Q. How do I configure Nginx Web server for virtual hosting (host multiple websites under same IP address – name based virtual hosting)?
A. Nginx allows you to host more than one domain name on the same computer and on the same IP address. There are two basic methods of accomplishing virtual hosting: name-based, and IP address or ip-based. This tutorial covers name-based virtual hosting i.e.
you can hosts multiple websites (host names) for the same webserver IP address.
Nginx name-based virtual hosting configurations
You need to create directory structure as follows to host more than two websites under same IP address:
a] /websites : Host each domain under this directory. You need to create dirs as follows:
- /websites/examples.com/http – Html / php / wordpress / forums files for example.com goes here.
- /websites/examples.com/logs – Log files for example.com goes here.
- /websites/examples.com/stats – awstats stats files for example.com goes here.
b] /usr/local/etc/nginx/vhosts: Host each domains configuration under this directory.
Your sample setup
- IP address: 202.54.1.2
- HTTP Port: 80
- Domain1 : theos.in hosted at /websites/theos.in/http
- Domain2 : cyberciti.biz hosted at /websites/cyberciti.biz/http
Create necessary directories
Type the following commands:
# D=/websites
# NROOT=/usr/local/etc/nginx
# mkdir $D
# mkdir $NROOT/vhosts
# mkdir /var/log/nginx/
# chown root:www /var/log/nginx/
Create / update default cache all ngnix config file
Open /usr/local/etc/nginx/nginx.conf file, enter:
# vi /usr/local/etc/nginx/nginx.conf
Update it as follows:
user www www; worker_processes 1; # main server error log error_log /var/log/nginx/error.log ; pid /var/run/nginx.pid; events { worker_connections 1024; } # main server config http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] $request ' '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; gzip on; # default server for ip 202.54.1.2 server { listen 202.54.1.2:80 default; server_name _; access_log /var/log/nginx/access.log main; server_name_in_redirect off; location / { index index.html; root /usr/local/www/nginx; } } # virtual hosting include /usr/local/etc/nginx/vhosts/*; } |
Where,
- user www www; :: Setup user and group name for Nginx server.
- worker_processes 1; :: nginx has the ability to use more than one worker process for large systems such as SMP system with tons of ram.
- error_log /var/log/nginx/error.log ; :: Default error log file.
- pid /var/run/nginx.pid; :: Default PID file.
- include mime.types; :: Set Multipurpose Internet Mail Extensions (MIME) for www communication from mime.types files.
- default_type application/octet-stream; :: Set default header media type of the message content
- log_format main ‘$remote_addr – $remote_user [$time_local] $request ‘
‘”$status” $body_bytes_sent “$http_referer” ‘
‘”$http_user_agent” “$http_x_forwarded_for”‘; :: Directive log_format describes the format of a log entry. - sendfile on; :: Activate the usage of sendfile().
- tcp_nopush on; :: This directive permits or forbids the use of the socket options TCP_NOPUSH on FreeBSD or TCP_CORK on Linux. This option is only available when using sendfile.
- keepalive_timeout 65; :: Set keep alive timeout.
- gzip on; :: Turn on gzip
- listen 202.54.1.2:80 default; :: Listen to given IP:port.
- server_name _; :: Assigns the names of virtual server.
- access_log /var/log/nginx/access.log main; :: Set path to access file.
- index index.html; :: Set default index file.
- root /usr/local/www/nginx; :: Set default document root.
- include /usr/local/etc/nginx/vhosts/*; :: Process all vhosts config files.
Create theos.in – 1st vhost directories
Type the following commands:
# mkdir $D/theos.in/{http,logs,stats}
# chown -R theosftpuser:theosftpgroup $D/theos.in/
Replace, username:groupname and domain name as per your setup.
theos.in Nginx virtual host config file
Open /usr/local/etc/nginx/vhosts/theos.in.conf file, enter:
# vi $NROOT/vhosts/theos.in.conf
Append configuration as follows:
server { listen 80; server_name theos.in www.theos.in; access_log /websites/theos.in/logs/access.log main; location / { root /websites/theos.in/http; index index.php index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/www/nginx-dist; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /websites/theos.in/http$fastcgi_script_name; include fastcgi_params; } location ~ /\.ht { deny all; } } |
Save and close the file.
Create cyberciti.biz – 2nd vhost directories
Type the following commands:
# mkdir $D/cyberciti.biz/{http,logs,stats}
# chown -R user:group $D/cyberciti.biz/
cyberciti.biz Nginx virtual host config file
# vi $NROOT/vhosts/cyberciti.biz.conf
Append configuration as follows:
server { listen 80; server_name cyberciti.biz www.cyberciti.biz; access_log /websites/cyberciti.biz/logs/access.log main; location / { root /websites/cyberciti.biz/http; index index.php index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/www/nginx-dist; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /websites/cyberciti.biz/http$fastcgi_script_name; include fastcgi_params; } location ~ /\.ht { deny all; } } |
Save and close the file. Restart Nginx web server, enter:
# nginx -c /usr/local/etc/nginx/nginx.conf -t
# /usr/local/etc/rc.d/nginx restart
7 comment
Your log format is completely wrong, Your missing the quotes on $request, thanx for creating 4 gigs of logs I now have to convert…
Since the vhost dirs are are owned by theosftpuser and under theosftpgroup wont nginx have a problem writing the access logs in there?
@symbol,
There is only one error log in above config which is owned by nginx user itself.
I was refering to the access log (the dir /websites/theos.in/logs is owned by theosftpuser and under theosftpgroup)
access_log /websites/theos.in/logs/access.log main;
I just tried this out n it seems nginx writes the access log but the created file is owned by root. Could this lead to a potential security risk
Naa, nginx main process controlled by root and worker process run as nginx user (run pgrep -u ngixn nginx and pgrep nginx to verify this) . This is NGINX architecture, there is not much you can do about it.
I’m receiving the following failure when checking my configs;
# /usr/sbin/nginx -c /etc/nginx/nginx.conf -t
2010/08/26 22:30:29 [emerg] 5920#0: “server” directive is not allowed here in /etc/nginx/vhosts/blerg.com.conf:1
2010/08/26 22:30:29 [emerg] 5920#0: the configuration file /etc/nginx/nginx.conf test failed
Any suggestions?
Let’s say I have digitalocean box, I would like to make some tiny tests, but I do not yet have a domain name.
I would like to know, is there a way to have two nginx server blocks with only one public ip address? Or am I am obliged to buy a domain name first?
Thanks a lot for the clear explanations.