Call us Toll-Free:
1-800-218-1525
Live ChatEmail us
Recent Posts
Basics
Get Online
Traffic
Conversion
Content
Programming
Analytics
SoftwareProjects
Tools

 Sponsors

How to setup web server vhost + FTP account on NGinx and ProFTPD

Adrian Singer, 08-26-2009
As part of this post I will walk you through the process of setting up shared hosting, using an NGinx web server, ProFTPD ftp and Bind DNS.

Before you get started, you're going to need three things:

* Domain name to setup vhost under
* A dedicated ip address to use for the vhost
* Select username and password for ftp

Step 1 - Point to DNS servers

Login to your domain registrar (GoDaddy, eNom etc.), click on the designated domain and then update the DNS servers managed by this domain to DNS servers that you control.

Here at SPI, we use AlwaysUpDNS, so the two DNS servers to setup with the new domain, are going to be:

dns1.alwaysupdns.com
dns2.alwaysupdns.com

Once you update the DNS servers, it may take anywhere from 1 to 48 hours for the changes to propagate.

To check whether or not DNS propagated, you can run this command

dig mydomainname.com

Step 2 - Setup DNS hosting

Add new DNS hosting entry for the designated domain.

Here at SPI we use a custom version of Bind, so the way this is done is:

(a) Create a copy of a template 'blank' DNS hosting record

cp /etc/alwaysupdns/template.dns /etc/alwaysupdns/mydomainname.dns

Replace mydomainname with the domain name

The end file should look like this:

$TTL 60

@ IN SOA mydomain.com. mydomain.com. (
20090710 ; Serial number
60 ; Refresh
900 ; Retry
864000 ; Expire
60 ; Min TTL
)

; A record (web browsers go here)
@ IN A 1.2.3.4

; Email server
mydomain.com. MX 10 mx1.softwareprojects.com.

; DNS Servers
@ IN NS dns1.alwaysupdns.com.
@ IN NS dns2.alwaysupdns.com.

(b) Edit /etc/alwaysupdns/mydomainname.dns in your favorite editor and update the A record to point to the new dedicated ip address (replacing 1.2.3.4).

Also while you're at it, replace all occurrences of 'mydomain' with your domain name.

You can leave everything else as is.

(c) Edit /var/named/etc/namedb/named.conf and add this block to the end of the file

zone "mydomain.com"
{
type master;
file "/etc/alwaysupdns/mydomain.dns";

allow-transfer { 204.13.249.76; 208.78.69.76; 91.198.22.76; 203.62.195.76; };
};

Replace 'mydomain' everywhere with the domain name.

The zone-trafser details, make it possible to use DynDNS as a secondary level dns server.

(d) Restart Bind DNS by issuing:

killall named
named

(e) Test Bind is returning the correct response:

nslookup
server dns1.alwaysupdns.com
set q=a
mydomain.com

Step 3 - Add vhost record to Nginx

Open the NGinx config file (/usr/local/nginx/conf/nginx.conf) in your favorite editor and add this section to the bottom of the file, right before the closing }

# MyDomain
server {
listen 1.2.3.4:80;
server_name www.mydomain.com *.mydomain.com;
server_name_in_redirect off;

# set regular docroot
location /
{
root /home/mydomain.com/;
index index.php index.html index.htm;
}

location ~* \.(php)$
{
fastcgi_intercept_errors on;

fastcgi_pass backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /home/mydomain.com/$fastcgi_script_name;
include /etc/nginx/fastcgi_top.conf;
fastcgi_param DOCUMENT_ROOT /home/mydomain.com;
include /etc/nginx/fastcgi_bottom.conf;
}

}

Replace 1.2.3.4 with the new dedicated ip address

Replace mydomain with the new domain name and create a new folder under /home/mydomain.com to host the new site

Once done, tell NGinx to reload its config file, by issuing

kill -HUP `cat /usr/local/nginx/logs/nginx.pid`

Step 4 - Create FTP user

First we have to create a system user, by issuing an adduser and providing a username and password you've preselected for this website.

Be sure to specify the folder as /home/mydomain.com (replacing mydomain with the chosen domain) and enter ftponly as the new user shell.

For example:

adduser

Username: mydomain
Full name: My Domain
Uid (Leave empty for default):
Login group [mydomain]:
Login group is mydomain. Invite mydomain into other groups? []:
Login class [default]:
Shell (sh csh tcsh bash rbash ftponly nologin) [sh]: ftponly
Home directory [/home/mydomain]: /home/mydomain.com
Home directory permissions (Leave empty for default):
Use password-based authentication? [yes]:
Use an empty password? (yes/no) [no]:
Use a random password? (yes/no) [no]:
Enter password:
Enter password again:
Lock out the account after creation? [no]:
Username : mydomain
Password : *****
Full Name : My Domain
Uid : 1031
Class :
Groups : mydomain
Home : /home/mydomain.com
Home Mode :
Shell : /sbin/ftponly
Locked : no
OK? (yes/no): yes
adduser: INFO: Successfully added (mydomain) to the user database.

Step 5 - Jail FTP user

To prevent the FTP user from gaining access to any other folders on this server, we need to jail the user to the home directory for the new domain.

Open ProFTPd config file (/usr/local/etc/proftpd.conf) and locate the block that begins with DefaultRoot

Add this line below, replacing mydomain with the new domain name

DefaultRoot /home/mydomain.com mydomain

Restart ProFTPD by issuing

killall proftpd
/usr/local/etc/rc.d/proftpd.sh

Then connect to the new site via FTP and verify it is working properly, not letting you access any parent folders above the current directory.

Step 6 - Update permissions

The last step is to update the new folder permissions, so that our FTP user will be able to create / delete files.

chown -R mydomain:mydomain /home/mydomain.com/

Replace mydomain with the chosen domain name
Enjoyed this post?

Subscribe Now to receive new posts via Email as soon as they come out.

 Comments
Post your comments












Note: No link spamming! If your message contains link/s, it will NOT be published on the site before manually approved by one of our moderators.



About Us  |  Contact us  |  Privacy Policy  |  Terms & Conditions