Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
stylenone

Overview

This document explains how to install Nginx on a server that runs cPanel & WHM and EasyApache 4. Nginx is an open source web server that also provides a reverse proxy, load balancing, and caching. It functions very differently from Apache. Nginx does not serve dynamic content unless you pass it through a proxy. 

Warning
titleWarning:

Nginx is experimental. You must install the Experimental Repository to use it.

Requirements

To install Nginx on your server, you must meet the following requirements:

  • Run EasyApache 4.
  • Install the Experimental Repository. Use the following command to install this repository:

    Code Block
    languagebash
    yum install ea4-experimental


  • Possess root user access to the server.
  • Use PHP-FPM as the server's PHP handler.

Compatibility

Nginx takes the place of Apache as the primary web server. The installation will move Apache away from its default ports in favor of Nginx.

For more information, read the Nginx configuration changes section below. 

Note
titleNote:

You can still use Apache to serve dynamic content, but must proxy your requests to the server.

Install or uninstall Nginx

Install

Note

If the Experimental Repository does not already exist on your server, install it with the following command:

Code Block
yum install ea4-experimental



To install Nginx, run the following command on the command line:

Code Block
languagebash
yum install ea-nginx

Uninstall

To uninstall Nginx, run the following command on the command line:

Code Block
languagebash
yum erase ea-nginx

The Nginx installation 

When you install cPanel & WHM's version of Nginx, the install process will move your server's Apache installation to different ports.

Note
titleNote:

The process will only change your Apache ports if your Apache configuration uses the default ports of 80 and 443.

The following features will work with Nginx without any further action by the user:

  • Static content.

    Note
    titleNote:

    You must proxy any dynamic content to Apache.


  • The MultiPHP system. 
  • Wordpress
  • Mailman
  • AutoSSL
  • Proxy subdomains and redirects.
Warning
titleImportant:

The MultiPHP system and Wordpress will only work if you use PHP-FPM.


Anchor
configuration
configuration
Nginx configuration changes

When you install Nginx on your server, the install process makes several changes to your system. 

Most notably, the installation will move Apache to no longer act as the primary web server. Because of this, the Nginx installation will create proxies for MailMan and AutoSSL. 

Configuration files

The system creates the /etc/nginx/conf.d/ea-nginx.conf configuration file. 

Custom configurations

Warning
titleWarning:
  • Don't edit any of the files that Nginx owns. Changing these files may result in unexpected behavior.
  • If you create custom configuration files, you may change Nginx behavior in undesired ways. For example, if your custom block matches the PHP block, the server may serve the source code instead of PHP.

If you want to customize the server blocks for Nginx, create an include file that ends in .conf in the appropriate location. A server block is the same thing as a virtual host in Apache. 

For more information about server blocks, including examples, read Nginx's Server Block Examples documentation. 

Note
titleNote:

Don't use cpanel- as the prefix for any custom files you create.

Global configuration

Place any global .conf files that you create in the following directory:

Code Block
/etc/nginx/conf.d/


If you want to adjust every server block on your server, create your .conf file in the following directory: 

Code Block
languagebash
/etc/nginx/conf.d/server-includes/


User configuration

Note
titleNote:

In the following examples, username represents the username, and fqdn represents the fully qualified domain name.

This fully qualified domain name must be one of the following:

  • The server block's main domain.
  • The server block's subdomain for addon domains and their subdomains.
  • The server block's subdomain for subdomains that are not addon domains.


If you want to customize every server block that a user owns, create your .conf file in the following directory: 

Code Block
/etc/nginx/conf.d/users/username/

To customize a specific server block for a specific domain, create your .conf file in the following directory:

Code Block
/etc/nginx/conf.d/users/username/fqdn/

If you want use the same .conf file in multiple locations, place your file in the following directory. Make sure that you also reference the file with an include directive in the file that you want to use it in.

Code Block
/etc/nginx/conf.d/server-includes-optional/

Apache configuration

The Nginx installation makes the following changes to your Apache configuration:

  • Moves the Apache port to the first available port under 1024. This will usually be port 81. You must proxy any applications that are not static to Apache. 
  • Moves the Apache SSL port to the first available port under 1024. This will usually be port 444.

    Note
    titleNote:

    Your Apache ports will only change if your configuration uses the default ports 80 and 443. The installation ignores custom port numbers.


  • Adds the following to the /etc/nginx/conf.d/ea-nginx.conf file:

    Code Block
    languagebash
    linenumberstrue
    map $host $CPANEL_APACHE_PROXY_IP {
            default 127.0.0.1;
        }   
    map $host $CPANEL_APACHE_PROXY_PORT {
            default 81; 
        }   


Run Nginx

To stop or restart Nginx, use the /usr/local/cpanel/scripts/restartsrv_nginx script.

We strongly recommend that you only use the cPanel script or WHM's Service Manager interface (WHM >> Home >> Service Configuration >> Service Manager) to restart Nginx.

To use the CentOS6 or CentOS 7 restart commands to restart Nginx, you must use the reload option to ensure a graceful restart. Use one of the following commands:

  • CentOS 6 — /etc/init.d/nginx reload
  • CentOS 7 — systemctl reload nginx.service

For more information, read our How to Restart Services documentation. 

Configure a user

To configure a user in Nginx, run the /usr/local/cpanel/scripts/ea-nginx script. This script generates the user configuration file for each user.

To set up a user, run the following command, where username represents the username:

Code Block
languagebash
/usr/local/cpanel/scripts/ea-nginx config username

The script creates the .conf file in the following location, where username represents the username:

Code Block
languagebash
/etc/nginx/conf.d/users/username.conf


Warning
titleImportant:

You must run the /usr/local/cpanel/scripts/ea-nginx script whenever you create or change a user to update the user configuration. This includes any changes to subdomains or addon domains or changes to the PHP version.

Limitations

If one of your domains matches a proxy domain, the system will warn you that it will ignore conflicting duplicate entries. This conflict may result in unexpected behavior. 

Security concerns

When you use Nginx, your ModSecurity™ rules will not apply. 

Any restrictions set in an .htaccess file will not apply. For example, if you password-protected a directory, the protection will not work. 

If you create an alias, make certain that your path's location ends with a trailing slash (/). If your path does not end with a /, then your path is vulnerable to a path traversal exploit

For more information, read the Nginx Security Advisories documentation. 

Troubleshooting

Could not build the server_names_hash

You may receive an error that resembles the following message:

Code Block
linenumberstrue
could not build the server_names_hash,
you should increase either server_names_hash_max_size: 512
or server_names_hash_bucket_size: 32

If you receive this error message, increase the value of the following directives in the /etc/nginx/conf.d/ea-nginx.conf and the /etc/nginx/conf.d/settings.json files:

  • server_names_hash_max_size
  • server_names_hash_bucket_size

For more information, read the Nginx Server Names documentation. 

Nginx will not restart

If you used the nginx command to start Nginx, then the /usr/local/cpanel/scripts/restartsrv_nginx  and systemctl restart nginx.service commands will not work. To correct this, perform the following steps: 

  1. Stop the service with the /usr/sbin/nginx -s stop command.
  2. Restart Nginx with one of the following commands:
    • /usr/local/cpanel/scripts/restartsrv_nginx start
    • systemctl start nginx.service
    • /etc/init.d/nginx start

Additional documentation

Localtab Group


Localtab
activetrue
titleSuggested documentation

Content by Label
showLabelsfalse
max5
showSpacefalse
cqllabel in ("ea4","nginx","apache") and label = "whm" and space = currentSpace()


Localtab
titleFor cPanel users

Content by Label
showLabelsfalse
max5
showSpacefalse
cqllabel in ("ea4","nginx","apache") and label = "cpanel" and space = "ALD"


Localtab
titleFor WHM users

Content by Label
showLabelsfalse
max5
showSpacefalse
cqllabel in ("ea4","nginx","apache") and label = "whm" and space in ("ALD","CKB")


Localtab
titleFor developers

Content by Label
showLabelsfalse
max5
showSpacefalse
cqllabel in ("ea4","nginx","apache") and space = "DD"