DigitalOcean: How To Install Nginx and SSL

5 mins

DigitalOcean Web Server Configuration and Hosting Multiple Websites

69 69 49 77 79 53 61 47 51

555

This article describes how to install Nginx and add SSL to Nginx on DigitalOcean server.

Contents:

Prerequisites
Step 1: Install Nginx
Step 2: Add a custom domain name (optional)
Step 3: Add a SSL certificate to your HTTP to get HTTPS (optional)
Frequently asked questions

Prerequisites

Read this: DigitalOcean Initial Ubuntu Server Setup

Step 1: Install Nginx

# Install nginx
sudo apt-get update
sudo apt-get -y install nginx

# Adjust the firewall to allow http
sudo ufw allow 'Nginx HTTP' # Open port 80

# Modify the website index if you want
sudo nano /var/www/html/index.nginx-debian.html
sudo service nginx restart

Now check your browser by typing your server IP (example: http://your_server_ip). You should see a ‘Welcome to nginx!’ message.

Step 2: Add a custom domain name (optional)

Let’s assume our domain name is www.example.com

Get a domain name from any domain name registrar.
Set up the DNS records for your domain by using a DNS hosting service (which DigitalOcean provides).
Add the domain to your DigitalOcean account:
- Modify the A flag to assign your domain to the right droplet
- Modify the CName flag to allow the www.example.com to link to the domain name (without www).

Step 3: Add a SSL certificate to your HTTP to get HTTPS (optional)

#  Install Certbot
sudo add-apt-repository ppa:certbot/certbot  # press enter
sudo apt-get update
sudo apt-get install python-certbot-nginx

# Modify nginx config file
sudo nano /etc/nginx/sites-available/default
# Find the existing server_name line and replace the underscore, _
server_name example.com www.example.com;
# Verify config is ok
sudo nginx -t
# Reload the new config
sudo systemctl reload nginx

# Allow HTTPS through your firewall
sudo ufw allow 'Nginx Full'
sudo ufw allow 'Nginx HTTP'

# Obtain an SSL Certificate
sudo certbot --nginx -d example.com -d www.example.com

You will be asked to choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. Choose the option 2: Redirect - Make all requests redirect to secure HTTPS access.

You can Set Up Auto-Renewal in crontab. You don’t need to do that because cerbot will take care of this.

# Open crontab
sudo crontab -e
# Add this
15 3 * * * /usr/bin/certbot renew --quiet

The 15 3 * * * part of this line means “run the following command at 3:15 am, every day”. You may choose any time.

Frequently asked questions

How to check the SSL certificate status

Check the SSL certificate status of a given domain/subdomain (here, www.datanovia.com, for example)

Visit this: https://www.ssllabs.com/ssltest/analyze.html?d=www.datanovia.com

How to optimize Nginx configuration

Worker Processes and Worker Connections

Two variables need to be tuned here:

worker_processes: a common practice is to run 1 worker process per core. To figure out what number you’ll need to set worker_processes to, simply take a look at the amount of cores you have on your setup. Use the following bash code:

grep processor /proc/cpuinfo | wc -l

worker_connections: tells our worker processes how many people can simultaneously be served by Nginx. Default value is 768. Check your core’s limitations by using the following bash command:

ulimit -n

On a smaller machine (512MB droplet) this number will probably read 1024, which is a good starting number.

Update your config file as follow

# Open the config file
sudo nano /etc/nginx/nginx.conf

# Add something like this
worker_processes 1;
worker_connections 1024;

Remember, the amount of clients that can be served can be multiplied by the amount of cores. In this case, we can server 1024 clients/second. This is, however, even further mitigated by the `keepalive_timeout directive.

How to Kill a process running on port 80

If you get following error, when you try to start nginx…

Then it means nginx or some other process is already using port 80.

You can kill it using: sudo fuser -k 80/tcp

And then try restarting nginx again:

service nginx start

Recommended for you

This section contains best data science and self-development resources to help you on your path.

Coursera - Online Courses and Specialization

Amazon FBA

Amazing Selling Machine

Free Training - How to Build a 7-Figure Amazon FBA Business You Can Run 100% From Home and Build Your Dream Life! by ASM

Books - Data Science

Our Books

Practical Guide to Cluster Analysis in R by A. Kassambara (Datanovia)
Practical Guide To Principal Component Methods in R by A. Kassambara (Datanovia)
Machine Learning Essentials: Practical Guide in R by A. Kassambara (Datanovia)
R Graphics Essentials for Great Data Visualization by A. Kassambara (Datanovia)
GGPlot2 Essentials for Great Data Visualization in R by A. Kassambara (Datanovia)
Network Analysis and Visualization in R by A. Kassambara (Datanovia)
Practical Statistics in R for Comparing Groups: Numerical Variables by A. Kassambara (Datanovia)
Inter-Rater Reliability Essentials: Practical Guide in R by A. Kassambara (Datanovia)

Others

R for Data Science: Import, Tidy, Transform, Visualize, and Model Data by Hadley Wickham & Garrett Grolemund
Hands-On Machine Learning with Scikit-Learn, Keras, and TensorFlow: Concepts, Tools, and Techniques to Build Intelligent Systems by Aurelien Géron
Practical Statistics for Data Scientists: 50 Essential Concepts by Peter Bruce & Andrew Bruce
Hands-On Programming with R: Write Your Own Functions And Simulations by Garrett Grolemund & Hadley Wickham
An Introduction to Statistical Learning: with Applications in R by Gareth James et al.
Deep Learning with R by François Chollet & J.J. Allaire
Deep Learning with Python by François Chollet

Version: Français

Back to DigitalOcean Web Server Configuration and Hosting Multiple Websites

DigitalOcean Web Server Configuration and Hosting Multiple Websites