You can use any domain registrar that offers DNS management, such as Namecheap, GoDaddy, or Google Domains.
  • A DNS record that points your domain name to your server’s IP address. You can use any DNS service that allows you to create A records, such as [Cloudflare], [DNSimple], or [Route 53].
  • A user account on your server with sudo privileges. You can follow this [guide] to create a sudo user on Ubuntu.

Step 1: Installing Ubuntu

The first step is to install the latest Ubuntu version on your server. You can use any method that suits your preference, such as using an ISO image, a pre-built image, or a cloud-init script. For this guide, I will assume that you are using a cloud provider that offers Ubuntu images, such as DigitalOcean.

To install Ubuntu on your server, follow these steps:

  • Log in to your cloud provider’s dashboard and create a new server (also known as a droplet, instance, or node).
  • Choose Ubuntu 20.04 (or later) as the operating system for your server.
  • Choose the size, region, and other options for your server according to your needs and budget.
  • Add your SSH key to your server for secure and passwordless login. You can follow this [guide] to generate and add an SSH key to your server.
  • Create and launch your server.

Once your server is up and running, you can log in to it using SSH. You can use any SSH client, such as [PuTTY], [Termius], or [OpenSSH]. For example, if you are using OpenSSH on Linux or macOS, you can run this command in your terminal:

ssh username@server_ip_address

Replace username with your sudo user name and server_ip_address with your server’s IP address. You should see a welcome message like this:

Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 5.4.0-80-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Wed Nov 17 09:11:55 UTC 2021

  System load:  0.0               Processes:             103
  Usage of /:   3.5% of 24.06GB   Users logged in:       0
  Memory usage: 16%               IPv4 address for eth0: 203.0.113.10
  Swap usage:   0%

0 updates can be installed immediately.
0 of these updates are security updates.

The list of available updates is more than a week old.
To check for new updates run: sudo apt update

You have successfully installed Ubuntu on your server.

Step 2: Installing Nginx and PHP 8.1

The next step is to install Nginx and PHP 8.1 on your server. Nginx is a web server that can serve static and dynamic content, as well as act as a reverse proxy, load balancer, or cache server. PHP 8.1 is the latest version of the popular scripting language that can run on the server side and generate dynamic web pages.

To install Nginx and PHP 8.1 on your server, follow these steps:

  • Update your server’s package index by running:
sudo apt update
  • Install Nginx by running:
sudo apt install nginx
  • Confirm the installation by typing y and hitting Enter.
  • Check the status of Nginx by running:
sudo systemctl status nginx

You should see an output like this:

● nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2021-11-17 09:15:23 UTC; 2min 13s ago
       Docs: man:nginx(8)
    Process: 1010 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
    Process: 1028 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
   Main PID: 1029 (nginx)
      Tasks: 3 (limit: 1137)
     Memory: 3.5M
     CGroup: /system.slice/nginx.service
             ├─1029 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
             ├─1030 nginx: worker process
             └─1031 nginx: worker process

Nov 17 09:15:23 ubuntu-s-1vcpu-1gb-nyc1-01 systemd[1]: Starting A high performance web server and a reverse proxy server...
Nov 17 09:15:23 ubuntu-s-1vcpu-1gb-nyc1-01 systemd[1]: Started A high performance web server and a reverse proxy server.

This means that Nginx is running and enabled to start automatically on boot.

  • Install PHP 8.1 by adding the ondrej/php PPA repository and running:
sudo add-apt-repository ppa:ondrej/php
sudo apt update
sudo apt install php8.1-fpm
  • Confirm the installation by typing y and hitting Enter.
  • Check the status of PHP by running:
sudo systemctl status php8.1-fpm

You should see an output like this:

● php8.1-fpm.service - The PHP 8.1 FastCGI Process Manager
     Loaded: loaded (/lib/systemd/system/php8.1-fpm.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2021-11-17 09:18:12 UTC; 1min 7s ago
       Docs: man:php-fpm8.1(8)
    Process: 1119 ExecStartPost=/usr/lib/php/php-fpm-socket-helper install /run/php/php-fpm.sock /etc/php/8.1/fpm/pool.d/www.conf 81 (code=exited, status=0/SUCCESS)
   Main PID: 1118 (php-fpm8.1)
     Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/sec"
      Tasks: 3 (limit: 1137)
     Memory: 8.2M
     CGroup: /system.slice/php8.1-fpm.service
             ├─1118 php-fpm: master process (/etc/php/8.1/fpm/php-fpm.conf)
             ├─1120 php-fpm: pool www
             └─1121 php-fpm: pool www

Nov 17 09:18:12 ubuntu-s-1vcpu-1gb-nyc1-01 systemd[1]: Starting The PHP 8.1 FastCGI Process Manager...
Nov 17 09:18:12 ubuntu-s-1vcpu-1gb-nyc1-01 systemd[1]: Started The PHP 8.1 FastCGI Process Manager.

This means that PHP is running and enabled to start automatically on boot.

You have successfully installed Nginx and PHP 8.1 on your server.


Step 3: Configuring Nginx with One Virtual Host - www.example.com

The next step is to configure Nginx with one virtual host - www.example.com. A virtual host is a configuration file that defines the settings and behavior of a website hosted on the same server. You can create multiple virtual hosts for different domains or subdomains, and Nginx will serve the appropriate website based on the request.

To configure Nginx with one virtual host - www.example.com, follow these steps:

  • Create a directory for your website’s files by running:
sudo mkdir -p /var/www/example.com
  • Change the ownership of the directory to your user by running:
sudo chown -R $USER:$USER /var/www/example.com
  • Create a sample index.php file in the directory by running:
nano /var/www/example.com/index.php
  • Paste the following code in the file and save it:
<?php
echo "Hello, world!";
?>
  • Create a configuration file for your virtual host by running:
sudo nano /etc/nginx/sites-available/example.com
  • Paste the following code in the file and save it:
server {
    listen 80;
    listen [::]:80;

    root /var/www/example.com;
    index index.php index.html index.htm;

    server_name example.com www.example.com;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php8.1-fpm.sock;
    }
}

This code tells Nginx to listen on port 80 for both IPv4 and IPv6, and to serve the files from the /var/www/example.com directory. It also specifies that the server name is example.com or www.example.com, and that it should use PHP to process any files ending with .php.

  • Enable the virtual host by creating a symbolic link to the configuration file in the /etc/nginx/sites-enabled directory by running:
sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
  • Test the configuration for syntax errors by running:
sudo nginx -t

You should see an output like this:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
  • Reload Nginx to apply the changes by running:
sudo systemctl reload nginx
  • Visit your domain name in your browser and you should see the “Hello, world!” message.

You have successfully configured Nginx with one virtual host - www.example.com.

Step 4: Installing Certbot and Setting Up Automatic Renew SSL Certificates

The final step is to install Certbot and set up automatic renew SSL certificates for your domain. Certbot is a tool that automates the process of obtaining and renewing SSL certificates from Let’s Encrypt, a free and trusted certificate authority. SSL certificates enable HTTPS, which encrypts the communication between the web server and the clients, and also verifies the identity of the website.

To install Certbot and set up automatic renew SSL certificates for your domain, follow these steps:

  • Add the Certbot PPA repository by running:
sudo add-apt-repository ppa:certbot/certbot
sudo apt update
  • Install Certbot by running:
sudo apt install certbot python3-certbot-nginx
  • Confirm the installation by typing y and hitting Enter.
  • Run Certbot and follow the interactive prompts by running:
sudo certbot --nginx
  • Enter your email address and agree to the terms of service.
  • Choose whether to share your email address with the Electronic Frontier Foundation, a non-profit organization that defends digital rights.
  • Select your domain name from the list of available domains.
  • Choose whether to redirect HTTP traffic to HTTPS or not.
  • Wait for Certbot to obtain and install the SSL certificate for your domain.
  • You should see a message like this:
Congratulations! You have successfully enabled https://example.com and
https://www.example.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=example.com
https://www.ssllabs.com/ssltest/analyze.html?d=www.example.com
  • Visit your domain name in your browser and you should see a padlock icon in the address bar, indicating that your website is secure.
  • Check the status of Certbot by running:
sudo certbot renew --dry-run

You should see an output like this:

Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for example.com
http-01 challenge for www.example.com
Waiting for verification...
Cleaning up challenges

new certificate deployed with reload of nginx server; fullchain is
/etc/letsencrypt/live/example.com/fullchain.pem

** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates below have not been saved.)

Congratulations, all renewals succeeded. The following certs have been renewed:
  /etc/letsencrypt/live/example.com/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
**          (The test certificates above have not been saved.)

This means that Certbot is working and will automatically renew your SSL certificates before they expire.

You have successfully installed Certbot and set up automatic renew SSL certificates for your domain.

Conclusion

You have learned how to set up a web server on Ubuntu using Nginx, PHP 8.1, and Certbot. You have also learned how to configure Nginx with one virtual host - www.example.com, and how to secure your website with SSL certificates from Let’s Encrypt. You can now use your web server to host your own website or web application, and enjoy the benefits of speed, security, and scalability.

I hope this blog post has helped you understand the steps and concepts involved in setting up a web server on Ubuntu. If you have any questions or feedback, please feel free to leave a comment below. Thank you for reading. 😊

post image
post image
post image
post image

Top rated comment:

Make your comment up here!

Leave a comment

Posting, please wait...
Please type a message first!

You may also like:

D o you want to connect with people who share your interests, passions, and goals? Do you want to express yourself, showcase your talents, and discover new opportunities? Do you want to enjoy a safe and enjoyable platform that offers everything you need for your daily computing needs? If you answered yes to any of these questions, then you should join NXplan.com, the new all-in-one social platform that features blog, messaging, chat, inbox, and marketplace.

NXplan.com is more than just a social network.

It’s a social ecosystem that allows you to create, communicate, and collaborate with others in a variety of ways. You can:
Create your own blog and share your thoughts, opinions, and experiences with the world. You can also follow other bloggers and get inspired by their content. Message your friends and family and stay in touch with them. You can also make new friends and join groups that match your interests.
Chat with other users and have fun conversations. You can also join live events and webinars and learn from experts and influencers. Manage your inbox and organize your emails. You can also send and receive files, photos, and videos with ease. Explore the marketplace and find products and services that suit your needs. You can also sell your own products and services and earn money.

NXplan.com is designed to provide you with a safe and enjoyable platform that respects your privacy and security.

You can: Control your own data and decide who can see and access your information. Report and block any abusive or inappropriate content or users. Enjoy a spam-free and ad-free environment that does not track or sell your data. Access the platform from any device and any browser, without any downloads or installations. NXplan.com is free to join and use, and you can get started in minutes. All you need is a valid email address and a password. You can also customize your profile and settings to make it your own.

Ready to give it a try?

Join NXplan.com today and discover a new way of socializing online. You’ll be amazed by what you can do and who you can meet on NXplan.com. Don’t miss this opportunity to join the next big thing in social media. Register now and start your NXplan journey.

Technology is nothing. What's important is that you have a faith in people, that they're basically good and smart, and if you give them tools, they'll do wonderful things with them

Steven Jobs

post image
post image
CameraPHOTOGRAHYTIPS

Share:

avatar
peterking1697923543

Guest user