How to Install Drupal with Nginx and Let’s Encrypt SSL on Ubuntu 22.04


Drupal is a very talked-about open-source content material control machine that permits any individual to construct, arrange, and handle your web content’s content material with out coding wisdom.

Many other content material control answers are accessible, however now not all are proper for each undertaking. If you wish to have to construct a web content with one thing versatile and strong, glance no additional than the Drupal content material control machine.

Here, we will be able to see learn how to set up Drupal with Nginx and Let’s Encrypt SSL on Ubuntu 22.04.

Setup Environment
Install LEMP Stack

Follow the underneath hyperlinks to put in the LEMP stack for your Debian machine for Drupal set up.

Install EMP (Nginx, MariaDB, and PHP) on Ubuntu 22.04

Install PHP Extensions for Drupal

Use the apt command to put in PHP extensions for Drupal set up.

sudo apt replace

sudo apt set up -y php-mysql php-gd php-dom php-curl php-imagick php-zip php-xml php-mbstring php-json php-pdo php-cli php-apcu

sudo apt set up –no-install-recommends -y php-uploadprogress
Configure PHP for Drupal

The default PHP values might not be suitable for everybody, and you will wish to trade them in accordance with the requirement. So, replace the /and many others/php/8.1/fpm/php.ini document as consistent with your requirement. You might get started with the underneath values and build up or lower the values when required.

memory_limit = 256M

upload_max_filesize = 64M

post_max_size = 64M

realpath_cache_size = 256k

realpath_cache_ttl = 3600

sudo sed -i ‘s/^memory_limit = .*/memory_limit = 256M/g’ /and many others/php/8.1/fpm/php.ini

sudo sed -i ‘s/^upload_max_filesize = .*/upload_max_filesize = 64M/g’ /and many others/php/8.1/fpm/php.ini

sudo sed -i ‘s/^post_max_size = .*/post_max_size = 64M/g’ /and many others/php/8.1/fpm/php.ini

sudo sed -i ‘s/;realpath_cache_size = .*/realpath_cache_size = 256k/’ /and many others/php/8.1/fpm/php.ini

sudo sed -i ‘s/;realpath_cache_ttl = .*/realpath_cache_ttl = 3600/’ /and many others/php/8.1/fpm/php.ini

Setup Nginx Server Block for Drupal

We will get started with making a digital host for a Drupal set up. You can to find all Nginx’s digital host configuration information below /and many others/nginx/conf.d listing.

Typically, a server block comprises a website identify, port quantity, report root, log location, speedy CGI, and many others.

I’m assuming the next,

Domain identify: holhol24.web, www.holhol24.netPort No: 80Document root: /usr/proportion/nginx/www.holhol24.web/htmlLogs: /usr/proportion/nginx/www.holhol24.web/logsServer Block File: /and many others/nginx/conf.d/www.holhol24.web.conf

If you might have put in Nginx from the Ubuntu repository, you wish to have to create a server block configuration document below the /and many others/nginx/sites-available listing and WordPress information below the /var/www/html listing

First, create a digital host configuration document.

sudo nano /and many others/nginx/conf.d/www.holhol24.web.conf

Then, position the next content material into the above configuration document. However, you wish to have to switch server_name , root, and fastcgi_pass as consistent with your requirement.

server {
server_name holhol24.web www.holhol24.web;
root /usr/proportion/nginx/www.holhol24.web/html;

index index.php index.html;

access_log /usr/proportion/nginx/www.holhol24.web/logs/get entry to.log;
error_log /usr/proportion/nginx/www.holhol24.web/logs/error.log;

location = /favicon.ico {
log_not_found off;
access_log off;

location = /robots.txt {
permit all;
log_not_found off;
access_log off;

location ~* .(txt|log)$ {
deny all;

location ~ ..*/.*.php$ {
go back 403;

location ~ ^/websites/.*/non-public/ {
go back 403;

# Block get entry to to scripts in web page information listing
location ~ ^/websites/[^/]+/information/.*.php$ {
deny all;

# Allow “Well-Known URIs” as consistent with RFC 5785
location ~* ^/.well known/ {
permit all;

# Block get entry to to “hidden” information and directories whose names start with a
# length. This comprises directories utilized by model regulate programs such
# as Subversion or Git to retailer regulate information.
location ~ (^|/). {
go back 403;

location / {
try_files $uri /index.php?$query_string; # For Drupal >= 7

location @rewrite {
rewrite ^ /index.php; # For Drupal >= 7

# Don’t permit direct get entry to to PHP information within the dealer listing.
location ~ /dealer/.*.php$ {
deny all;
go back 404;

# Protect information and directories from prying eyes.
location ~* .(engine|inc|set up|make|module|profile|po|sh|.*sql|theme|twig|tpl(.php)?|xtmpl|yml)(~|.sw[op]|.bak|.orig|.save)?$|^(.(?!well known).*|Entries.*|Repository|Root|Tag|Template|composer.(json|lock)|internet.config)$|^#.*#$|.php(~|.sw[op]|.bak|.orig|.save)$ {
deny all;
go back 404;

location ~ ‘.php$|^/replace.php’ /.*)$;
try_files $fastcgi_script_name =404;
come with fastcgi_params;
fastcgi_param HTTP_PROXY “”;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;

location ~* .(js|css|png|jpg|jpeg|gif|ico|svg)$ {
try_files $uri @rewrite;
expires max;
log_not_found off;

# Fighting with Styles? This little gem is fantastic.
location ~ ^/websites/.*/information/types/ { # For Drupal >= 7
try_files $uri @rewrite;

# Handle non-public information via Drupal. Private document’s trail can come
# with a language prefix.
location ~ ^(/[a-z-]+)?/machine/information/ { # For Drupal >= 7
try_files $uri /index.php?$query_string;

# Enforce blank URLs
# Removes index.php from urls like –>
# Could be performed with 301 for everlasting or different redirect codes.
if ($request_uri ~* “^(.*/)index.php/(.*)”) {
go back 307 $1$2;

Then, create directories for putting Drupal information and logs.

sudo mkdir -p /usr/proportion/nginx/www.holhol24.web/html/

sudo mkdir -p /usr/proportion/nginx/www.holhol24.web/logs/

Finally, restart the Nginx and PHP-FPM services and products.

sudo systemctl reload nginx php8.1-fpm

Install Let’s Encrypt SSL Certificate
Create DNS Record

Go on your area registrar and create an A and CNAME (not obligatory if you wish to use www subdomain) report.

Non-www Domain Name (Ex. holhol24.web) >> A report level on your server IP
www Domain Name (Ex. www.holhol24.web) >> CNAME report level to holhol24.web

For this demo, I can create two data in order that my Drupal web content will probably be available at www.holhol24.web.

DNS RecordsInstall Certbot consumer

The Certbot consumer, which is helping us generate and set up the Let’s Encrypt SSL certificates in Nginx, is now accessible as a snap bundle for Debian. So, first, set up snapd daemon for your machine.

sudo apt replace

sudo apt set up -y snapd

Then, replace snapd to the most recent model.

sudo snap set up core && sudo snap refresh core

Finally, set up the Certbot consumer the use of the underneath command.

sudo snap set up –classic certbot

sudo ln -s /snap/bin/certbot /usr/bin/certbot
Install SSL Certificate

Use the underneath command to generate and set up the Let’s Encrypt SSL certificates within the Nginx internet server.

sudo certbot –nginx

1. Enter e-mail cope with to obtain notification on pressing renewal and safety notices2. Type Y and press Enter to sign up with the ACME server3. Type Y or N to obtain emails about EFF information, campaigns, and e-newsletter.4. Certbot will routinely discover the Drupal area and ask you to turn on HTTPS in your Drupal web content. Type 1 or suitable numbers separated via a comma you probably have a couple of internet sites.

Which names do you want to turn on HTTPS for?
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
1: holhol24.web
2: www.holhol24.web
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Select the precise numbers separated via commas and/or areas, or depart enter
clean to make a choice all choices proven (Enter ‘c’ to cancel): 1,2

Wait for the SSL set up to finish. You will now be capable to get entry to the web content with HTTPS.

Note: If you get entry to the web content now, you’re going to get a 403 forbidden error since you are but to position Drupal information.

Redirect non-www HTTP requests to www HTTPS with Nginx

You will wish to configure the Nginx server to redirect the visitors from the non-www HTTP web page to the WWW HTTPS web page, I.e., http://holhol24.web >> https://www.holhol24.web.

Auto-Renew SSL Certificate

The Certbot consumer now comprises auto-renewal of SSL certificate in the course of the systemd. So, you’re going to now not must renew the certificate manually.

Install Drupal with Nginx
Create Database for Drupal

First, login into MariaDB/MySQL database server.

sudo mysql -u root -p

Then, create a database, person, and password for Drupal set up.


CREATE USER ‘drupaluser’@’localhost’ IDENTIFIED BY ‘password’;

GRANT ALL PRIVILEGES ON drupaldb.* TO ‘drupaluser’@’localhost’;

Download Drupal Package

Download the most recent model of the Drupal installer via the use of the next command.

wget -O drupal-latest.tar.gz

Then, extract the downloaded document.

tar -zxvf drupal-latest.tar.gz

And then, transfer the information on your web content report root listing.

sudo mv drupal-*/* /usr/proportion/nginx/www.holhol24.web/html/

Update the possession and a gaggle of the Drupal web content listing.

sudo chown -R www-data:www-data /usr/proportion/nginx/www.holhol24.web/
Install Drupal CMS

Open your browser and discuss with your Drupal area to accomplish the Drupal set up.


1. Choose Language in your Drupal set up and web content, after which click on Save and proceed

2. Select an set up profile this is appropriate for you, after which click on Save and proceed

3. Enter the Drupal database main points within the Database configuration web page after which click on Save and proceed

4. Wait for the Drupal set up to finish

5. You will wish to Configure web page via getting into Site Information, Site Maintenance Account, Region Settings, and Update Notifications. Finally, click on Save and proceed

6. Upon crowning glory, the installer will redirect you to the Drupal back-end to regulate the set up. Alternatively, you’ll get entry to the Drupal back-end via going to https://your-drupal-website/person/login

Access Drupal Website

Now, it is possible for you to to get entry to the web page along with your area identify.


Drupal Front End

Screenshot of Drupal CMS Back-End:

Drupal Backend

After putting in, allow the Trusted Host Settings to offer protection to your Drupal web content in opposition to HTTP HOST Header assaults.


That’s All. I am hoping you might have discovered learn how to set up Drupal with Nginx and Let’s Encrypt SSL on Ubuntu 22.04.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More