Nginx can act as a reverse proxy, a load balancer, a mail proxy, and a simple HTTP cache, making it far more than just a web server.
Let’s get Nginx installed and serving a basic page on your DigitalOcean Droplet.
First, SSH into your Droplet. You’ll need root privileges for most of these commands, so either sudo -i or prefix commands with sudo.
ssh root@your_droplet_ip
sudo -i
Now, update your package lists and install Nginx:
apt update
apt install nginx
This fetches the latest package information and then installs the Nginx web server. Nginx is usually configured to start automatically after installation. You can check its status with:
systemctl status nginx
You should see output indicating Nginx is active (running). If not, start it with systemctl start nginx.
DigitalOcean firewalls, by default, block all incoming traffic except SSH. To allow web traffic, you need to open ports 80 (HTTP) and 443 (HTTPS).
Go to your Droplet’s page in the DigitalOcean control panel. Navigate to the "Networking" tab. Under "Firewall," click "Edit rules." Add rules to allow TCP traffic on port 80 and port 443. Save the rules.
Alternatively, if you’re comfortable with the command line and have ufw installed (common on Ubuntu/Debian), you can manage it like this:
ufw allow 'Nginx Full'
ufw enable # If not already enabled
ufw status
Nginx Full is a pre-defined ufw application profile that allows both HTTP (80) and HTTPS (443) traffic.
Now, let’s test if Nginx is accessible from the internet. Open your web browser and navigate to http://your_droplet_ip. You should see the default Nginx welcome page, which confirms Nginx is installed and accessible.
The default Nginx configuration files are located in /etc/nginx/. The main configuration file is /etc/nginx/nginx.conf, and site-specific configurations are typically placed in /etc/nginx/sites-available/ and then symlinked to /etc/nginx/sites-enabled/.
The default welcome page is served from /var/www/html/index.nginx-debian.html. To serve your own content, you’ll want to create a new server block.
Let’s create a simple configuration for a domain, say example.com. First, create a directory for your website’s files:
mkdir -p /var/www/example.com/html
chown -R $USER:$USER /var/www/example.com/html
chmod -R 755 /var/www/example.com
Now, create a sample index.html file:
nano /var/www/example.com/html/index.html
Paste this into the file and save:
<!DOCTYPE html>
<html>
<head>
<title>Welcome to example.com!</title>
</head>
<body>
<h1>Success! The example.com server block is working!</h1>
</body>
</html>
Next, create a new Nginx server block configuration file:
nano /etc/nginx/sites-available/example.com
Paste the following configuration, replacing your_domain_or_ip with your Droplet’s IP address or your actual domain name if you have one set up with DNS:
server {
listen 80;
listen [::]:80;
root /var/www/example.com/html;
index index.html index.htm index.nginx-debian.html;
server_name your_domain_or_ip;
location / {
try_files $uri $uri/ =404;
}
}
This configuration tells Nginx to listen on port 80 for requests matching your_domain_or_ip. It then sets the root directory for this domain to /var/www/example.com/html and defines the index files to look for. The location / block handles requests by trying to serve the requested file, then a directory index, or returning a 404 if neither is found.
Now, enable this new server block by creating a symbolic link to the sites-enabled directory:
ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
It’s good practice to remove the default Nginx configuration to avoid conflicts:
rm /etc/nginx/sites-enabled/default
Before restarting Nginx, test your configuration for syntax errors:
nginx -t
If the test is successful, you’ll see output like:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Finally, reload Nginx to apply the changes:
systemctl reload nginx
Now, if you visit http://your_droplet_ip (or http://your_domain.com if you’ve configured DNS), you should see your custom "Success! The example.com server block is working!" page.
The next step is usually securing your site with an SSL certificate, often using Let’s Encrypt.