How to install Nginx, PHP 7.3 LEMP Stack on Ubuntu 18.04 LTS with Google Compute Engine and connect with Cloud SQL.

Not using Ubnt 18.04 LTS? Choose a different OS:

Ubuntu 18.04 LTS

CentOS 7

The installation is mostly done via command line so I assume you are comfortable using command line interface.

Prerequisites

Install Nginx

Go to Compute Engine >> VM Instances page, here you will have your instances listed. Click the SSH button to launch the terminal in a new browser window.

Although you have just created your new instance, it is likely that some software packages are out of date. Let’s make sure that you are using the latest software packages.

sudo apt update

Once completed let’s update all the installed packages. You will be prompted with the selection to start the update. Hitting Y and Enter will begin the process.

sudo apt upgrade

Once the upgrade is completed you can proceed to install Nginx

sudo apt install nginx

Once complete, you can confirm that Nginx has been installed by issuing this command

nginx -v

Visit your domain in your browser, you will see the Nginx welcome page.

Now you can secure your instance by setting up firewall and Fail2ban.

Firewall

The firewall provides an additional layer of security to your instance by blocking inbound network traffic. The ufw (Uncomplicated Firewall) package is usually installed by default in Ubuntu 18.04 LTS, so we need to just add the rules which deny all incoming traffics and allow all outgoing traffics. We now add the ports for SSH (22), HTTP (80), HTTPS (443).

sudo ufw allow OpenSSH
sudo ufw allow 'Nginx HTTP'
sudo ufw allow 'Nginx HTTPS'
sudo ufw enable

Fail2ban

This works alongside with ufw and monitors intrusion attempts to your instance and blocks the offending host for a set period of time, so let’s install it now.

sudo apt install fail2ban
sudo service fail2ban start

Configure Nginx

Next, open the Nginx configuration file, which can be found at /etc/nginx/nginx.conf

sudo nano /etc/nginx/nginx.conf

Start by setting the user to the username that you’re currently logged in with. This will make managing file permissions much easier in the future.

The worker_processes directive is the amount of CPU cores your instance. In my case, this is 1.

Uncomment the multi_accept directive and set it to on.

Lower the keepalive_timeout directive to 15.

For security reasons, you should uncomment the server_tokens directive and ensure it is set to off.

Add the new client_max_body_size directive below the server_tokens and set the value to 64m.

Uncomment the gzip_proxied directive and set it to any, uncomment the gzip_comp_level directive and set it to the value of 2 and finally uncomment the gzip_types directive.

In order for Nginx to correctly serve PHP you also need to ensure the fastcgi_param SCRIPT_FILENAME directive is set, otherwise, you will receive a blank white screen when accessing any PHP scripts. So open fastcgi_params file by issuing

sudo nano /etc/nginx/fastcgi_params

Add the following at the end of the file

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

That’s all, this is the basic Nginx configuration, hit CTRL+X followed by Y to save the changes. Ensure that the configuration file contains no errors and restart Nginx for the changes to take effect by issuing the following command

sudo nginx -t

If you get a successful message, then proceed with the following command

sudo service nginx restart

If everything worked out fine, you should still be able to see the Nginx welcome page when visiting your domain in the browser. However, unless visiting a known host the server should return a 444 response. So, we remove the default server blocks from Nginx.

sudo rm /etc/nginx/sites-available/default
sudo rm /etc/nginx/sites-enabled/default

Now you need to add a catch-all block to the Nginx configuration. Open the nginx.conf file

sudo nano /etc/nginx/nginx.conf

Find the line with include /etc/nginx/sites-enabled/*;

Below this line add the following

server { 
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 444;
}

Hit CTRL+X followed by Y to save the changes and then test the Nginx configuration and restart Nginx.

sudo nginx -t
sudo service nginx restart

Now when you visit the domain name you should receive an error.

From here you can setup Nginx server blocks configuration for your website.

Install PHP 7.3

sudo apt install software-properties-common
sudo add-apt-repository ppa:ondrej/php
sudo apt update
sudo apt install php7.3-fpm php7.3-common php7.3-mysql php7.3-xml php7.3-xmlrpc php7.3-curl php7.3-gd php7.3-imagick php7.3-cli php7.3-dev php7.3-imap php7.3-mbstring php7.3-opcache php7.3-soap php7.3-zip unzip -y

After the installation has completed, confirm that PHP 7.3 has installed correctly with this command

php-fpm7.3 -v

Now that PHP 7.3.* has installed and you need to configure the user and group that the service will run under.

sudo nano /etc/php/7.3/fpm/pool.d/www.conf

Change the following lines by replacing the www-data with your username.

user = username 
group = username
listen.owner = username
listen.group = username

Now we configure PHP for WordPress by changing some values in php.ini.

sudo nano /etc/php/7.3/fpm/php.ini

Hit F6 for search inside the editor and update the following values

upload_max_filesize = 32M 
post_max_size = 48M
memory_limit = 256M
max_execution_time = 600
max_input_vars = 3000
max_input_time = 1000

Hit CTRL+X and Y to save the configuration and check if the configuration is correct and restart PHP

sudo php-fpm7.3 -t 
sudo service php7.3-fpm restart

Now you can create Nginx configurations for different web applications

Now we have completed NGINX and PHP 7.3 in Ubuntu 18.04 LTS.

Learn How to connect your Google Compute Engine with Cloud SQL database

Write A Comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Where Writing Meets Entrepreneurship!

Get FREE Google Cloud Tutorials.
GET NOW
close-link
Please help us get 1000 likes in Facebook. Thank You!
LIKE NOW

Stay Connected!

Get latest tutorials on Google Cloud and Open Source topics
SUBSCRIBE
close-link