Call us Toll-Free:
1-800-218-1525
Live ChatEmail us

 Sponsors

Installing Nginx Web Server w/ PHP and SSL

Kyle Deneen, 02-07-2008
Today we decided to install a very fast and light web server daemon known as Nginx. We used the following source: http://sysoev.ru/nginx/nginx-0.5.35.tar.gz.

After downloading the source and decompressing, the first thing you'd want to do is add the SSL configuration option in the call to configure. You may also need to specify to the configure script where OpenSSL source is located on the filesystem (where you untarred the source, not where it is installed). You can do this with --with-openssl=/path/to/opensslsrc

./configure --with-http_ssl_module --with-openssl=/path/to/opensslsrc

You can find additional configure options here

Next up are the make and install

make;
make install;

At this point, the bare-bones Nginx webserver should be installed on your server. Because this may be a live server, at this point it would be a good idea to make sure the configuration file for the server (/usr/local/nginx/conf/nginx.conf on our machine) runs on a different port than the current webserver. This way you can test it and make sure everything is working before making the switch. This will help eliminate any down-time. You can also take this opportunity to set up the SSL in the configuration and get FastCGI support ready for PHP.

In order to run PHP with Nginx, you need FastCGI support. The easiest way to get FastCGI working with PHP, is to use spawn-fcgi, a program that is distributed with lighthttpd.

First you have to make (not install) lighttpd, as spawn-fcgi comes with that software. You can download lighttpd from this link: http://www.lighttpd.net/download/lighttpd-1.4.19.tar.gz and then extract it with "tar xvzf"

After downloading and extracting lighttpd:

./configure
make
make install

spawn-fcgi should show up in /usr/local/bin/ or somewhere similar. Once installed, you will want to run this process with something like this:

/usr/local/bin/spawn-fcgi -f /usr/local/bin/php-fcgi -p 8888 -u user -g group

You will want to replace /usr/local/bin/php-fcgi with the path to your PHP fcgi binary. To check if your PHP binary or binaries are fcgi compatible, run the binary with -v flag. For instance:

/usr/local/bin/php -v

If you see [cgi] and not [fast-cgi] then your PHP was not built with support for fast-cgi. If that's the case, download PHP and rebuild it with support for FastCGI:

wget "http://il.php.net/get/php-4.4.8.tar.bz2/from/us.php.net/mirror"
tar -xjvf php-4.4.8.tar.bz2
cd php-4.4.8
make clean
./configure --enable-mbstring --enable-mysql --with-mysql=/usr/local/bin --with-mysql-sock=/tmp/mysql.sock --enable-fastcgi --with-curl --with-sockets
make
sudo make install

Once the output of "/usr/local/bin/php -v" includes the fastcgi string, you're ready to move forward.

You will have to update your nginx conf file to pass php files to this process, something like this:

location ~ .php$ {
fastcgi_pass 127.0.0.1:8888;
fastcgi_index index.php;
include /etc/nginx/fastcgi.conf;
fastcgi_param SCRIPT_FILENAME /path/to/docroot/$fastcgi_script_name;
}

Contents of /etc/nginx/fastcgi.conf:

fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;

Once FastCGI PHP support is installed, the last thing to do is enable SSL. This is achieved using another server definition within the nginx conf file:

# HTTPS server
#
server {
listen 443;
server_name domain.com;
server_name_in_redirect off;

ssl on;
ssl_certificate /path/to/certificate.crt;
ssl_certificate_key /path/to/sslkey.key;

ssl_session_timeout 5m;

# specify server root
location / {
root html;
index index.html index.htm;
}

# pass php to fcgi
location ~ .php$ {
fastcgi_pass 127.0.0.1:8888;
fastcgi_index index.php;
include /etc/nginx/fastcgi.conf;
fastcgi_param SCRIPT_FILENAME /path/to/docroot/$fastcgi_script_name;
}
}

At this point, you should have your Nginx web server running, with SSL and PHP support. Now you can take some time to set up virtual hosts, custom error pages, etc. Anytime you want to refresh Nginx with a new configuration, use this command:

kill -HUP `cat /usr/local/nginx/logs/nginx.pid`

Enjoy nginx!

tob, 02-07-2008
Rad tutorial - I installed this 6 months ago and I spent hours googling and finally figured it out. NGinx, pronounced "engine x" , is awesome for basic stuff and mad fast for php. Apache is a beast compared to this light weight russian webserver.

gregf, 02-11-2008
Nice write up. Right when I need it

Pari Gandhi, 02-12-2008
how does this compare against lighttpd?

Mike Peters, 02-13-2008
NGinx is slightly faster and a lot more stable.

Lighttpd suffers from memory leaks causing the web server to eventually crash (and restart). NGinx is leak free.

eyajuda, 03-03-2008
Honestly, its a great one. We are actually in a windows company and most of our hosting has been on outsourced, but we have grown now and are about to build a heavy traffic site, bearing in mind the need to move to a more stable and reliable platform we are evaluating linux and freebsd, we want to move to Nginx against apache based on what we have read interms of resources and performance. We are looking at Ubuntu linux as a way to ease our movement to linux rather than freebsd, are we on course? and more importantly can you do represent this your tutorial like for a newbee pls?

Mike Peters, 03-03-2008
Eyajuda,

We don't have any experience with Ubuntu as a production server. We use it internally in the office but I would recommend you stick to FreeBSD or RedHat for your production servers.

Installing NGinx on FreeBSD or RedHat is a snap. We've done it so many times and would be happy to help in case you'd like us to take care of it for you.

Mike Peters, 03-04-2008
Some tips about difference in behavior between NGinx and Apache:

NGinx doesn't like session parameters in php.ini. You'll have to comment these lines in your /usr/local/lib/php.ini file:

; session.save_handler = files
; session.save_path = /tmp
; extension=session.so

If you're doing 404 redirects, make sure you add these two lines to the /usr/local/nginx/conf/nginx.conf:

# set 404 error page
error_page 404 = /notfound.php;
fastcgi_intercept_errors on;

Here's a complete virtual host entry from our nginx.conf file:

# virtual host entry for spilnk.com
server {
listen 80;
server_name myemaildesk.com www.myemaildesk.com;

# pass all scripts to FastCGI server listening on 127.0.0.1:9000
#
location / {

# set 404 error page
error_page 404 = /notfound.php;

# set the doc root
root /home/myemaildesk/htdocs/;

# pass scripts to FastCGI
fastcgi_pass 127.0.0.1:8888;
fastcgi_index index.php;
include /etc/nginx/fastcgi.conf;
fastcgi_param SCRIPT_FILENAME /home/myemaildesk/htdocs/$fastcgi_script_name;
fastcgi_intercept_errors on;
}


}

Mike Peters, 04-10-2008
To avoid memory leaks, it is a good idea to setup FastCGI to automatically die and restart every 1,000 requests.

To do that, add the lines below to your FastCGI startup script:

## bind to unix domain socket
# FCGISOCKET="/tmp/php.sock"
## number of PHP childs to spawn
PHP_FCGI_CHILDREN=10

## number of request server by a single php-process until
## is will be restarted
PHP_FCGI_MAX_REQUESTS=1000

mike, 04-12-2008
Use php-fpm for FastCGI management.

It's a patch for PHP. It also includes some other enhancements to the built-in FastCGI SAPI. Andrei is hopefully going to get it in to the PHP core when he considers it feature complete and solid.

I'm running it right now on all my servers, from a few hundred reqs/day to a few hundred reqs/second. Piece of cake. Properly enforces PHP_FCGI_MAX_REQUESTS behavior too. Enables multiple FastCGI pools for different users (for a shared environment)

It's what I've been waiting for as I do hosting for a handful of clients and have been having to manually setup each of their FastCGI pools myself... also when it's feature complete it will do Apache style process management to create and kill additional engines as configured. No more being stuck with static engine counts!

mike, 04-12-2008
Oh I should have said - I have found that spawn-fcgi does not properly enforce the PHP_FCGI_MAX_REQUESTS behavior, at least on my versions of PHP (all 5.x's)

Manually setting the environment variables and then using sudo -u user /usr/local/bin/php-cgi -b port# works perfectly though (I was using upstart on Ubuntu or init on Debian to launch engines, until I found php-fpm :))

Mike Peters, 10-14-2008
If you want to allow users using subdomains, very important to have this line at the top of your nginx.conf:


    server_name_in_redirect off
;

Bhavya Kamboj, 06-21-2010
I am new to server side scripting, planning to setup a vps, how can i install this? can anyone provide support for all the scripting(even premium one)

also which hosting will you suggest for wordpress mu?

VPSLIST, 09-04-2011
I had php-cgi randomly dying on a decent sized VPS running Ubuntu, nginx, php-cgi and MySQL. I changed PHP_FCGI_MAX_REQUESTS=5000, which is the default in Debian and Ubuntu, to PHP_FCGI_MAX_REQUESTS=500.

I'll try it out, see what happens and report back very soon because with php-cgi dying and not restarting, it was killing a lot of my PHP dependent client's websites when a lot of them didn't even notice.
Enjoyed this post?

Subscribe Now to receive new posts via Email as soon as they come out.

 Comments
Post your comments












Note: No link spamming! If your message contains link/s, it will NOT be published on the site before manually approved by one of our moderators.



About Us  |  Contact us  |  Privacy Policy  |  Terms & Conditions