Nginx, PHP-FPM Installation Guide on Ubuntu 10.04

In my first screen cast ever, I'll guide you through setting up Nginx with php-fpm on Ubuntu 10.04. The text instructions and snippets used in the video are located below.

Nginx/PHP package installation

cd /tmp
# Add a necessary repository.
sudo apt-get install python-software-properties
sudo add-apt-repository ppa:brianmercer/php
sudo apt-get update
# Install nginx,php5, and php5-fpm
sudo apt-get install nginx
sudo apt-get install php5-cli php5-common php5-mysql php5-suhosin php5-gd php5-dev
sudo apt-get install php5-fpm php5-cgi php-pear php5-memcache php-apc

Testing Nginx and php-fpm installations

Verify php5-fpm can start
    $ sudo service php5-fpm start
Create a symbolic link to the default sites-available file to test nginx.
    $ cd /etc/nginx/sites-enabled
    $ sudo ln -s ../sites-available/default default
    $ sudo service nginx start
You should now be able to visit (or your equivalent) and see "Welcome to Nginx!" If the installation was successful, remove the symbolic link and stop our processes.
    $ sudo rm default
    $ sudo service nginx stop
    $ sudo service php5-fpm stop

Nginx configuration

Credit to Wordpress for these configuration files. Move to nginx directory
    $ cd /etc/nginx
Edit the nginx.conf file. Replace the contents with what's below. Note that you must use sudo when editing all these nginx configuration files.
# Generic startup file.
user www-data;
worker_processes  2;

error_log  /var/log/nginx/error.log;
pid        /var/run/;

# Keeps the logs free of messages about not being able to bind().
#daemon     off;

events {
  worker_connections  1024;

http {
# rewrite_log on;

  include mime.types;
  default_type       application/octet-stream;
  access_log         /var/log/nginx/access.log;
  sendfile           on;
# tcp_nopush         on;
  keepalive_timeout  3;
# tcp_nodelay        on;
# gzip               on;
  client_max_body_size 13m;
  index              index.php index.html index.htm;

  # Upstream to abstract backend connection(s) for PHP.
  upstream php {
#   server unix:/tmp/php-fpm.sock;

    include sites-enabled/*;
  # The default server.
    server {
  listen       80 default;
  server_name  everythingelse;

  # Everything is a 404
  location / {
    return 404;

Move to the sites-available directory.
    $ cd sites-available
Create a file named and paste in the following:
# Redirect everything to the main site.
server {
  server_name *;
  root /var/www/;

  if ($http_host != "") {
    rewrite ^$request_uri permanent;

  include global/restrictions.conf;
  include global/php5-fpm.conf;
Create a global directory within the nginx directory.
    $ cd /etc/nginx
    $ sudo mkdir global
    $ cd global
Create a file called restrictions.conf within the global directory and paste in the following:
# Global restrictions configuration file.
# Designed to be included in any server {} block.

location = /favicon.ico {
  log_not_found off;
  access_log off;

location = /robots.txt {
  allow all;
  log_not_found off;
  access_log off;

# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
  deny all;
  access_log off;
  log_not_found off;
Now create a php5-fpm.conf file within the global directory and paste in the following:
# Pass all .php files onto a php-fpm/php-fcgi server.
location ~ \.php$ {
  # Zero-day exploit defense.
  # Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
  # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine.  And then cross your fingers that you won't get hacked.
  try_files $uri =404;

  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

  include fastcgi_params;
  fastcgi_index index.php;
  fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_intercept_errors on;
  fastcgi_pass php;

Setting up the site

Activate our server configuration via symbolic link in the sites-enabled directory
    $ cd /etc/nginx/sites-enabled
    $ sudo ln -s ../sites-available/
Now navigate to our www directory, where we will store our sites.
    $ cd /var/www
Create a web group
    $ sudo groupadd web
Add your administrative user to the web group
    $ sudo usermod -a -G web YOURUSER
If you're logged in as the administrative user (which you most likely are), log out and log back in. Verify the user is a part of the web group
    $ groups
Now make the web group the group of the directory
    $ sudo chgrp web /var/www
Make the ```/var/www``` directory group writable.
    $ sudo chmod -R 775 /var/www
Make all files subsequently created in the /var/www directory belong to the web group
    $ sudo chmod g+s /var/www
Now we can create the directory
    $ mkdir
    $ cd
Create an index.php file and paste in the following
<!--?php phpinfo(); ?-->
Now start nginx
    $ sudo service nginx start
The web page won't display because we haven't started php5-fpm
    $ sudo service php5-fpm start
Now we should be able to see our phpinfo in the browser! February 12, 2012
About the Author:

Joseph is the lead developer of Vert Studios Follow Joseph on Twitter: @Joe_Query
Subscribe to the blog: RSS
Visit Joseph's site: