# Nginx + PHP-FPM on Ubuntu 24.04  
[![OS](https://img.shields.io/badge/ubuntu-24.04-E95420)](#)
[![Shell](https://img.shields.io/badge/shell-bash-121011)](#)
[![WebServer](https://img.shields.io/badge/server-nginx-009639)](#)
[![PHP](https://img.shields.io/badge/php-fpm-777BB4)](#)
[![License](https://img.shields.io/badge/License-MIT-green)](./LICENSE)

Install Nginx + PHP-FPM on Ubuntu 24.04 server.

This is not a guide and not a toy.  
This is a production-grade installer — secure, structured, and ready for multiple applications.

## Why this installer exists
Default Nginx configs become unmanageable quickly. This setup keeps things structured and predictable.

## What this installer does  
✔ Creates snippet directory for modular config  
✔ Optional security and bot-blocking modules  
✔ Cloudflare Real-IP support  
✔ Requests to bare server IP return **444**  
✔ Suitable for WordPress, Gitea, Zabbix, Wiki and more

## What this installer does *NOT* do
It won’t stop you from running the script without reading the documentation like there’s no tomorrow.  
Skip the README, and whatever happens next is your headache, not a bug report.

---

## 1. Prepare your system

```
sudo apt update -y
```

---

## 2. Download and enter the installer

```
git clone https://git.x-files.dk/webserver/nginx-ubuntu.git
```

```
cd nginx-ubuntu
```

---

## 3. Run the installer

```
sudo ./nginxinstall
```

After this runs, you have:

| Feature | Status |
|--------|--------|
| Nginx installed & enabled | ✓ |
| PHP-FPM configured | ✓ |
| Snippet structure created | ✓ |
| Default website disabled | ✓ (returns HTTP 444) |
| Cloudflare Real-IP support | ✓ |
| Bad-bot blocking available | ✓ |
| Custom error pages | ✓ editable |

---

## Included Nginx Features

### `/etc/nginx/nginx-snippets/`  

Reusable drop-in configs:

| Snippet | Purpose |
|--------|---------|
| cloudflare.conf | Fixes real visitor IPs |
| block-bots.conf | Drops garbage traffic |
| csp.conf | Security headers |
| ssl.conf | TLS configuration |
| errorpages/ | Custom 40x/50x pages |

---

### Default IP response

Server IP access = **444 Drop.**  
Because your server is not public property.

---

### Caching

Performance tuning examples included, **commented until activated intentionally**.

---

## What happens after install?

Example vhost:

```
server {
    listen 443 ssl http2;
    server_name yourdomain.com;

    include nginx-snippets/cloudflare.conf;
    include nginx-snippets/block-bots.conf;

    root /var/www/yourproject;
    index index.php index.html;
}
```

---

### More Information

More guides and documentation can be found on [wiki.x-files.dk](https://wiki.x-files.dk)

---

### License
Licensed under the [MIT License](./LICENSE).

---