I made a resend swap from Apache2 to Nginx for speed improvements. <\/p>\n\n\n\n
<\/p>\n\n\n\n
This guild is for for Ubuntu 22.04 and assuming you are already running a WordPress site. <\/p>\n\n\n\n
Your will need to install 4 packages <\/p>\n\n\n\n
<\/p>\n\n\n\n
Part 1 <\/strong><\/p>\n\n\n\n Install everything you need<\/p>\n\n\n\n now to make the packages work… <\/p>\n\n\n\n PHP setup is optional if you already have a working site.<\/p>\n\n\n\n Lets start with php8.1<\/p>\n\n\n\n You will need to enable it and build the scripts for it<\/p>\n\n\n\n Part 2<\/strong><\/p>\n\n\n\n Now lets make the necessary firewall rules to permit ports 80\/443<\/p>\n\n\n\n Part 4<\/strong><\/p>\n\n\n\n Generate your LetsEncrypt certs<\/p>\n\n\n\n This will create a basic config for you under \/etc\/nginx\/sites-available\/ and store your new certs in \/etc\/letsencrypt\/live\/<Your Domain>\/<\/p>\n\n\n\n Now to configure Nginx<\/p>\n\n\n\n Nginx has a few components that need to be setup for before its operational <\/p>\n\n\n\n Modify the Certbot generated config file for your domain<\/p>\n\n\n\n Replace your domain config code with the following code<\/p>\n\n\n\n The above config will load the site on port 80 and redirect it to port 443 while also accepting connections on 443 its self. Apply your. You will be able to create a custom path for your access and error log files.<\/p>\n\n\n\n Start the Nginx service. <\/p>\n\n\n\n Once Nginx has started try to load your website again via DNS name on http and https to verity the redirect is working. Something to keep in mind is that Nginx does take a few sec to begin serving web content.<\/p>\n\n\n\n You may want to setup a systemd service or crontab job to automatically renew your cert with Certbot<\/p>\n\n\n\n <\/p>\nsudo apt install certbot python3-certbot-apache php8.1 nginx<\/code><\/pre>\n\n\n\nupdate-alternatives --set php \/usr\/bin\/php8.1\nupdate-alternatives --config php\nphp -v<\/code><\/pre>\n\n\n\nsudo ufw app list\nsudo ufw allow 'Nginx HTTP'\nsudo ufw allow 'Nginx HTTPS'<\/code><\/pre>\n\n\n\ncertbot certonly --manual --preferred-challenge dns -d \"<Your Domain>\" -d \"*.<Your Domain>\"<\/code><\/pre>\n\n\n\ncd \/etc\/nginx\/sites-available\/
vim <your domain>
<\/code><\/pre>\n\n\n\nserver {\n listen 443 ssl http2;\n listen [::]:443 ssl http2;\n server_name <Your Domain>;\n\n ssl_certificate \/etc\/letsencrypt\/live\/<Your Domain>\/fullchain.pem;\n ssl_certificate_key \/etc\/letsencrypt\/live\/<Your Domain>\/privkey.pem;\n\n access_log \/var\/log\/access.log;\n error_log \/var\/log\/error.log;\n\n root \/var\/www\/<Your Domain>;\n index index.php;\n\n location \/ {\n try_files $uri $uri\/ \/index.php?$args;\n }\n\n location ~ \\.php$ {\n try_files $uri =404;\n fastcgi_split_path_info ^(.+\\.php)(\/.+)$;\n fastcgi_pass unix:\/run\/php\/php8.1-fpm.sock;\n fastcgi_index index.php;\n include fastcgi.conf;\n }\n}\n\nserver {\n listen 443 ssl http2;\n listen [::]:443 ssl http2;\n\n server_name www.<Your Domain>;\n\n ssl_certificate \/etc\/letsencrypt\/live\/<Your Domain>\/fullchain.pem;\n ssl_certificate_key \/etc\/letsencrypt\/live\/<Your Domain>\/privkey.pem;\n\n return 301 https:\/\/<Your Domain>$request_uri;\n}\n\nserver {\n listen 80;\n listen [::]:80;\n\n server_name <Your Domain> www.<Your Domain>;\n\n return 301 https:\/\/<Your Domain>$request_uri;\n}<\/code><\/pre>\n\n\n\nsystemctl start nginx<\/code><\/pre>\n\n\n\n