Skip to Content

Configure Nginx webserver on Jump server / Bastion host

How to install Nginx on the Ezeelogin SSH jump server?


Overview: This article describes how to install and configure Nginx with PHP-FPM on both Debian 9 and CentOS, tailored for an Ezeelogin SSH jump server setup.


To set up Nginx on your Ezeelogin SSH jump server, follow these step-by-step instructions tailored for both Debian 9 and CentOS environments:

1. Installing Nginx and PHP-FPM on Debian 9:

Step 1(A): Update Packages and Install Nginx with PHP-FPM:

root@gateway:~# apt update ; apt-get install nginx php-fpm 

Step 1(B): Configure Default Nginx Server Block. Open the default configuration file:

root@gateway:~# vi etc/nginx/sites-enabled/default

Step 1(C): We need to make some changes to this file for our site.
The changes that you need to make are in red in the text below. If you prefer, you may just copy and paste everything, then replace the value of server_name & root (Document root) with the appropriate domain name or IP address & Document root: 

# Default server configuration

server {

listen 80 default_server;

listen [::]:80 default_server;

# SSL configuration

# listen 443 ssl default_server;

# listen [::]:443 ssl default_server;

root /var/www/html;

# Add index.php to the list if you are using PHP

indexindex.phpindex.html index.htm index.nginx-debian.html;

server_name (Add your hostname or IP);

location / {

# First attempt to serve request as file, then

# as directory, then fall back to displaying a 404.

try_files $uri $uri/ =404;

}

# pass PHP scripts to FastCGI server

location ~ \.php$ {

include snippets/fastcgi-php.conf;

# # With php-fpm (or other unix sockets):

fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;

# # With php-cgi (or other tcp sockets):

# fastcgi_pass 127.0.0.1:9000;

}

if (!-f $request_filename) {

rewrite ^/(.*)$/ezlogin/index.php?$1 last;

}

# deny access to .htaccess files, if Apache's document root

# concurs with nginx's one

#location ~ /\.ht {

# deny all;

#}

}

Step 1(D): After making the changes, save and close the file.

Step 1(E): Restart Nginx and PHP-FPM Services to make the necessary changes:

root@gateway:~# systemctl reload nginx.service

root@gateway:~# systemctl reload php7.0-fpm.service

Step 1(F): Make sure to install the Ioncube Loader


2. Install & Configure Nginx on Centos:

Step 2(A): Install Nginx and PHP-FPM:

root@gateway:~# yum install epel-release ; yum install nginx

Step 2(B): Install & configure php handler

root@gateway:~# yum install php-fpm

Step 2(C): Open the main php-fpm configuration file with root privileges, search for "cgi.fix_pathinfo=1" and set it to "cgi.fix_pathinfo=0"

root@gateway:~# vi /etc/php.ini

Step 2(D): Set "cgi.fix_pathinfo=0". Save and close the file when you are finished.

cgi.fix_pathinfo=0

Step 2(E): Open the php-fpm pool configuration file www.conf using the editor.

root@gateway:~# vi /etc/php-fpm.d/www.conf

 Step 2(F): Find the line that specifies the listen parameter, and change it so it looks like the following:

listen = /var/run/php-fpm/php-fpm.sock

Step 2(G): Next, find the lines that set the listen.owner and listen.group and uncomment them. They should look like this:

listen.owner = nginx

listen.group = nginx

 Step 2(H): Lastly, find the lines that set the user and group and change their values from "Apache" to "nginx":

user = nginx

group = nginx

 Step 2(I): After making changes save and quit.

 Step 2(J): Start th PHP processor by running the following commands:

root@gateway:~# sudo systemctl enable php-fpm

root@gateway:~# sudo systemctl restart nginx

root@gateway:~# sudo systemctl restart php-fpm 


3. Configure Nginx to Process PHP Pages:

Step 3(A): Open the default Nginx server block configuration file by opening the default configuration file:

root@gateway:~# vi /etc/nginx/conf.d/default.conf

 Step 3(B): We need to make some changes to this file for our site.

The changes that you need to make are in red in the text below. If you prefer, you may just copy and paste everything, then replace the value of server_name & root (Document root) with the appropriate domain name or IP address & Document root:

server   {
listen 80;
server_name server_domain_name_or_IP;

# note that these lines are originally from the "location /" block
root /var/www/html;
index index.php index.html index.htm;

location / {
try_files $uri  $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root  /var/www/html;
}

location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}


if (!-f $request_filename) { rewrite ^/(.*)$ /ezlogin/index.php?$1 last;
}
}

Step 3(C): After making changes save and close the file.

Step 3(D): Restart Nginx to make the necessary changes:

root@gateway:~# systemctl restart nginx

If you have any difficulties contact support.


Related Articles:

502 error on login with nginx.

404 error on login with nginx.