How to Install and Configure NGINX on CWP

NGINX is a high-performance web server and reverse proxy used widely for its speed and resource efficiency. Pairing NGINX with CWP (CentOS Web Panel) allows for improved website performance and a user-friendly management experience. Here’s how to install and configure NGINX on CWP.

Prerequisites #

Before you start, ensure:

• A server running Almalinux/CentOS 7/8 with CWP installed.
• Root or sudo access to the server.
• A domain name pointed to the server’s IP address.

Step by step on How to Install and Configure NGINX on CWP #

Since you have your CWP server ready. We can now proceed with the steps to install and configure NGINX.

• Access your server via SSH, using root user, or a sudo user, then escalate to root terminal.

• Upgrade your server.

yum update -y

• Install files that are needed for the set-up

yum install pcre pcre-devel zlib-devel openssl-devel -y

• Enable NGINX Epel Repository then install NGINX.

sudo yum install epel-release -y

sudo yum install nginx -y

• Create the proxy.inc file.

rm -rf /etc/nginx/proxy.inc

vi /etc/nginx/proxy.inc

• Then paste the code below in the file

#Proxy file starts here
# More info here: http://wiki.nginx.org/HttpProxyModule

proxy_buffering off;
proxy_connect_timeout 59s;
proxy_send_timeout 600;
proxy_read_timeout 600;
proxy_buffer_size 64k;
proxy_buffers 16 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_pass_header Set-Cookie;
proxy_redirect off;
proxy_hide_header Vary;
proxy_hide_header X-Powered-By;
proxy_set_header Accept-Encoding '';
#If you want to get the cache-control and expire headers from apache, comment out 'proxy_ignore_headers' and uncomment 'proxy_pass_header Expires;' and 'proxy_pass_header Cache-Control
#proxy_pass_header Expires;
#proxy_pass_header Cache-Control;
proxy_ignore_headers Cache-Control Expires;
proxy_set_header Referer $http_referer;
proxy_set_header Host $host;
proxy_set_header Cookie $http_cookie;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

#Proxy file ends here

• Create an NGINX configuration file using these commands

rm -rf /etc/nginx/nginx.conf
vi /etc/nginx/nginx.conf

• Add the code below in the file, then save and exit it.

# Nginx config starts here

user nobody;
worker_processes auto;
#worker_rlimit_nofile 20480;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024; # increase for busier servers
use epoll; # you should use epoll for Linux kernels 2.6.x
}
http {
open_file_cache max=5000 inactive=30s;
open_file_cache_valid 120s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
open_log_file_cache max=1024 inactive=30s min_uses=2;
server_names_hash_max_size 10240;
server_names_hash_bucket_size 1024;
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 5;
gzip on;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
gzip_proxied any;
gzip_http_version 1.1;
gzip_min_length 1000;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/xml text/css application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg application/xml+rss text/javascript application/atom+xml application/javascript application/json;
ignore_invalid_headers on;
client_header_timeout 3m;
client_body_timeout 3m;
client_max_body_size 200m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 4k;
large_client_header_buffers 4 32k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
proxy_temp_path /tmp/nginx_temp;
log_format bytes_log "$msec $bytes_sent .";
# Include site configurations
include /etc/nginx/conf.d/*.conf;
}

# Nginx config ends here

• Make a virtual host for your domain. Ensure to replace cwpnginx.tke.co.ke with your actual domain name.
• Also, replace your_server_IP with the the actual IP of your server, and your_username with your actual user account name.

vi /etc/nginx/conf.d/cwpnginx.tke.co.ke.conf

# Virtual host file starts here

server {
listen your_server_IP:80;
access_log /var/log/nginx/access.cwpnginx.tke.co.ke.log;
error_log /var/log/nginx/error.cwpnginx.tke.co.ke.log;
server_name cwpnginx.tke.co.ke www.cwpnginx.tke.co.ke;
root /home/your_username/public_html;
location / {
location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot)\$ {
expires 7d; #Comment this out if you're using the apache backend cache-control/expires headers.
try_files \$uri \@backend;
}
error_page 405 = \@backend;
error_page 500 = \@custom;
add_header X-Cache "HIT from Backend";
proxy_pass http://your_server_IP:8181;
include proxy.inc;
}
location \@backend {
internal;
proxy_pass http://your_server_IP:8181;
include proxy.inc;
}
location \@custom {
internal;
proxy_pass http://your_server_IP:8181;
include proxy.inc;
}
location ~ .*\.(php|jsp|cgi|pl|py)?\$ {
proxy_pass http://your_server_IP:8181;
include proxy.inc;
}
location ~ /\.ht {
deny all;
}
}

# Virtual host file ends here

• Download and install the mod_raf packagem using these commands.

cd /usr/local/src

rm -rf mod_rpaf-0.8.4

rm -rf v0.8.4.tar.gz

wget https://github.com/gnif/mod_rpaf/archive/v0.8.4.tar.gz --no-check-certificate

tar xzf v0.8.4.tar.gz

cd mod_rpaf-0.8.4

chmod +x apxs.sh

/usr/local/apache/bin/apxs -i -c -n mod_rpaf.so mod_rpaf.c

• Also create a configuration file for mod_raf.

rm -rf /usr/local/apache/conf.d/rpaf.conf

vi -w /usr/local/apache/conf.d/rpaf.conf

• Paste the code below in the file, replacing your_server_IP with your actual server IP, then save and exit it.

# Mod_raf config file starts here

LoadModule rpaf_module modules/mod_rpaf.so
RPAF_Enable On
RPAF_ProxyIPs 127.0.0.1 your_server_IP
RPAF_SetHostName On
RPAF_SetHTTPS On
RPAF_SetPort On
RPAF_ForbidIfNotProxy Off
RPAF_Header X-Forwarded-For

# Mod_raf config file ends here

• Log in to CWP main panel and navigate to CWP Settings >> Edit settings.

• Change the Shared IP to your server IP, and Apache Port to 8181

• Use the commands below to retart Apache and NGINX, also setting NGINX to start automatically when you reboot the server

service httpd restart
service nginx restart
chkconfig nginx on

To completely remove Nginx and Mod_raf. #

• Navigate to CWP Settings –>> Edit Settings and Change apache port to 80

• Once done, run the following commands to remove the services

yum remove nginx -y
rm -rf /etc/nginx/
rm -rf /etc/yum.repos.d/nginx.repo
rm -rf /usr/lib64/httpd/modules/mod_rpaf.so
rm -rf /usr/local/apache/modules/mod_rpaf.so
rm -rf /usr/local/apache/conf.d/rpaf.c

• Restart Apache using this command

service httpd restart

• Your server should be back to using Apache, and not NGINX

That will be all. Cheers!