In an ideal production environment, nothing will go to production without being tested. Applications, services, migrations, upgrades, patches, hot fixed, policies, new products, most likely everything will have to undergo testing before rolling out. As cybersecurity professionals, we need to have a site to conduct testing on vulnerable cipher suites using OpenSSL. We have decided to set up a testing site on the Nginx web server on Ubuntu. Please be with us to see how to set up a testing site on Ubuntu using the Nginx server.
What Is Nginx?
Nginx is an open-source application primarily used as a feature-proof full-stack web server designed for maximum performance and stability. Initially, it has started out as a web server. Later it is loaded with many more features. In addition to its HTTP server capabilities, it can function as a proxy server for email (IMAP, POP3, and SMTP), a reverse proxy, and a load balancer for web services. Now, this open-source application is being used for web serving, reverse proxying, SSL/TLS intercepting, web accelerating, caching, load balancing, media streaming, and more. Visit this site to know everything about Nginx.
Why Do We Use Nginx For Testing?
There are many web server applications out there. But, we always prefer to use Nginx in all our testing for its array of features.
- Nginx is one of the fastest web servers around. Its benchmarks are the highest among others.
- It’s more than a webserver. We can use it as an all-in-one multifunction tool. Web server, API gateway, reverse proxy, SSL/TLS interceptor, web accelerator, caching, load balancer, media streaming, and more.
- NGINX has been at the forefront of development that fulfills the modern web requirements.
How To Set Up A Testing Site In Nginx On Ubuntu?
Setting up a testing site on Nginx is not that difficult as you think. You may need to set up Nginx on your Ubuntu, Configure some basic firewall settings to allow the service on the UFW firewall. That’s it. We have added some optional steps like configuring server blocks and adding host file entry which will make your test setup more flexible.
Time needed: 15 minutes.
Set Up a Testing Site in Nginx on Ubuntu:
- Update Software Repositories on UbuntuUpdating the repositories is the best practice to start with any deployments on Linux. This helps to keep the system with the latest build, updates, and patches.
$ sudo apt update && sudo apt upgrade
- Install Nginx on UbuntuNginx is included in the default repositories from 20.04 and later versions. Use this command to install Nginx on Ubuntu.
$ sudo apt-get install nginx
- Verify the Installation of Nginx on UbuntuYou can verify the installation of Nginx just by using the version command.
$ nginx -v
- Start Nginx serviceMake sure the service of the Nginx is active and running. See the commands to start, stop, check the status of the Nginx service here below.
To check the Status:
$ sudo systemctl status nginx
To start Nginx:
$ sudo systemctl start nginx
To stop Nginx:
$ sudo systemctl stop nginx
- Enable the Nginx at the boot timeThe start and stop command shown in the previous step work for once. You may need to start the service at each reboot. You can set the Nginx service to either start or stop at the boot time. Run these commands to enable or disable the service at the boot time.
To enable Nginx at boot:
$ sudo systemctl enable nginx
To disable Nginx at boot:
$ sudo systemctl disable nginx
To reload the Nginx service (used to apply configuration changes):
$ sudo systemctl reload nginx
To hard restart of Nginx:
$ sudo systemctl restart nginx
- Display the available Nginx profilesNginx installs few profiles for the UFW firewall to allow the Nginx traffic to pass through the firewall.
To display the available Nginx profiles:
$ sudo ufw app list
- Allow Nginx Traffic on UFW (Uncomplicated Firewall)Nginx installs few profiles for the UFW firewall to allow the Nginx traffic to pass through the firewall.
To display the available Nginx profiles:
$ sudo ufw app list
To allow the Nginx traffic through the UFW firewall:
$ sudo ufw allow ‘nginx http’
To allow the encrypted Nginx traffic through the UFW firewall:
$ sudo ufw allow ‘nginx https’
To allow both HTTP and HTTPS:
$ sudo ufw allow ‘nginx full’
To reload the firewall rules:
$ sudo ufw reload
- Verify the Nginx service is runningTo verify the Nginx service, open the web browser and type this URL http://127.0.0.1. You will see the Nginx page if it is running on your machine.
If you are in the CLI terminal use curl utility to load the page on CLI. Commands to install the curl utility and load the page on CLI is here.
$ sudo apt-get install curl
$ curl –i 127.0.0.1
The default Nginx html page is located in /var/www/html/index.nginx-debian.html. You can design this page by editing or replacing the html code of index.nginx-debian.html file.
Till now all the steps written are mandatory to set up a testing site on Nginx. The steps covered from here are optional. However, we urge you to complete the following steps too because we have covered configuring server blocks and host file editing which are required to host multiple sites on a single Nginx server.
- Configure a Server Block on NginxMost of the times you may need to host multiple sites/domains on a single web server. It reduces time, hardware, and power costs. Most of the modern web servers accomplish this via virtual hosts. In Nginx those virtual machines are function as server blocks. Nginx has one default server block preconfigured. We are not going to tweak the default server block. We will create a new one for example site.
- Create a directory for test siteCreate a directory for your site under /var/www/.
$ sudo mkdir -p /var/www/exampledomain.com/html
- Set the permission and ownershipRun these commands to set the permission and ownership of exampledomain.com directory.
$ sudo chown $USER:$USER /var/www/exampledomain.com
$ sudo chmod 755 /var/www/exampledomain.com
- Create an index.html file for the test siteUse any text editor to create index file. We have used nano editor in the demonstration. You can design this as per your need.
$ sudo nano /var/www/exampledomain.com/html/index.html
Press CTRL+o to save the file and Press CTRL+x to exit the file in nano.
- Create the server block configuration fileCreate a configuration file for your server block.
$ sudo nano /etc/nginx/sites-available/exampledomain.com
- Code of Nginx server block configuration fileWrite the below code inside the server block configuration file.
server {
listen 80;
root /var/www/exampledomain.com/html;
index index.html index.htm index.nginx.debian.html;
server_name exampledomain.com www.exampledomain.com;
location / {
try_files $uri $uri/ =404;
}
}
Press CTRL+o to save the file and Press CTRL+x to exit the file in nano.
- Create symbolic link of the configuration fileCreate symbolic link of the configuration file in startup directory.
To create symbolic link:
$ sudo ln -s /etc/nginx/sites-available/exampledomain.com /etc/nginx/sites-enabled
- Restart the Nginx ServiceRun this command to restart the Nginx service.
$ sudo systemctl restart nginx
- Test the server block configuration in NginxIssue this command to test the configurations.
$ sudo nginx –t
- Add the host file entryThis step is again optional. However, we recommend to add host entry to map the ip address with the testing domain. This will allow you to use the domain name directly in the browser.
Use this command to check the IP address of your system.
$ hostname –i
Edit the file /etc/hosts in nano editor.
$ sudo nano /etc/hosts
Add the below line right below the localhost entry.
127.0.1.1 exampledomain.com www. exampledomain .com
Press CTRL+o to save the file and Press CTRL+x to exit the file in nano.
- Restart Nginx service
Command to restart Nginx service.
$ sudo systemctl restart nginx
- Brows the test domain in a web browser
http://exampledomain.com
You should see the browser loading the index page that you created in step 12.