Configure Nginx webserver on Jump server / Bastion host

Install nginx  with the following command on Ezeelogin ssh jump server

 

Install & Configure Nginx on Debian 9

Install the package using the following command 

root@jumpserver:~# apt update ; apt-get install  nginx php-fpm 

 
Open the default Nginx server block configuration file by typing:

root@jumpserver:~#  vi etc/nginx/sites-enabled/default

 

We need to make some changes to this file for our site.

The changes that you need to make are in red in the text below. If you prefer, you may just copy and paste everything, then replace the value of  server_name  & root (Document root) with the appropriate domain name or IP address & Document root: 

# Default server configuration

server {

listen 80 default_server;

listen [::]:80 default_server;

 

# SSL configuration

# listen 443 ssl default_server;

# listen [::]:443 ssl default_server;

root /var/www/html;

 

# Add index.php to the list if you are using PHP

index index.php index.html index.htm index.nginx-debian.html;

 

server_name (Add your hostname or IP);

 

location / {

# First attempt to serve request as file, then

# as directory, then fall back to displaying a 404.

try_files $uri $uri/ =404;

}

# pass PHP scripts to FastCGI server

location ~ \.php$ {

include snippets/fastcgi-php.conf;

# # With php-fpm (or other unix sockets):

fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;

# # With php-cgi (or other tcp sockets):

# fastcgi_pass 127.0.0.1:9000;

}

if (!-f $request_filename) {

rewrite ^/(.*)$  /ezlogin/index.php?$1 last;

}

# deny access to .htaccess files, if Apache's document root

# concurs with nginx's one

#location ~ /\.ht {

# deny all;

#}

}

 

When you've made the above changes, you can save and close the file.

 Restart Nginx & PHP-fpm service to make the necessary changes:

root@jumpserver:~# systemctl reload nginx.service

root@jumpserver:~# systemctl reload php7.0-fpm.service

Make sure that you have installed Ioncube Loader

Install & Configure Nginx on Centos

 

yum install epel-release ; yum install nginx

 

  Install & configure php handler

yum install php-fpm

    Open the main php-fpm configuration file with root privileges,search for "cgi.fix_pathinfo=1" and set it to "cgi.fix_pathinfo=0"

vi /etc/php.ini

 & set   "cgi.fix_pathinfo=0"

cgi.fix_pathinfo=0

   Save and close the file when you are finished.

 

open the php-fpm configuration file  www.conf

vi /etc/php-fpm.d/www.conf

  Find the line that specifies the  listen  parameter, and change it so it looks like the following:

listen = /var/run/php-fpm/php-fpm.sock

 

Next, find the lines that set the  listen.owner  and  listen.group  and uncomment them. They should look like this:

listen.owner = nginx

listen.group = nginx

 Lastly, find the lines that set the  user  and  group  and change their values from "apache" to "nginx":

user = nginx

group = nginx

 Then save and quit.

 

 Now, we just need to start our PHP processor by typing:

sudo systemctl enable php-fpm

sudo systemctl restart nginx

sudo systemctl restart php-fpm 

 

Configure Nginx to Process PHP Pages

Open the default Nginx server block configuration file by typing:

vi /etc/nginx/conf.d/default.conf

 We need to make some changes to this file for our site.

The changes that you need to make are in red in the text below. If you prefer, you may just copy and paste everything, then replace the value of  server_name  & root (Document root) with the appropriate domain name or IP address & Document root:

 

server   {
listen 80;
server_name server_domain_name_or_IP;

# note that these lines are originally from the "location /" block
root /var/www/html;
index index.php index.html index.htm;

location / {
try_files $uri  $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root  /var/www/html;
}

location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}


if (!-f $request_filename) { rewrite ^/(.*)$ /ezlogin/index.php?$1 last;
}
}

 

 When you've made the above changes, you can save and close the file.

 Restart Nginx to make the necessary changes:

systemctl restart nginx

 

If you have any difficulties please contact support and they would install ezeelogin for you free of cost

5 (2)
Article Rating (2 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    What setting to be changed in jump server configuration file if mysql is listening on a different port?
    Viewed 2032 times since Wed, Jun 14, 2017
    How can i add more than one public key to ezeelogin user ?
    Viewed 1745 times since Wed, Oct 18, 2017
    Will Ezeelogin work behind a firewall or NAT or behind a Proxy?
    Viewed 5808 times since Sat, Jul 8, 2017
    Set SSH User Expiry
    Viewed 1613 times since Thu, Sep 20, 2018
    How do i change the web url / uri of my installation?
    Viewed 2194 times since Thu, Jun 15, 2017
    How to configure Yubikey two factor authentication in ssh ?
    Viewed 5707 times since Thu, Jun 15, 2017
    Add a server using ssh key pair in ezeelogin
    Viewed 1048 times since Fri, Mar 22, 2019
    Integrate OpenLdap / Windows Active Directory ( AD ) authentication in ezeelogin jump server (Centos &Ubuntu)
    Viewed 6881 times since Thu, Jun 15, 2017
    Custom private key / public key pair in ssh gateway Solution
    Viewed 2807 times since Thu, Jun 15, 2017
    How to add ssh public key for passwordless authentication in ssh
    Viewed 2803 times since Fri, Sep 1, 2017