Configure Nginx webserver on Jump server / Bastion host
Install nginx with the following command on Ezeelogin ssh jump server
Install & Configure Nginx on Debian 9
Install the package using the following command
root@jumpserver:~# apt update ; apt-get install nginx php-fpm
root@jumpserver:~# vi etc/nginx/sites-enabled/default
We need to make some changes to this file for our site.
The changes that you need to make are in red in the text below. If you prefer, you may just copy and paste everything, then replace the value of server_name & root (Document root) with the appropriate domain name or IP address & Document root:
# Default server configuration
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name (Add your hostname or IP);
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
if (!-f $request_filename) {
rewrite ^/(.*)$ /ezlogin/index.php?$1 last;
}
# deny access to .htaccess files, if Apache’s document root
# concurs with nginx’s one
#location ~ /\.ht {
# deny all;
#}
}
When you’ve made the above changes, you can save and close the file.
Restart Nginx & PHP-fpm service to make the necessary changes:
root@jumpserver:~# systemctl reload nginx.service
root@jumpserver:~# systemctl reload php7.0-fpm.service
Make sure that you have installed Ioncube Loader
Install & Configure Nginx on Centos
yum install epel-release ; yum install nginx
Install & configure php handler
yum install php-fpm
Open the main php-fpm configuration file with root privileges,search for "cgi.fix_pathinfo=1" and set it to "cgi.fix_pathinfo=0"
vi /etc/php.ini
& set "cgi.fix_pathinfo=0"
cgi.fix_pathinfo=0
Save and close the file when you are finished.
open the php-fpm configuration file www.conf
vi /etc/php-fpm.d/www.conf
Find the line that specifies the listen parameter, and change it so it looks like the following:
listen = /var/run/php-fpm/php-fpm.sock
Next, find the lines that set the listen.owner and listen.group and uncomment them. They should look like this:
listen.owner = nginx
listen.group = nginx
Lastly, find the lines that set the user and group and change their values from "apache" to "nginx":
user = nginx
group = nginx
Then save and quit.
Now, we just need to start our PHP processor by typing:
sudo systemctl enable php-fpm
sudo systemctl restart nginx
sudo systemctl restart php-fpm
Configure Nginx to Process PHP Pages
Open the default Nginx server block configuration file by typing:
vi /etc/nginx/conf.d/default.conf
We need to make some changes to this file for our site.
The changes that you need to make are in red in the text below. If you prefer, you may just copy and paste everything, then replace the value of server_name & root (Document root) with the appropriate domain name or IP address & Document root:
server {
listen 80;
server_name server_domain_name_or_IP;
# note that these lines are originally from the "location /" block
root /var/www/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
if (!-f $request_filename) { rewrite ^/(.*)$ /ezlogin/index.php?$1 last;
}
}
When you’ve made the above changes, you can save and close the file.
Restart Nginx to make the necessary changes:
systemctl restart nginx
If you have any difficulties please contact support and they would install ezeelogin for you free of cost