Webserver with Nginx Varnish MySQL – LEMP + V Stack on cloud

1-click AWS Deployment    1-click Azure Deployment



NGINX is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. It started out as a web server designed for maximum performance and stability. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers. 

 NGINX as a Web Server 

The goal behind NGINX was to create the fastest web server around, and maintaining that excellence is still a central goal of the project. NGINX consistently beats Apache and other servers in benchmarks measuring web server performance. Since the original release of NGINX however, websites have expanded from simple HTML pages to dynamic, multifaceted content. NGINX has grown along with it and now supports all the components of the modern Web, including WebSocket, HTTP/2, and streaming of multiple video formats (HDS, HLS, RTMP, and others). 

NGINX Beyond Web Serving 

Though NGINX became famous as the fastest web server, the scalable underlying architecture has proved ideal for many web tasks beyond serving content. Because it can handle a high volume of connections, NGINX is commonly used as a reverse proxy and load balancer to manage incoming traffic and distribute it to slower upstream servers – anything from legacy database servers to microservices. 

NGINX also is frequently placed between clients and a second web server, to serve as an SSL/TLS terminator or a web accelerator. Acting as an intermediary, NGINX efficiently handles tasks that might slow down your web server, such as negotiating SSL/TLS or compressing and caching content to improve performance. Dynamic sites, built using anything from Node.js to PHP, commonly deploy NGINX as a content cache and reverse proxy to reduce load on application servers and make the most effective use of the underlying hardware. 

What  NGINX and NGINX Plus Do  

NGINX Plus and NGINX are the best-in-class web server and application delivery solutions used by hightraffic websites such as Dropbox, Netflix, and Zynga. More than 400 million websites worldwide rely on NGINX Plus and NGINX to deliver their content quickly, reliably, and securely. 

  • NGINX makes hardware load balancers obsolete. As a software-only open source load balancer, NGINX is less expensive and more configurable than hardware load balancers, and is designed for modern cloud architectures. NGINX Plus supports on-the-fly reconfiguration and integrates with modern DevOps tools for easier monitoring. 
  • NGINX is a multifunction tool. With NGINX, you can use the same tool as your load balancer, reverse proxy, content cache, and web server, minimizing the amount of tooling and configuration your organization needs to maintain. NGINX offers tutorials, webinars, and a wide array of documentation to get you on your feet. NGINX Plus includes rapid-response customer support, so you can easily get help diagnosing any part of your stack that uses NGINX or NGINX Plus. 
  • NGINX keeps evolving. For the past decade NGINX has been at the forefront of development of the modern Web, and has helped lead the way on everything from HTTP/2 to microservices support. As development and delivery of web applications continue to evolve, NGINX Plus keeps adding features to enable flawless application delivery, from the recently announced support for configuration using an implementation of JavaScript customized for NGINX, to support for dynamic modules. Using NGINX Plus ensures you’ll stay at the cutting edge of web performance. 

Flawless Application Delivery 

The world’s most innovative companies and largest enterprises rely on NGINX. 

Instead of using cPanel and Apache as nearly everyone uses today, we say “hello” to Varnish, NGINX, PHP-FPM, and PerconaSQL. 

Of course, just slapping some software together doesn’t make something quick nor reliable. 

You need to know what to tweak under what circumstances, in order to build a personalised server, built precisely your WordPress website. 

Thankfully there are plenty of tutorials on how to do this. But this post is not one of them. It’s more of a top-level overview of the NGiNX/Varnish webstack for WordPress, the benefits, and who it is for. 

Let’s read on! 

Why choose NGiNX instead of Apache for WordPress: 

In a traditional hosting server, whether shared or dedicated, when someone visits your website an Apache process handles each individual click that a viewer makes, sending requests to the MySQL database server in real-time. 

Each and every click results in queries being generated against the database, and of course each and every click, also results in your WordPress website being rendered by Apache & PHP, and sent to your viewers’ browser. 

Of course, some can say that “APC can cache just fine”, or “we use file caching, we don’t need anything else!” – while both are respectable statements, times have changed and caching is not an application level affair any longer. 

Heavy websites must be cached externally, this means, outside the application itself. 

It is perfectly acceptable for the web application to be aware of the caching, so that hit counters and the like are kept up to date, however the actual ‘caching’ process must be external to the webserver stack. 

Webserver (NGINX) 

Serving traffic at this pace is possible with Apache, but it will require a lot more server resources, especially RAM! 

This is why for high traffic WordPress websites, we only use NGiNX for our custom build webserver solutions. 

NGINX was developed by Igor Sysoev, and was battle-tested for years hosting site such as Yandex, VKontakte, Rambler, Mail.ru. 

NGINX is fully compatible with WordPress, and provides all the functionality you need to ‘set it and forget it’ without experiencing downtime and latency. And guess what? WordPress.com itself, uses NGINX!  

NGiNX shines because it is an event based webserver, whereas Apache is a process based server. The difference between the two systems is staggering under any semblance of load borne by heavy traffic.  

500 simultaneous connections would probably only cause Nginx to use a few megabytes of RAM whereas Apache would probably consume hundreds of megabytes (if it could do it at all). 

Its nice to know, that an advanced NGiNXwebstack for WordPress can be delivered with a fully functional control panel thanks to ISPConfig. And it’s also free, good to know. 

This gives you all the functionality you probably already use within cPanel like the ability to: 

  • Create domains with point and click 
  • Create mail accounts 
  • Reset passwords 
  • Access webmail 
  • Execute backups of domains and mailboxes 
  • Manage subdomains, 
  • And if needed, provide reseller accounts for your advanced clients. 
  • While it is possible for you to organise all of this on your own, we do not suggest experimenting on mission-critical production websites. The stakes are too high and there is little room for error when working on high-traffic WordPress sites. 
  • By choosing the right managed hosting provider you can get a full end to end support for your entire server, and the implementation of WordPress on your server as it relates to Caching, Databases, Webserver stack, Email, Backups, and PHP specifics. 
  • What’s the migration process look like? 
  • Discovery Call 
  • We usually recommend that customers follow a 30-minute initial discovery call over Skype with the implementation team to carry out a pre-migration audit on your setup. Large-scale migrations can be tricky so it’s important to spend the time to observe and plan before acting. 
  • Migration 
  • The best-managed WordPress hosting providers will make sure that during the migration, the implementation specialist debugs any and all problems associated with the webserver change to NGINX, databases to InnoDB if needed, etc. 
  • Validation  
  • Once this procedure is completed, sometimes a validation session of 30 minutes is organized to confirm proper operation of the website, databases, cron jobs, emails, forms, caching, and backup systems. 
  • DNS Change 
  • After everything’s validated to work perfect on the new setup you need to organize the specifics of the DNS configuration so that your website can be switched to the new server. 
  • Synchronisation 
  • The final step of this procedure is usually to synchronize files and database tables so that when your migration is completed, you have not lost a single post or comment on your WordPress website. 
  • Post-Migration Monitoring 
  • After the implementation is complete, monitoring is established on your server, and on your application. At EuroVPS, we use a combination of Paessler PRTG monitoring system to observe the real-time status of the server and New Relic to monitor the status of your website in real-time. 
  • Both together provide you with a transparency into your server’s inner workings and you can rest assured that you won’t wake up one morning to a downtime due to a flood of traffic, as we’ll know well in advance when the time to upgrade the server is – based on real metrics. 

 How does NGINX work 

Before learning more about NGINX, let’s take a look at how a web server works. When someone makes a request to open a webpage, the browser contacts the server of that website. Then, the server looks for the requested files for the page and sends it to the browser. This is only the simplest kind of request. 

The example above is also considered as a single thread. Traditional web servers create a single thread for every request, but NGINX does not work that way. As stated before, NGINX performs with an asynchronous, event-driven architecture. It means that similar threads are managed under one worker process, and each worker process contains smaller units called worker connections. This whole unit is then responsible for handling request threads. Worker connections deliver the requests to a worker process, which will also send it to the master process. 

 Finally, the master process provides the result of those requests. 

That may sound simple, but one worker connection can take care of up to 1024 similar requests. Because of that, NGINX can process thousands of requests without any difficulties. It is also the reason why NGINX became excellent for busy websites like e-commerce, search engines, and cloud storage. 

NGINX vs Apache 

Among popular web servers, Apache is one of the main rivals for NGINX. It has been around since the 90s and has a large user community as well. If you are curious about which web server is best for your needs, take a look at this brief and informative comparison between NGINX and Apache. 

  • OS support
    Compatibility is one of the little details you should consider when choosing software. Both NGINX and Apache can run on many operating systems that support the Unix system. Unfortunately, NGINX’s performance on Windows is not as great as on other platforms. 
  • User support
    Users, from first-timers to professionals, always need a good community that can help when they face problems. While both NGINX and Apache have mailing support and a Stack Overflow forum, Apache lacks support from its company, the Apache Foundation. 
  • Performance
    NGINX can simultaneously run 1000 connections of static content two times faster than Apache and uses a little less memory. When compared for their performance on running dynamic content, however, both have the same speed. NGINX is a better choice for those who have a more static website. 

How To Install Nginx on Ubuntu 16.04


Before you begin this guide, you should have a regular, non-root user with sudo privileges configured on your server. You can learn how to configure a regular user account by following our initial server setup guide for Ubuntu 16.04.

When you have an account available, log in as your non-root user to begin.

Step 1: Install Nginx

Nginx is available in Ubuntu’s default repositories, so the installation is rather straight forward.

Since this is our first interaction with the apt packaging system in this session, we will update our local package index so that we have access to the most recent package listings. Afterwards, we can install nginx:

  • sudo apt-get update
  • sudo apt-get install nginx

After accepting the procedure, apt-get will install Nginx and any required dependencies to your server.

Step 2: Adjust the Firewall

Before we can test Nginx, we need to reconfigure our firewall software to allow access to the service. Nginx registers itself as a service with ufw, our firewall, upon installation. This makes it rather easy to allow Nginx access.

We can list the applications configurations that ufw knows how to work with by typing:

  • sudo ufw app list

You should get a listing of the application profiles:

Available applications:
  Nginx Full
  Nginx HTTP
  Nginx HTTPS

As you can see, there are three profiles available for Nginx:

  • Nginx Full: This profile opens both port 80 (normal, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic)
  • Nginx HTTP: This profile opens only port 80 (normal, unencrypted web traffic)
  • Nginx HTTPS: This profile opens only port 443 (TLS/SSL encrypted traffic)

It is recommended that you enable the most restrictive profile that will still allow the traffic you’ve configured. Since we haven’t configured SSL for our server yet, in this guide, we will only need to allow traffic on port 80.

You can enable this by typing:

  • sudo ufw allow ‘Nginx HTTP’

You can verify the change by typing:

  • sudo ufw status

You should see HTTP traffic allowed in the displayed output:

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                  
Nginx HTTP                 ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)             
Nginx HTTP (v6)            ALLOW       Anywhere (v6)

Step 3: Check your Web Server

At the end of the installation process, Ubuntu 16.04 starts Nginx. The web server should already be up and running.

We can check with the systemd init system to make sure the service is running by typing:

  • systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
   Active: active (running) since Mon 2016-04-18 16:14:00 EDT; 4min 2s ago
 Main PID: 12857 (nginx)
   CGroup: /system.slice/nginx.service
           ├─12857 nginx: master process /usr/sbin/nginx -g daemon on; master_process on
           └─12858 nginx: worker process

As you can see above, the service appears to have started successfully. However, the best way to test this is to actually request a page from Nginx.

You can access the default Nginx landing page to confirm that the software is running properly. You can access this through your server’s domain name or IP address.

If you do not have a domain name set up for your server, you can learn how to set up a domain with DigitalOcean here.

If you do not want to set up a domain name for your server, you can use your server’s public IP address. If you do not know your server’s IP address, you can get it a few different ways from the command line.

Try typing this at your server’s command prompt:

  • ip addr show eth0 | grep inet | awk ‘{ print $2; }’ | sed ‘s/\/.*$//’

You will get back a few lines. You can try each in your web browser to see if they work.

An alternative is typing this, which should give you your public IP address as seen from another location on the internet:

  • sudo apt-get install curl
  • curl -4 icanhazip.com

When you have your server’s IP address or domain, enter it into your browser’s address bar:


You should see the default Nginx landing page, which should look something like this:

Nginx default page

This page is simply included with Nginx to show you that the server is running correctly.

Step 4: Manage the Nginx Process

Now that you have your web server up and running, we can go over some basic management commands.

To stop your web server, you can type:

  • sudo systemctl stop nginx

To start the web server when it is stopped, type:

  • sudo systemctl start nginx

To stop and then start the service again, type:

  • sudo systemctl restart nginx

If you are simply making configuration changes, Nginx can often reload without dropping connections. To do this, this command can be used:

  • sudo systemctl reload nginx

By default, Nginx is configured to start automatically when the server boots. If this is not what you want, you can disable this behavior by typing:

  • sudo systemctl disable nginx

To re-enable the service to start up at boot, you can type:

  • sudo systemctl enable nginx

Step 5: Get Familiar with Important Nginx Files and Directories

Now that you know how to manage the service itself, you should take a few minutes to familiarize yourself with a few important directories and files.


  • /var/www/html: The actual web content, which by default only consists of the default Nginx page you saw earlier, is served out of the /var/www/html directory. This can be changed by altering Nginx configuration files.

Server Configuration

  • /etc/nginx: The Nginx configuration directory. All of the Nginx configuration files reside here.
  • /etc/nginx/nginx.conf: The main Nginx configuration file. This can be modified to make changes to the Nginx global configuration.
  • /etc/nginx/sites-available/: The directory where per-site “server blocks” can be stored. Nginx will not use the configuration files found in this directory unless they are linked to the sites-enabled directory (see below). Typically, all server block configuration is done in this directory, and then enabled by linking to the other directory.
  • /etc/nginx/sites-enabled/: The directory where enabled per-site “server blocks” are stored. Typically, these are created by linking to configuration files found in the sites-available directory.
  • /etc/nginx/snippets: This directory contains configuration fragments that can be included elsewhere in the Nginx configuration. Potentially repeatable configuration segments are good candidates for refactoring into snippets.

Server Logs

  • /var/log/nginx/access.log: Every request to your web server is recorded in this log file unless Nginx is configured to do otherwise.
  • /var/log/nginx/error.log: Any Nginx errors will be recorded in this log.

 NGINX is a web server that also acts as an email proxy, reverse proxy, and load balancer. The software’s structure is asynchronous and event-driven; which enables the processing of many requests at the same time. NGINX is highly scalable as well, meaning that its service grows along with its clients’ traffic. NGINX and Apache are indeed two of the best web servers in the market. 

-A clustered web server on cloud is a technique used within web hosting to distribute the load across multiple machines or ‘nodes’. The aim of this technique is to remove single points of failure and increase website availability and uptime. It is typical that web clusters will utilize multiple backend and frontend nodes.

Clustering doesn’t have to be expensive and it’s extremely easy to get started with – this guide will demonstrate how to create a round robin two node clustered web server on cloud with Nginx and Varnish.

Varnish ® is a registered trademark of Varnish Software AB and its affiliates. Varnish is owned by Varnish Software(www.varnish-software.com/) and they own all related trademarks and IP rights for this software.

Nginx is owned by Nginx (https://www.nginx.com/) and they own all related trademarks and IP rights for this software.

Cognosys provides hardened images of Webserver with Nginx Varnish MySQL – LEMP + V Stack on all public cloud ( AWS marketplace and Azure ) also offers a secured and one-click deployment of Webserver with Nginx Varnish MySQL – LEMP + V Stack on cloud i.e. AWS marketplace and Azure with written and video tutorials.


Some common features seen in Nginx include: 

  • Reverse proxy with caching. 
  • IPv6. 
  • Load balancing. 
  • FastCGI support with caching. 
  • WebSockets. 
  • Handling of static files, index files, and auto-indexing. 
  • TLS/SSL with SNI. 

Major Features of Webserver with Nginx Varnish MySQL – LEMP +V stack on cloud

It is an enterprise grade webserver with Nginx, Reverse proxy, Varnish Cache, Antivirus, Malicious IP Blocking DDoS protection.

This is a hardened webserver with Optimum Stacks designed for a high cocnurrency and lower latency.
A) Haproxy offloading SSL traffic and serving as Software LB.
B) Varnish as the cache layer offloading the static traffic.
C) Nginx with all of its glory to serve as main webserver.
There are multiple other optimizations at each level which have not been documented right from Antivirus, DDoS attack protection, health checks etc.
D) SSH is allowed at public port 2222 / pvt Port 22
E) SMTP server to send email.
G) Antivirus scans every 24 hrs as well as every 2 hrs of your nginx folder.
H) Auto DDOS protection if attempt to brute force.


Installation Instructions For Ubuntu

Note : How to find PublicDNS in Azure

Step 1) SSH Connection: To connect to the deployed instance, Please follow Instructions to Connect to Ubuntu instance on Azure Cloud

1) Download Putty.

2) Connect to virtual machine using following SSH credentials:

  • Hostname: PublicDNS  / IP of machine
  • Port : 22

Username: Your chosen username when you created the machine ( For example:  Azureuser)
Password : Your Chosen Password when you created the machine ( How to reset the password if you do not remember)

Step 2) Database Login Details:

Username : root || Password : Passw@rd123

Please use MySQL root password Passw@rd123 for the MySQL configuration.

Note: Please change the password immediately after the first login. 

Step 3) Other Information:

1.PHP Version 5.6.30

2. Nginx root path is : /usr/share/nginx/html/

3.Varnish: Varnish serves the content on port 80 for Nginx running on port 8080.

This can changed with /etc/default/varnish and /etc/varnish/default.vcl

4.To restart services use:

  • service varnish restart
  • service nginx restart

5. Default ports:

  • Http: 8080 and 80
  • Mysql ports: By default these are not open on Public Endpoints. Mysql :3306

Configure custom inbound and outbound rules using this link


Windows Container – nginx demo

Webserver with Nginx Varnish MySQL – LEMP + V Stack on cloud

Related Posts