By using this website, you agree to the use of cookies as described in our Privacy Policy.
5 minutes reading time (997 words)

Install Joomla 4 on Nginx Web Server

1975 Hits

How to install Joomla 4 on Nginx web server. Create MariaDB database for website. Configure Nginx HTTPS server block for Joomla. Install PHP extensions and configure PHP settings for Joomla.

Create website public html folder

# Create website folder
mkdir /var/www/yourdomain.com/html -p

# Change owner and group to nginx user
chown -Rf www-data:www-data /var/www/yourdomain.com

# Change folder permissions
chmod -Rf 750 /var/www/yourdomain.com

Create MariaDB database 

Create MariaDB database for website

# Logon to MariaDB
mariadb -u root -p

# Create database, user and assign privleges
CREATE DATABASE yourdomain_db;
CREATE USER 'yourdomain_user' IDENTIFIED BY 'PASSWORD';
GRANT ALL PRIVILEGES ON yourdomain_db.* TO 'yourdomain_user';

# List all databases
SHOW DATABASES;

# List all MariaDB users
SELECT User
FROM mysql.user;

#Show permissions for a user
SHOW GRANTS FOR 'yourdomain_user';

#Exit MariaDB
exit

Install PHP extensions for Joomla 4 

If you haven't already installed PHP, you can follow this guide.
Install PHP 8.1 for Nginx on Debian 11

# install php fastcgi process manager and php mysql
apt install php-fpm php-mysql

# install php extensions for Joomla 
apt install php8.1-zip php8.1-intl php8.1-xml php8.1-curl php8.1-mbstring php8.1-gd

Find php.ini configuration file

php -i | grep "Loaded Configuration File"

Enable PHP Extensions

Edit php.ini and uncomment these lines to enable the extensions

nano /etc/php/8.1/fpm/php.ini

extension=curl
extension=gd
extension=mbstring
extension=mysqli

Add PHP to Nginx server block 

Edit Nginx server block
nano /etc/nginx/sites-available/yourdomain.com.conf

# php config
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
		fastcgi_pass 127.0.0.1:9000;
        # fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include /etc/nginx/fastcgi.conf;
    }

Reload Nginx

Test Nginx configuration
nginx -t

Reload Nginx

service nginx reload 

Configure PHP for Joomla

Edit php.ini configuration file and change the following settings

nano /etc/php/8.1/fpm/php.ini

memory_limit 128M
upload_max_filesize 30M
post_max_size 30M
max_execution_time 30
output_buffering = off
upload_tmp_dir = /tmp

Restart PHP FPM

service php8.1-fpm restart

Restart Nginx

service nginx restart

Nginx configuration file 

Backup existing Nginx configuration file
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.28092022.bak

Edit Nginx configuration file and add these lines
nano /etc/nginx/nginx.conf

http {
	# Basic Settings
	server_name_in_redirect off;
	server_tokens off;
	ignore_invalid_headers on;
	autoindex off;
	# SSL Settings
	ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:1m;
    ssl_session_tickets off;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
    ssl_prefer_server_ciphers off;
    # OCSP stapling
    ssl_stapling on;
    ssl_stapling_verify on;
    # Cloudflare OCSP DNS resolvers
    resolver 1.1.1.1 1.0.0.1;
}

Nginx HTTPS server block for Joomla 

Create website configuration file
nano /etc/nginx/sites-available/yourdomain.com.conf

# http server block
server {
    listen 80;
    root /var/www/yourdomain.com/html;
    index index.html index.php;
    server_name yourdomain.com;
    # letsencrypt folder
    location ^~ /.well-known/acme-challenge/ {
        allow all;
        root /var/www/letsencrypt/;
        default_type "text/plain";
        try_files $uri =404;
    }
    # http to https redirect
    location / {
        return 301 https://yourdomain.com$request_uri;
    }
}
# https server block
server {
    listen 443 ssl http2;
    server_name yourdomain.com;
    root /var/www/yourdomain.com/html;
    index index.html index.php;
    # ssl certificate
    ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/yourdomain.com/chain.pem;
    # Strict Transport Security (HSTS)
    add_header Strict-Transport-Security "max-age=63072000" always;
    # Enable Search Engine Friendly URLs
    location / {
        try_files $uri $uri/ /index.php?$args;
    }
    # security headers
    add_header Referrer-Policy "unsafe-url";
	add_header X-XSS-Protection "1; mode=block";
	add_header Cache-Control "no-transform";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options SAMEORIGIN;
    # deny running scripts inside writable directories
    location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
        return 403;
        error_page 403 /403_error.html;
    }
	# php config
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass 127.0.0.1:9000;
        # fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include /etc/nginx/fastcgi.conf;
    }
    # caching of files
    location ~* \.(ico|pdf|flv)$ {
        expires 1y;
    }
    location ~* \.(js|css|png|jpg|jpeg|gif|swf|xml|txt)$ {
        expires 14d;
    }
}

Link the web site config file to sites-enabled
sudo ln -s /etc/nginx/sites-available/yourdomain.com.conf /etc/nginx/sites-enabled

Test Nginx configuration
nginx -t

Reload Nginx
service nginx reload

Download Joomla 4

Download Joomla 4 using wget

# Download Joomla 4 using wget
cd /var/www/yourdomain.com/html
wget https://github.com/joomla/joomla-cms/releases/download/4.2.5/Joomla_4.2.5-Stable-Full_Package.zip

#Install unzip
apt install unzip

# Unzip the file
cd /var/www/yourdomain.com/html
unzip Joomla_4.2.5-Stable-Full_Package.zip

# Remove the zip file
rm Joomla_4.2.5-Stable-Full_Package.zip

# Change owner and group to nginx user
chown -Rf www-data:www-data /var/www/yourdomain.com/html

Download Joomla 4 from the web

Download Joomla 4
https://downloads.joomla.org

Download Joomla 4 Full Package

Upload the Joomla_Stable-Full_Package.zip file to your website public html folder using SSH with FileZilla

# install unzip
apt install unzip

# unzip the file
cd /var/www/yourdomain.com/html
unzip Joomla_4.2.2-Stable-Full_Package.zip

# remove zip file
rm Joomla_4.2.2-Stable-Full_Package.zip

# change owner and group to nginx user
chown -Rf www-data:www-data /var/www/yourdomain.com/html

Install Joomla 4

Browse to your website to start the Joomla 4 installation
https://yourdomain.com/installation/index.php

Website name

Enter the website name

Joomla Administrator

Set the Joomla Administrator username, password and email address

Website database

Enter your database details

Database type: MySQLi
Host name: localhost
Database user: yourdomain_user
Database password: PASSWORD
Database name: yourdomain_db
Connection encryption: default

Click Open Administrator to login to the Joomla website back end

https://yourdomain.com/administrator

Change configuration.php permissions

chmod 400 /var/www/yourdomain.com/html/configuration.php

References:

Installing Joomla
https://docs.joomla.org/J4.x:Installing_Joomla

Security Checklist/Hosting and Server Setup
https://docs.joomla.org/Security_Checklist/Hosting_and_Server_Setup

Description of core php.ini directives
https://www.php.net/manual/en/ini.core.php

Buy me a coffee
0
Tags:
Nginx Joomla

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, 23 September 2023
You can help support this website by buying me a coffee!
Buy Me A Coffee