How to Install and Configure Nginx on CentOS 8?

Nginx is a popular web server known for its performance, reliability, and ease of use. It is widely used for hosting websites, serving as a reverse proxy, load balancer, and caching server. In this article, we will discuss how to install and configure Nginx on CentOS 8.

Before we begin, make sure that you have root access to your CentOS 8 server. Additionally, you should have a basic understanding of Linux command line and be comfortable working with terminal-based applications.

Step 1: Update System

The first step is to ensure that your CentOS 8 system is up-to-date. You can do this by running the following command

sudo dnf update

This will download and install any available updates for your system.

Step 2: Install Nginx

Once your system is up-to-date, you can install Nginx by running the following command

sudo dnf install nginx

This will download and install Nginx and all its dependencies.

Step 3: Configure Firewall

By default, CentOS 8 comes with firewalld firewall pre-installed. You need to allow HTTP and HTTPS traffic to access the webserver. Run the following commands to open the required ports

sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

Step 4: Start and Enable Nginx

Once Nginx is installed, you can start it by running the following command

sudo systemctl start nginx

To ensure that Nginx starts automatically on system boot, run the following command

sudo systemctl enable nginx

You can check the status of Nginx by running

sudo systemctl status nginx

If everything is working correctly, you should see an output similar to the following

nginx.service - nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2023-04-24 15:37:24 UTC; 5s ago
   Process: 18625 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
   Main PID: 18626 (nginx)
   Tasks: 2 (limit: 11524)
   Memory: 4.9M
   CGroup: /system.slice/nginx.service
           ??18626 nginx: master process /usr/sbin/nginx
           ??18627 nginx: worker process

Step 5: Configure Nginx

Nginx's main configuration file is located at /etc/nginx/nginx.conf. You can open this file using your favorite text editor. Before making any changes to the file, make a backup of the original file by running the following command

sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak

Now, open the nginx.conf file

sudo nano /etc/nginx/nginx.conf

Inside the http block, you can add or modify server blocks to configure your virtual hosts. For example, if you want to create a new virtual host for example.com, you can add the following server block

server {
   listen 80;
   server_name example.com www.example.com;
   root /var/www/example.com;
   index index.html;
   location / {
      try_files $uri $uri/ =404;
   }
}

This server block listens on port 80 for requests to example.com and www.example.com. It sets the document root to /var/www/example.com and specifies index.html as the default index file. The location block specifies how to handle requests to URLs under this virtual host.

Once you have made changes to the configuration file, save and exit the text editor.

Step 6: Test Nginx Configuration

Before restarting Nginx, it's always a good idea to test the configuration to ensure that there are no syntax errors. You can do this by running the following command

sudo nginx -t

If there are any errors, Nginx will display an error message and the line number where the error occurred. If there are no errors, Nginx will display a message indicating that the configuration file is OK.

Step 7: Restart Nginx

After you have made any changes to the configuration file, you need to restart Nginx for the changes to take effect. You can do this by running the following command

sudo systemctl restart nginx

Step 8: Verify Nginx Installation

To verify that Nginx is serving requests correctly, you can open a web browser and enter your server's IP address or domain name in the address bar. You should see the default Nginx welcome page.

If you want to verify that your virtual hosts are working correctly, you can create a simple index.html file in the document root directory for each virtual host and then access the virtual host's domain name or IP address in your web browser.

Advanced Configuration Options

Reverse Proxy Setup

One of the most important features of Nginx is its ability to serve as a reverse proxy. This allows you to forward requests to multiple backend servers and perform load balancing

upstream backend {
    server 192.168.1.10:8080;
    server 192.168.1.11:8080;
}

server {
    listen 80;
    server_name example.com;
    
    location / {
        proxy_pass http://backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

SSL/TLS Configuration

You can configure Nginx to serve HTTPS traffic by obtaining and installing an SSL/TLS certificate

server {
    listen 443 ssl;
    server_name example.com;
    
    ssl_certificate /path/to/certificate.crt;
    ssl_certificate_key /path/to/private.key;
    
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;
}

Security Considerations

To improve security, consider implementing access controls and keeping your Nginx installation up-to-date with the latest security patches. You can also use third-party modules like ModSecurity for additional web application firewall capabilities.

Conclusion

In this article, we have covered the complete process of installing and configuring Nginx on CentOS 8, from basic installation to advanced features like reverse proxy and SSL configuration. Following these steps will help you set up a robust and secure web server capable of handling various deployment scenarios.