Standalone nginx & PHP Guide for Ubuntu 10.04

The last 1 or 2 years I have been running nginx as reverse proxy in front of Apache2. Now with the release of nginx version 1.2.0 I decided to revamp my installation and use nginx as a standalone server again. This guide explains my installation which uses nginx, PHP via FastCGI connector and SSL running on Ubuntu 10.04.

I want to use the current version of nginx, so I use the PPA repository where current nginx builds can be found:

sudo apt-get install python-software-properties
sudo add-apt-repository ppa:nginx/stable
sudo apt-get update
sudo apt-get install nginx

Currently this will install nginx version 1.2.0. Now install the packages required for php:

sudo apt-get install php5-cgi

Now we need to create a start/stop script to start our cgi process. Create a file /etc/init.d/php-fastcgi with the following contents:



start() {
    echo -n "Starting PHP FastCGI: "
    start-stop-daemon --quiet --start --background --chuid "$USER" --exec /usr/bin/env -- - USER=$USER PATH=/usr/bin PHP_FCGI_CHILDREN=$CHILDREN PHP_FCGI_MAX_REQUESTS=$MAX_REQUESTS /usr/bin/php-cgi -b
    echo "OK"

stop() {
    echo -n "Stopping PHP FastCGI: "
    killall -q -w -u $USER /usr/bin/php-cgi
    echo "OK"

case "$1" in
        echo "Usage: php-fastcgi {start|stop|restart}"
        exit 1

exit $RETVAL

This script will start 3 PHP worker processes which will server up to 1000 requests each. Make the script executable:

sudo chmod a+x /etc/init.d/php-fastcgi

Now you can try to start the php daemon:

sudo /etc/init.d/php-fastcgi start

You should see the daemons in the process list. If everything is running so far, enable autostart for the service:

sudo update-rc.d php-fastcgi defaults

The next step is to create a self signed SSL certificate:

openssl req -new -x509 -days 4312 -nodes -keyout /etc/nginx/web.pem -out /etc/nginx/web.pem

When filling out the certificate details, make sure that you enter your domain name in the field “Common Name”. The above command will create a self signed certificate file.

The last step is to create virtual host configurations for nginx. Here is an example which can act as a boilerplate to setting up a new vhost which will listen on http and https. Let’s say we want to create a vhost for a domain where the files are located at /srv/www/vhosts/ Create a new file /etc/nginx/sites-available/ with the following contents:

server {
    listen 80;
    listen 443 ssl;
    ssl_certificate /etc/nginx/web.pem;
    ssl_certificate_key /etc/nginx/web.pem;
    access_log /srv/www/vhosts/ combined;
    error_log /srv/www/vhosts/;

    root /srv/www/vhosts/;

    index index.php;

    location / {
        try_files $uri $uri/ /index.php;

    location ~ \.php {
        try_files $uri = 404;
        include /etc/nginx/fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

If you want to redirect all non-ssl traffic to the https port, add the following lines inside the server block:

if ($ssl_protocol = "") {
   rewrite ^ https://$server_name$request_uri? permanent;

To activate the vhost, create a symbolic link in the directory /etc/nginx/sites-enabled/:

ln -s /etc/nginx/sites-available/ /etc/nginx/sites-enabled/

And now reload the nginx configuration:

sudo /etc/init.d/nginx reload

Everything should be working by now.

Leave a Reply