This page shows you how to get your WordPress website running on a virtual machine instance with Nginx, PHP 7.2, Cloud SQL
The installation is mostly done via command line so I assume you are comfortable using command line interface.
Prerequisites
- Comfortable using LINUX command line interface
- Your Compute Engine Instance running.
- For setting up Compute Engine, see the Setting up Compute Engine Instance
- Domain name is pointed to your virtual machine.
- For setting up Cloud DNS, see the Setting up Google Cloud DNS for your domain
Install Nginx
Go to Compute Engine >> VM Instances page, here you will have your instances listed. Click the SSH button to launch the terminal in a new browser window.
Although you have just created your new instance, it is likely that some software packages are out of date. Let’s make sure that you are using the latest software packages.
sudo apt-get update
Once completed let’s update all the installed packages. You will be prompted with the selection to start the update. Hitting Y and Enter will begin the process.
sudo apt-get upgrade
Once the upgrade is completed you can proceed to install Nginx
sudo apt install nginx
Once complete, you can confirm that Nginx has been installed by issuing this command
nginx -v
Visit your domain in your browser, you will see the Nginx welcome page.
Now you can secure your instance by setting up firewall and Fail2ban.
Firewall
The firewall provides an additional layer of security to your instance by blocking inbound network traffic. The ufw (Uncomplicated Firewall) package is usually installed by default in Ubuntu 18.04 LTS, so we need to just add the rules which deny all incoming traffics and allow all outgoing traffics. We now add the ports for SSH (22), HTTP (80), HTTPS (443).
sudo ufw allow OpenSSH sudo ufw allow 'Nginx HTTP' sudo ufw allow 'Nginx HTTPS' sudo ufw enable
Fail2ban
This works alongside with ufw and monitors intrusion attempts to your instance and blocks the offending host for a set period of time, so let’s install it now.
sudo apt-get install fail2ban sudo service fail2ban start
Next, open the Nginx configuration file, which can be found at /etc/nginx/nginx.conf
Start by setting the user to the username
that you’re currently logged in with. This will make managing file permissions much easier in the future.
The worker_processes directive is the amount of CPU cores your instance. In my case, this is 1
.
Uncomment the multi_accept directive and set it to on
.
Lower the keepalive_timeout directive to 15
.
For security reasons, you should uncomment the server_tokens directive and ensure it is set to off
.
Add the new client_max_body_size directive below the server_tokens and set the value to 64m
.
Uncomment the gzip_proxied directive and set it to any
, uncomment the gzip_comp_level directive and set it to the value of 2
and finally uncomment the gzip_types directive.
In order for Nginx to correctly serve PHP you also need to ensure the fastcgi_param SCRIPT_FILENAME
directive is set, otherwise, you will receive a blank white screen when accessing any PHP scripts. So open fastcgi_params file by issuing
sudo nano /etc/nginx/fastcgi_params
Add the following at the end of the file
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
That’s all, this is the basic Nginx configuration, hit CTRL+X
followed by Y
to save the changes. Ensure that the configuration file contains no errors and restart Nginx for the changes to take effect by issuing the following command
sudo nginx -t
If you get a successful message, then proceed with the following command
sudo service nginx restart
If everything worked out fine, you should still be able to see the Nginx welcome page when visiting your domain in the browser. However, unless visiting a known host the server should return a 444 response. So, we remove the default server blocks from Nginx.
sudo rm /etc/nginx/sites-available/default sudo rm /etc/nginx/sites-enabled/default
Now you need to add a catch all block to the Nginx configuration. Open the nginx.conf
file
sudo nano /etc/nginx/nginx.conf
Find the line with include /etc/nginx/sites-enabled/*;
Below this line add the following
server { listen 80 default_server; listen [::]:80 default_server; server_name _; return 444; }
Hit CTRL+X
followed by Y
to save the changes and then test the Nginx configuration and restart Nginx.
sudo nginx -t sudo service nginx restart
Now when you visit the domain name you should receive an error.
Install PHP 7.2
sudo apt-get install php7.2-fpm php7.2-common php7.2-mysql php7.2-xml php7.2-xmlrpc php7.2-curl php7.2-gd php7.2-imagick php7.2-cli php7.2-dev php7.2-imap php7.2-mbstring php7.2-opcache php7.2-soap php7.2-zip -y
After the installation has completed, confirm that PHP has installed correctly with this command
php-fpm7.2 -v
Now that PHP 7.2.* has installed and you need to configure the user and group that the service will run under.
sudo nano /etc/php/7.2/fpm/pool.d/www.conf
Change the following lines by replacing the www-data with your username
.
user = username group = username listen.owner = username listen.group = username
Now we configure PHP for WordPress by changing some values in php.ini
.
sudo nano /etc/php/7.2/fpm/php.ini
Hit F6 for search inside the editor and update the following values
upload_max_filesize = 32M post_max_size = 48M memory_limit = 256M max_execution_time = 600 max_input_vars = 1000 max_input_time = 400
Hit CTRL+X
and Y
to save the configuration and check if the configuration is correct and restart PHP
sudo php-fpm7.2 -t sudo service php7.2-fpm restart
Now we have completed NGINX and PHP 7.2 in Ubuntu 18.04 LTS.
In the next post, we can configure Cloud SQL for the WordPress database.
8 Comments
is this an over site or typo? Please read instructions below and then review the noted area again…
Change the following lines by replacing the www-data with your username.
user = username
group = username
listen.owner = username
listen.group = username
Now we configure PHP for WordPress by changing some values in php.ini.
How do we perform this task? Not sure if this is within the CLI text but I am already confused…
//—>replacing the www-data with your username.<–//
You need to replace the www-data with your username you see in your terminal [email protected]_name:~$ in
/etc/php/7.2/fpm/pool.d/www.conf
when I run the nginx -t command, I get an error message saying that invalid number of arguments in client_max_size_body directive. Could you please help?
I figured it out, made a silly mistake sorry. Do you have alternative to the command line for installing php? When I run the command line, it is unable to locate any package
You can try adding the repo and install PHP
sudo apt install software-properties-common
sudo add-apt-repository ppa:ondrej/php
sudo apt update
Hello Thank you for the tutorial. I was following the steps in setting up my server but now i am getting error when i try to test php-fpm with this command: sudo php-fpm7.2 -t
This is the error i get on the command line
ERROR: [/etc/php/7.2/fpm/pool.d/www.conf:22] value is NULL for a ZEND_INI_PARSER_ENTRY
[24-Feb-2020 12:35:53] ERROR: Unable to include /etc/php/7.2/fpm/pool.d/www.conf from /etc/php/7.2/fpm/php-fpm.conf at line 22
[24-Feb-2020 12:35:53] ERROR: failed to load configuration file ‘/etc/php/7.2/fpm/php-fpm.conf’
[24-Feb-2020 12:35:53] ERROR: FPM initialization failed
Please your response is appreciated. thanks
Please try replacing the hash symbols “#” with semicolons “;” in your
www.conf
. Maybe that could be the cause for the error. If that didnt fix please share the contents ofwww.conf
file. Thank youhey, I notice every time I execute command sudo service nginx restart or sudo service php7.2-fpm restart
I always get the error
Job for php7.2-fpm.service failed because the control process exited with error code.
See “systemctl status php7.2-fpm.service” and “journalctl -xe” for details.