You can help support this website by buying me a coffee!
5 minutes reading time
(997 words)
Install Joomla 4 on Nginx Web Server
How to install Joomla 4 on Nginx web server. Create MariaDB database for website. Configure Nginx HTTPS server block for Joomla. Install PHP extensions and configure PHP settings for Joomla.
Create website public html folder
# Create website folder mkdir /var/www/yourdomain.com/html -p # Change owner and group to nginx user chown -Rf www-data:www-data /var/www/yourdomain.com # Change folder permissions chmod -Rf 750 /var/www/yourdomain.com
Website file and folder permissions
Website root directory, public HTML folder 750
Website directories 755
Website files 644
configuration.php file 400
Website root directory, public HTML folder 750
Website directories 755
Website files 644
configuration.php file 400
Create MariaDB database
Create MariaDB database for website
# Logon to MariaDB mariadb -u root -p # Create database, user and assign privleges CREATE DATABASE yourdomain_db; CREATE USER 'yourdomain_user' IDENTIFIED BY 'PASSWORD'; GRANT ALL PRIVILEGES ON yourdomain_db.* TO 'yourdomain_user'; # List all databases SHOW DATABASES; # List all MariaDB users SELECT User FROM mysql.user; #Show permissions for a user SHOW GRANTS FOR 'yourdomain_user'; #Exit MariaDB exit
Install PHP extensions for Joomla 4
If you haven't already installed PHP, you can follow this guide.
Install PHP 8.1 for Nginx on Debian 11
# install php fastcgi process manager and php mysql apt install php-fpm php-mysql # install php extensions for Joomla apt install php8.1-zip php8.1-intl php8.1-xml php8.1-curl php8.1-mbstring php8.1-gd
Find php.ini configuration file
php -i | grep "Loaded Configuration File"
Enable PHP Extensions
Edit php.ini and uncomment these lines to enable the extensionsnano /etc/php/8.1/fpm/php.ini
extension=curl
extension=gd
extension=mbstring
extension=mysqli
Add PHP to Nginx server block
Edit Nginx server blocknano /etc/nginx/sites-available/yourdomain.com.conf
Depending on your web server or hosting environment, you may need to change the fastcgi_pass options. On most servers; this is usually fastcgi_pass 127.0.0.1:9000
# php config
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
# fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi.conf;
}
Reload Nginx
Test Nginx configuration
Reload Nginx
nginx -tReload Nginx
service nginx reload
Configure PHP for Joomla
Edit php.ini configuration file and change the following settingsnano /etc/php/8.1/fpm/php.ini
memory_limit 128M
upload_max_filesize 30M
post_max_size 30M
max_execution_time 30
output_buffering = off
upload_tmp_dir = /tmp
Restart PHP FPM
service php8.1-fpm restart
Restart Nginx
service nginx restart
Nginx configuration file
Backup existing Nginx configuration file
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.28092022.bak
Edit Nginx configuration file and add these linesnano /etc/nginx/nginx.conf
http {
# Basic Settings
server_name_in_redirect off;
server_tokens off;
ignore_invalid_headers on;
autoindex off;
# SSL Settings
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:1m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
# Cloudflare OCSP DNS resolvers
resolver 1.1.1.1 1.0.0.1;
}
Nginx HTTPS server block for Joomla
Create website configuration filenano /etc/nginx/sites-available/yourdomain.com.conf
# http server block
server {
listen 80;
root /var/www/yourdomain.com/html;
index index.html index.php;
server_name yourdomain.com;
# letsencrypt folder
location ^~ /.well-known/acme-challenge/ {
allow all;
root /var/www/letsencrypt/;
default_type "text/plain";
try_files $uri =404;
}
# http to https redirect
location / {
return 301 https://yourdomain.com$request_uri;
}
}
# https server block
server {
listen 443 ssl http2;
server_name yourdomain.com;
root /var/www/yourdomain.com/html;
index index.html index.php;
# ssl certificate
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/yourdomain.com/chain.pem;
# Strict Transport Security (HSTS)
add_header Strict-Transport-Security "max-age=63072000" always;
# Enable Search Engine Friendly URLs
location / {
try_files $uri $uri/ /index.php?$args;
}
# security headers
add_header Referrer-Policy "unsafe-url";
add_header X-XSS-Protection "1; mode=block";
add_header Cache-Control "no-transform";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options SAMEORIGIN;
# deny running scripts inside writable directories
location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
return 403;
error_page 403 /403_error.html;
}
# php config
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
# fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi.conf;
}
# caching of files
location ~* \.(ico|pdf|flv)$ {
expires 1y;
}
location ~* \.(js|css|png|jpg|jpeg|gif|swf|xml|txt)$ {
expires 14d;
}
}
Link the web site config file to sites-enabledsudo ln -s /etc/nginx/sites-available/yourdomain.com.conf /etc/nginx/sites-enabled
Test Nginx configurationnginx -t
Reload Nginxservice nginx reload
Download Joomla 4
Download Joomla 4 using wget
# Download Joomla 4 using wget cd /var/www/yourdomain.com/html wget https://github.com/joomla/joomla-cms/releases/download/4.2.5/Joomla_4.2.5-Stable-Full_Package.zip #Install unzip apt install unzip # Unzip the file cd /var/www/yourdomain.com/html unzip Joomla_4.2.5-Stable-Full_Package.zip # Remove the zip file rm Joomla_4.2.5-Stable-Full_Package.zip # Change owner and group to nginx user chown -Rf www-data:www-data /var/www/yourdomain.com/html
Download Joomla 4 from the web
Download Joomla 4
https://downloads.joomla.org
Download Joomla 4 Full Package
Upload the Joomla_Stable-Full_Package.zip file to your website public html folder using SSH with FileZilla
# install unzip apt install unzip # unzip the file cd /var/www/yourdomain.com/html unzip Joomla_4.2.2-Stable-Full_Package.zip # remove zip file rm Joomla_4.2.2-Stable-Full_Package.zip # change owner and group to nginx user chown -Rf www-data:www-data /var/www/yourdomain.com/html
Install Joomla 4
Browse to your website to start the Joomla 4 installation
https://yourdomain.com/installation/index.php
Website name
Enter the website name
Joomla Administrator
Set the Joomla Administrator username, password and email address
Website database
Enter your database details
Database type: MySQLi
Host name: localhost
Database user: yourdomain_user
Database password: PASSWORD
Database name: yourdomain_db
Connection encryption: default
Joomla installation completed
Click Open Administrator to login to the Joomla website back end
https://yourdomain.com/administrator
Change configuration.php permissions
chmod 400 /var/www/yourdomain.com/html/configuration.php
References:
by Author
Installing Joomla
https://docs.joomla.org/J4.x:Installing_Joomla
Security Checklist/Hosting and Server Setup
https://docs.joomla.org/Security_Checklist/Hosting_and_Server_Setup
Description of core php.ini directives
https://www.php.net/manual/en/ini.core.php
Comments