Configure Nginx webserver on Jump server / Bastion host

Install nginx  with the following command on Ezeelogin ssh jump server

 

Install & Configure Nginx on Debian 9

Install the package using the following command 

[email protected]:~# apt update ; apt-get install  nginx php-fpm 

 
Open the default Nginx server block configuration file by typing:

[email protected]:~#  vi etc/nginx/sites-enabled/default

 

We need to make some changes to this file for our site.

The changes that you need to make are in red in the text below. If you prefer, you may just copy and paste everything, then replace the value of  server_name  & root (Document root) with the appropriate domain name or IP address & Document root: 

# Default server configuration

server {

listen 80 default_server;

listen [::]:80 default_server;

 

# SSL configuration

# listen 443 ssl default_server;

# listen [::]:443 ssl default_server;

root /var/www/html;

 

# Add index.php to the list if you are using PHP

index index.php index.html index.htm index.nginx-debian.html;

 

server_name (Add your hostname or IP);

 

location / {

# First attempt to serve request as file, then

# as directory, then fall back to displaying a 404.

try_files $uri $uri/ =404;

}

# pass PHP scripts to FastCGI server

location ~ \.php$ {

include snippets/fastcgi-php.conf;

# # With php-fpm (or other unix sockets):

fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;

# # With php-cgi (or other tcp sockets):

# fastcgi_pass 127.0.0.1:9000;

}

if (!-f $request_filename) {

rewrite ^/(.*)$  /ezlogin/index.php?$1 last;

}

# deny access to .htaccess files, if Apache's document root

# concurs with nginx's one

#location ~ /\.ht {

# deny all;

#}

}

 

When you've made the above changes, you can save and close the file.

 Restart Nginx & PHP-fpm service to make the necessary changes:

[email protected]:~# systemctl reload nginx.service

[email protected]:~# systemctl reload php7.0-fpm.service

Make sure that you have installed Ioncube Loader

Install & Configure Nginx on Centos

 

yum install epel-release ; yum install nginx

 

  Install & configure php handler

yum install php-fpm

    Open the main php-fpm configuration file with root privileges,search for "cgi.fix_pathinfo=1" and set it to "cgi.fix_pathinfo=0"

vi /etc/php.ini

 & set   "cgi.fix_pathinfo=0"

cgi.fix_pathinfo=0

   Save and close the file when you are finished.

 

open the php-fpm configuration file  www.conf

vi /etc/php-fpm.d/www.conf

  Find the line that specifies the  listen  parameter, and change it so it looks like the following:

listen = /var/run/php-fpm/php-fpm.sock

 

Next, find the lines that set the  listen.owner  and  listen.group  and uncomment them. They should look like this:

listen.owner = nobody

listen.group = nobody

 Lastly, find the lines that set the  user  and  group  and change their values from "apache" to "nginx":

user = nginx

group = nginx

 Then save and quit.

 

 Now, we just need to start our PHP processor by typing:

sudo systemctl enable php-fpm

 

Configure Nginx to Process PHP Pages

Open the default Nginx server block configuration file by typing:

vi /etc/nginx/conf.d/default.conf

 We need to make some changes to this file for our site.

The changes that you need to make are in red in the text below. If you prefer, you may just copy and paste everything, then replace the value of  server_name  & root (Document root) with the appropriate domain name or IP address & Document root:

 

server   {
listen 80;
server_name server_domain_name_or_IP;

# note that these lines are originally from the "location /" block
root /var/www/html;
index index.php index.html index.htm;

location / {
try_files $uri  $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root  /var/www/html;
}

location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}


if (!-f $request_filename) { rewrite ^/(.*)$ /ezlogin/index.php?$1 last;
}
}

 

 When you've made the above changes, you can save and close the file.

 Restart Nginx to make the necessary changes:

systemctl restart nginx

 

If you have any difficulties please contact support and they would install ezeelogin for you free of cost

5 (2)
Article Rating (2 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    Set SSH User Expiry
    Viewed 423 times since Thu, Sep 20, 2018
    How do i configure Ezeelogin to authenticate using Open_Ldap(Pam-Ldap) in ubuntu?
    Viewed 1272 times since Fri, Feb 23, 2018
    Can i install ezeelogin Jump server solution in a lan?
    Viewed 1245 times since Sat, Jul 8, 2017
    How to add ssh public key for passwordless authentication in ssh
    Viewed 1209 times since Fri, Sep 1, 2017
    How to search using IP or other fields instead of host name in jump server ssh interface or gui?
    Viewed 634 times since Fri, May 4, 2018
    configure jump server to use SSL for MySQL
    Viewed 1412 times since Mon, Apr 30, 2018
    Will Ezeelogin work behind a firewall or NAT or behind a Proxy?
    Viewed 1441 times since Sat, Jul 8, 2017
    How to configure Yubikey two factor authentication in ssh ?
    Viewed 2670 times since Thu, Jun 15, 2017
    what port should i open on my server firewall to fetch ezeelogin license?
    Viewed 1613 times since Wed, Aug 16, 2017
    How do i configure Ezeelogin to authenticate using OpenLdap or Window AD server?
    Viewed 1166 times since Wed, Jan 24, 2018