Install and Configure Nginx on Ubuntu 25.04

Nginx is a free, open-source web server designed to efficiently host static and dynamic web applications or services. It can serve as a web server, load balancer, reverse proxy, or HTTP cache, allowing seamless integration with other components in a full stack environment or direct application delivery through your server’s IP or domain.

This guide demonstrates how to install and configure Nginx on Ubuntu 25.04, including setting up sample web applications for optimal server performance.

Prerequisites

Before proceeding, ensure you have the following:

• Access to an Ubuntu 25.04 instance as a non-root user with sudo privileges.
• A domain A record pointing to the instance’s public IP address (e.g., app.example.com).

Install Nginx on Ubuntu 25.04

Nginx is available in Ubuntu’s default APT repositories. Follow the steps below to update the package index and install Nginx on your server.

Update the Package Index

$ sudo apt update

Install Nginx

$ sudo apt install nginx -y

Check Installed Nginx Version

$ nginx -version

Example output:

nginx version: nginx/1.26.3 (Ubuntu)

Manage the Nginx Service

Nginx runs as a systemd service on Ubuntu, allowing you to control and manage its runtime easily. Use the following commands to manage Nginx operations.

Enable Nginx to Start on Boot

$ sudo systemctl enable nginx

Example output:

Synchronizing state of nginx.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable nginx

Start, Stop, and Restart Nginx

Start Nginx:

$ sudo systemctl start nginx

Stop Nginx:

$ sudo systemctl stop nginx

Restart Nginx:

$ sudo systemctl restart nginx

Check Nginx Status

$ sudo systemctl status nginx

Example output:

● nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; preset: enabled)
     Active: active (running) since Wed 2025-04-23 16:27:12 UTC; 8s ago
 Invocation: 83add31885be44869b2e3573230fbdee
       Docs: man:nginx(8)
    Process: 5578 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
    Process: 5580 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
   Main PID: 5581 (nginx)
      Tasks: 5 (limit: 8761)
     Memory: 4.4M (peak: 5M)
        CPU: 35ms
     CGroup: /system.slice/nginx.service
             ├─5581 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
             ├─5582 "nginx: worker process"
             ├─5583 "nginx: worker process"
             ├─5584 "nginx: worker process"
             └─5585 "nginx: worker process"

If the output shows Active: active (running), Nginx is running successfully. If it indicates Active: failed, stop any service using port 80 and restart Nginx.

Create a New Nginx Virtual Host

Virtual hosts define how Nginx serves specific web applications based on domain and directory structure. Follow the steps below to configure one.

Create a Virtual Host Configuration File

$ sudo nano /etc/nginx/sites-available/app.example.com.conf

Add the Virtual Host Configuration

server {
        listen 80;
        listen [::]:80;

        server_name app.example.com;

        root /var/www/app.example.com;
        index index.html;

        location / {
                try_files $uri $uri/ =404;
        }
}

This configuration ensures that Nginx listens for requests sent to app.example.com and serves files from /var/www/app.example.com.

Enable the Virtual Host

Link the configuration to the /etc/nginx/sites-enabled directory to activate it.

$ sudo ln -s /etc/nginx/sites-available/app.example.com.conf /etc/nginx/sites-enabled/

Create the Web Root Directory

$ sudo mkdir -p /var/www/app.example.com

Create an HTML File

$ sudo nano /var/www/app.example.com/index.html

Add HTML Content

<html>
    <head></head>
    <body>
        <h1>Greetings from centron</h1> 
    </body>
</html>

When accessed in a browser, this HTML file displays a “Greetings from centron” message.

Test the Configuration

$ sudo nginx -t

Example output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Restart Nginx

$ sudo systemctl restart nginx

Verify the Virtual Host

Use curl to verify that your domain serves the correct page.

$ curl http://app.example.com

Expected output:

<html>
    <head></head>
    <body>
        <h1>Greetings from centron</h1> 
    </body>
</html>

Secure the Nginx Web Server

SSL certificates safeguard communication between a user’s browser and the Nginx web server by encrypting data over HTTPS. Since Nginx listens on the unencrypted HTTP port 80 by default, enhancing security involves obtaining a trusted SSL certificate through Let’s Encrypt using Certbot. Follow the steps below to secure your Nginx server with HTTPS support.

Install Certbot

Install the Let’s Encrypt Certbot client using Snap:

$ sudo snap install --classic certbot

Check Certbot Version

Verify that Certbot was installed successfully:

$ certbot --version

Example output:

certbot 4.0.0

Allow HTTP Traffic for Domain Verification

Allow incoming HTTP connections on port 80 for Certbot’s ACME domain verification process:

$ sudo ufw allow 80/tcp

Generate an SSL Certificate

Request and install an SSL certificate for your domain. Replace app.example.com with your actual domain name configured in your Nginx virtual host.

$ sudo certbot --nginx -d app.example.com --agree-tos

Example output:

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/app.example.com/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/app.example.com/privkey.pem
This certificate expires on 2025-07-22.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Deploying certificate
Successfully deployed certificate for app.example.com to /etc/nginx/sites-enabled/app.example.com.conf
Congratulations! You have successfully enabled HTTPS on https://app.example.com

Set Up Firewall Rules

Ubuntu 25.04 comes with the Uncomplicated Firewall (UFW) preinstalled and enabled. Use the commands below to configure UFW and allow secure HTTPS traffic to your Nginx web server.

Allow HTTPS Traffic

Enable connections on port 443 to allow secure HTTPS traffic:

$ sudo ufw allow 443/tcp

Check Firewall Status

Verify that the updated firewall rules are active:

$ sudo ufw status

Example output:

Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
22/tcp (v6)                ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)

Conclusion

You have successfully installed Nginx on Ubuntu 25.04 and configured it to securely serve your web applications using trusted Let’s Encrypt SSL certificates. Nginx supports multiple virtual host setups and can be integrated with MySQL, PHP, or other services to deliver dynamic and secure web applications. For further optimization and security settings, refer to the official Nginx documentation.