Part 2 of 7 in "Self-Hosting WordPress"

  1. Self-Hosting WordPress – Ubuntu
  2. Self-Hosting WordPress – Nginx
  3. Self-Hosting WordPress – MariaDB
  4. Self-Hosting WordPress – PHP
  5. Self-Hosting WordPress – SSL
  6. Self-Hosting WordPress – Installation
  7. Self-Hosting WordPress – Performance

Nginx or Apache?

Apache has been around since 1995 and powers more websites than any other software. However, under heavy load performance hits a bottleneck and ultimately suffers. Nginx, Engine X, was designed to address some of these issues. If you’ve been on a shared host, chances are you’ve been using Apache. We’re going to setup Nginx – hey, performance matters. We might as well do it right, right? 

The first thing you’re going to want to do is ssh into your server.

ssh yourname@server_ip

Nginx is part of the Ubuntu core repositories, which means we can use the apt package manager for a sleek installation.

sudo apt-get update
sudo apt-get install nginx

The first thing we’re going to want to do is update the local index before installing nginx. You’ll be asked to confirm the installation. Type Y to begin.

You’ve just installed Nginx . Now to configure the firewall we setup earlier… Luckily, Nginx has already registered itself to ufw so all we need to do is “turn it on”.

sudo ufw allow 'Nginx HTTP'

It’s always worthwhile verifying it’s worked…

sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                  
Nginx HTTP                 ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)             
Nginx HTTP (v6)            ALLOW       Anywhere (v6)

Load up your IP address in your browser.

It looks like that? Awesome, you got it working.

Security

It’s always a good idea to setup appropriate security settings as soon as possible, Nginx is pretty secure. We can, however, change a few settings to tighten things up!

By default Nginx exposes the version information about itself in response headers…

server: nginx/1.10.0 (Ubuntu)

If a security vulnerability is found, bots can easily scrape your site for the version and target you automatically. Let’s make it harder for them!

sudo nano /etc/nginx/nginx.conf

In the http section you will see:

# server_tokens off;

Uncomment it by removing the hash.

server_tokens off;

And now it’ll just say “nginx”. Much better!

You now have Nginx serving static files. If your website was just HTML and required no database or processing then you’d be finished right about now!

Continue reading "Self-Hosting WordPress"

There are currently no comments.