Running Magento On Nginx (LEMP) on Debian Squeeze/Ubuntu 11.04

This tutorial shows how you can install and run Magento on a Debian Squeeze or Ubuntu 11.04 system that has nginx installed instead of Apache (LEMP = Linux + nginx (pronounced “engine x”) + MySQL + PHP). Magento is an open-source, feature-rich ecommerce platform; I will use the Magento Community Edition here which is licensed under an open source certified license (OSL v3.0). nginx is a HTTP server that uses much less resources than Apache and delivers pages a lot of faster, especially static files.

I want to install Magento in a vhost called here with the document root /var/www/

Installing APC
APC is a free and open PHP opcode cacher for caching and optimizing PHP intermediate code. It’s similar to other PHP opcode cachers, such as eAccelerator and XCache. It is strongly recommended to have one of these installed to speed up your PHP page.

APC can be installed as follows:

~# apt-get install php-apc

~# /etc/init.d/php5-fpm restart

~# netstat -tap

to find out the PID of the current spawn-fcgi process:

~# [email protected]:~# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:sunrpc *:* LISTEN 734/portmap
tcp 0 0 *:www *:* LISTEN 2987/nginx
tcp 0 0 *:ssh *:* LISTEN 1531/sshd
tcp 0 0 *:57174 *:* LISTEN 748/rpc.statd
tcp 0 0 localhost.localdom:smtp *:* LISTEN 1507/exim4
tcp 0 0 localhost.localdom:9000 *:* LISTEN 1542/php5-cgi
tcp 0 0 localhost.localdo:mysql *:* LISTEN 1168/mysqld
tcp 0 52 ESTABLISHED 1557/0
tcp6 0 0 [::]:www [::]:* LISTEN 2987/nginx
tcp6 0 0 [::]:ssh [::]:* LISTEN 1531/sshd
tcp6 0 0 ip6-localhost:smtp [::]:* LISTEN 1507/exim4
[email protected]:~#

In the above output, the PID is 1542, so we can kill the current process as follows:

~# kill -9 1542

Afterwards we create a new spawn-fcgi process:

~# /usr/bin/spawn-fcgi -a -p 9000 -u www-data -g www-data -f /usr/bin/php5-cgi -P /var/run/

Installing Magento
The document root of my web site is /var/www/ – if it doesn’t exist, create it as follows:

~# mkdir -p /var/www/

You can now either download Magento from to your client PC, uncompress it and upload the contents of the magento folder to your document root (/var/www/, or you do it as follows on the command line:

~# cd /tmp
~# wget
~# tar xvfz magento-
~# mv magento/* magento/.htaccess /var/www/

It is recommended to make the document root and the Magento files in it writable by the nginx daemon which is running as user www-data and group www-data:

~# chown -R www-data:www-data /var/www/

If you have downloaded and uncompressed Magento in your /tmp directory, you can clean it up as follows:

~# cd /tmp
~# rm -rf magento/ magento-

If you haven’t already created a MySQL database for Magento (including a MySQL Magento user), you can do that as follows (I name the database magento in this example, and the user is called magento_admin, and his password is magento_admin_password):

~# mysql -u root -p


GRANT ALL PRIVILEGES ON magento.* TO ‘magento_admin’@’localhost’ IDENTIFIED BY ‘magento_admin_password’;
GRANT ALL PRIVILEGES ON magento.* TO ‘magento_admin’@’localhost.localdomain’ IDENTIFIED BY ‘magento_admin_password’;



Because you can run your Magento shop website under http and under https (that’s totally up to you if you want to offer https, but recommended if your customers submit sensitive data such as credit card numbers, etc.), we need to add the following section to the http {} section in /etc/nginx/nginx.conf (before the two include lines) which determines if the visitor uses http or https and sets the $fastcgi_https variable (which we will use in our vhost) accordingly:

~# vi /etc/nginx/nginx.conf

http {
## Detect when HTTPS is used
map $scheme $fastcgi_https {
default off;
https on;

# Virtual Host Configs

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
Next we create an nginx vhost configuration for our vhost in the /etc/nginx/sites-available/ directory as follows:

~# vi /etc/nginx/sites-available/

server {
listen 80;

## SSL directives might go here
## see
## if you want to enable SSL for this vhost

root /var/www/;

## rewrites to
if ($http_host != “”) {
rewrite ^ $scheme://$request_uri permanent;

location / {
index index.html index.php; ## Allow a static html file to be shown first
try_files $uri $uri/ @handler; ## If missing pass the URI to Magento’s front handler
expires 30d; ## Assume all files are cachable

## These locations would be hidden by .htaccess normally
location /app/ { deny all; }
location /includes/ { deny all; }
location /lib/ { deny all; }
location /media/downloadable/ { deny all; }
location /pkginfo/ { deny all; }
location /report/config.xml { deny all; }
location /var/ { deny all; }

location /var/export/ { ## Allow admins only to view export folder
auth_basic “Restricted”; ## Message shown in login window
auth_basic_user_file /var/www/; ## See /etc/nginx/htpassword
autoindex on;

## Disable .htaccess and other hidden files
location ~ /. {
deny all;
access_log off;
log_not_found off;

location @handler { ## Magento uses a common front handler
rewrite / /index.php;

location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;

location ~ .php$ { ## Execute PHP scripts
if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss

expires off; ## Do not cache dynamic content
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params; ## See /etc/nginx/fastcgi_params
See the comments in the above configuration if you want to enable https for the vhost. The procedure is described in this tutorial: How To Set Up SSL Vhosts Under Nginx + SNI Support (Ubuntu 11.04/Debian Squeeze)

As you see, we want to password-protect the /var/www/ directory. Password protection can be set up as follows (please read Basic HTTP Authentication With Nginx for more details):

~# apt-get install apache2-utils

~# htpasswd -c /var/www/ admin1

~# htpasswd /var/www/ admin2

(Create a password for as many admin users as you like.)

To enable that vhost, we create a symlink to it from the /etc/nginx/sites-enabled/ directory:

~# cd /etc/nginx/sites-enabled/
~# ln -s /etc/nginx/sites-available/

Reload nginx for the changes to take effect:

~# /etc/init.d/nginx reload

Launching The Web-Based Magento Installer

Now we can launch the web-based Magento installer by going to

magento -1
magento -1

accept the Magento license and click on Continue:

magento -2
magento -2

Select your language, time zone, and the default currency for your Magento shop:

magento -3
magento -3

On the next screen, fill in your MySQL database details in the Database Connection section

magento -4
magento -4

then scroll to the Web access options section. The Base URL and Admin Path fields should already be filled out (make sure that exists in DNS or at least in your /etc/hosts file because otherwise the Magento installer will refuse to continue the installation if it can’t resolve the host from the Base URL field – if you don’t want Magento to check if it can resolve the host, check the Skip Base URL Validation Before the Next Step checkbox). In order to make Magento use clean, search-engine friendly URLs, you should check Use Web Server (Apache) Rewrites as well. If you configured your Magento vhost to use https, also check Use Secure URLs (SSL):

magento -5
magento -5

Then scroll down to the bottom. The default option under Session Storage Options should be fine, so you can click on Continue:

magento -6
magento -6

Now fill in your personal details and a username and password for the Magento administration interface. You can also fill in an encryption key that Magento will use to encrypt passwords, credit card numbers, etc., but if you leave it empty, the installer will generate one for you. Click on Continue:

magento -7
magento -7

The installation is now finished. If you chose to let the Magento installer generate an encryption key for you, it is now displayed to you, and you should make a note of it. You can now use the Go to Frontend button to check out how your shop looks (links to; the Go to Backend button brings you to the login of the admin panel (

magento -8
magento -8

This is how the frontend looks – as there are no producty yet, it is pretty empty:

magento -9
magento -9

Under, you will find the login to the Magento admin panel – log in with the username and password that you specified during the installation:

magento -10
magento -10

This is how the admin panel looks:

magento -11
magento -11

That’s it! Have fun with your Magento shop.


Content credit: mp3 skulls