If you're looking for an SSH client to connnect to your VPS host, try the MobaXterm free Xserver and tabbed SSH client for Windows.
It's the complete toolbox for remote computing and you can find out more information at: MobaXterm free Xserver and tabbed SSH client for Windows
Activate X11 Forwarding using SSH
X11 Forwarding enforces traffic security through SSH by the way of X11 tunneling or port forwarding.
:~# cd;sudo chmod 0600 ~/.Xauthority;sudo grep X11Forwarding /etc/ssh/sshd_config
Update Debian Repositories
Debian wheezy doesn't include the backports the software repository listing, so we must manually add it. Edit the Debian repository list file with your favorite text editor.
:~# sudo nano /etc/apt/sources.list
Copy and paste the following into the bottom of the repository list file.
deb http://ftp.debian.org/debian/ wheezy-backports main contrib non-free deb http://ftp.us.debian.org/debian wheezy-backports main deb-src http://ftp.us.debian.org/debian wheezy-backports main deb http://packages.dotdeb.org wheezy all deb-src http://packages.dotdeb.org wheezy all deb http://packages.dotdeb.org wheezy-php55 all deb-src http://packages.dotdeb.org wheezy-php55 all
Add repository public software keys.
:~# cd;sudo apt-key adv --recv-keys --keyserver keys.gnupg.net add 4D722217 :~# cd;sudo wget http://www.dotdeb.org/dotdeb.gpg;sudo apt-key add dotdeb.gpg :~# cd;sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 627220E7 :~# cd;sudo gpg --keyserver hkp://keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A;sudo gpg -a --export CD2EFD2A | apt-key add - :~# cd;sudo wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/Public-Key;sudo mv Public-Key pcrelib.gpg;sudo apt-key add pcrelib.gpg
Update Debian repositories package lists with the following.
:~# sudo apt-get -y update :~# sudo apt-get -y upgrade
Time Zone and Swap File Configuration
Configure the desired time zone data.
:~# sudo dpkg-reconfigure tzdata
Set up the swap file (optional).
:~# sudo apt-get install dphys-swapfile;sudo /sbin/swapon -s;sudo reboot
Debian Essential Packages
Install Debian essential building packages, which is essential to build any Debian package on the system.
:~# sudo apt-get -y install dpkg-dev build-essential zlib1g-dev libpcre3 libpcre3-dev libpcrecpp0 libssl-dev unzip git curl
Nginx Build Dependencies
Install nginx build dependencies from the backports repository.
:~# sudo apt-get -t wheezy-backports build-dep nginx;sudo mkdir /var/lib/nginx;sudo mkdir /var/lib/nginx/body
Nginx Custom Build
Nginx doesn't natively support "Dynamic Loading of Modules," which basically gives you the freedom of adding plug-ins or modules to software after it's been installed. The only way to add modules to nginx is by adding them during compile-time. The following modules have been proven to enhance the performance of Nginx. The version of Nginx being build is known as Tengine, a web server originated by Taobao, the largest e-commerce website in Asia. It's based on the Nginx HTTP server and includes many advanced features. Tengine has proven to be very stable, efficient and hosts many of the top 100 websites in the world.
- Automatic PageSpeed optimization module for Nginx speeds up site and reduces page load time.
:~# cd;sudo wget https://github.com/pagespeed/ngx_pagespeed/archive/v1.8.31.3-beta.zip;sudo unzip v1.8.31.3-beta.zip;sudo rm -f v1.8.31.3-beta.zip :~# cd ngx_pagespeed-1.8.31.3-beta/ :~# sudo wget https://dl.google.com/dl/page-speed/psol/1.8.31.3.tar.gz;sudo tar -xzvf 1.8.31.3.tar.gz;sudo rm -f 1.8.31.3.tar.gz
- NginxHttpHeadersMoreModule allows for more control of output or input headers.
:~# cd;sudo wget https://github.com/agentzh/headers-more-nginx-module/archive/v0.25.tar.gz;sudo tar -xvzf v0.25.tar.gz;sudo rm -f v0.25.tar.gz
- NAXSI means Nginx Anti Xss & Sql Injection. NAXSI is an open-source, high performance, low rules maintenance web application firewall for Nginx.
:~# cd;sudo wget https://github.com/nbs-system/naxsi/archive/master.zip;sudo unzip master.zip;sudo rm -f master.zip
- Enhanced Nginx Memached Module uses memcached to do cache into nginx, with many advanced features.
:~# cd;sudo git clone git://github.com/bpaquet/ngx_http_enhanced_memcached_module.git
- FRiCKLE Ngx_cache_purge module adds the ability to purge content from FastCGI, proxy, SCGI and uWSGI caches.
:~# cd;sudo git clone http://github.com/FRiCKLE/ngx_cache_purge
- Masterzen Nginx-upload-progress-module implements an upload progress system, that monitors RFC1867 POST uploads as they are transmitted to upstream servers.
:~# cd;sudo wget https://github.com/masterzen/nginx-upload-progress-module/archive/master.zip;sudo unzip master.zip;sudo rm -f master.zip
- PCRE - Perl Compatible Regular Expressions library. The PCRE library is a set of functions that implement regular expression pattern matching using the same syntax and semantics as Perl 5.
:~# cd;sudo wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.35.tar.gz;sudo tar -xvzf pcre-8.35.tar.gz;sudo rm -f pcre-8.35.tar.gz
- Zlib - A Massively Spiffy Yet Delicately Unobtrusive Compression Library Unencumbered by Patents.
:~# cd;sudo wget http://zlib.net/zlib-1.2.8.tar.gz;sudo tar -xvzf zlib-1.2.8.tar.gz;sudo rm -f zlib-1.2.8.tar.gz
- Openresty Lua-nginx-module embeds the power of Lua into Nginx. OpenResty is a web application server that bundles the standard Nginx core, 3rd-party Nginx modules and most of their external dependencies. OpenResty runs your server-side web apps completely in the Nginx server.
:~# cd;sudo wget https://github.com/openresty/lua-nginx-module/archive/master.zip;sudo unzip master.zip;sudo rm -f master.zip
- Cloudflare Lua-upstream-cache-nginx-module for ngx_lua to provide Lua API to inspect upstream http cache meta-data. This module extends the lua-nginx Lua module. It adds the ability to read and set values from nginx's internal cache metadata.
:~# cd;sudo wget https://github.com/cloudflare/lua-nginx-cache-module/archive/master.zip;sudo unzip master.zip;sudo rm -f master.zip
- Tengine has developed their own Nginx version because they have strong requirements to enhance it. Their website is the largest e-commerce website in Asia and ranked #14 on Alexa's top sites list. Many of the features they need can't be implemented by writing modules.
:~# cd;sudo wget http://tengine.taobao.org/download/tengine-2.0.3.tar.gz;sudo tar -xvzf tengine-2.0.3.tar.gz;sudo rm -f tengine-2.0.3.tar.gz
Host Directory and Permissions
Create a directory where the web site files will be stored and we need to grant permissions so the files can be accessed.
:~# sudo mkdir -p /srv/www;sudo chmod 755 /srv/www;sudo chown -R www-data:www-data /srv/www
Building the Custom Nginx Package
If you enter the following commands ...
:~# cd /root/tengine-2.0.3;sudo ./configure --help
You will receive the following output ... (gives an idea of the variety of Nginx build configuration settings)
====================================================================== ./configure --help --help print this message --prefix=PATH set installation prefix --sbin-path=PATH set nginx binary pathname --conf-path=PATH set nginx.conf pathname --error-log-path=PATH set error log pathname --pid-path=PATH set nginx.pid pathname --lock-path=PATH set nginx.lock pathname --user=USER set non-privileged user for worker processes --group=GROUP set non-privileged group for worker processes --builddir=DIR set build directory --enable-mods-shared=all enable all the modules to be shared --enable-mods-static=all enable all the modules to be static --dso-path=DIR set dso default load path --dso-tool-path=DIR set dso_tool pathname --dso-max-modules=*) set max dso module(default is 256) --includedir=DIR set C header files[PREFIX/include] --with-rtsig_module enable rtsig module --with-select_module enable select module --without-select_module disable select module --with-poll_module enable poll module --without-poll_module disable poll module --without-procs disable procs module --with-file-aio enable file AIO support --with-ipv6 enable IPv6 support --without-syslog disable syslog logging --without-dso disable dso module load --with-http_spdy_module enable ngx_http_spdy_module --with-http_realip_module enable ngx_http_realip_module --with-http_addition_module enable ngx_http_addition_filter_module --with-http_xslt_module enable ngx_http_xslt_filter_module --with-http_image_filter_module enable ngx_http_image_filter_module --with-http_geoip_module enable ngx_http_geoip_module --with-http_sub_module enable ngx_http_sub_filter_module --with-http_dav_module enable ngx_http_dav_module --with-http_flv_module enable ngx_http_flv_module --with-http_slice_module enable ngx_http_slice_module --with-http_mp4_module enable ngx_http_mp4_module --with-http_gunzip_module enable ngx_http_gunzip_module --with-http_gzip_static_module enable ngx_http_gzip_static_module --with-http_concat_module enable ngx_http_concat_module --with-http_random_index_module enable ngx_http_random_index_module --with-http_secure_link_module enable ngx_http_secure_link_module --with-http_degradation_module enable ngx_http_degradation_module --with-http_sysguard_module enable ngx_http_sysguard_module --with-http_addition_module=shared enable ngx_http_addition_filter_module (shared) --with-http_xslt_module=shared enable ngx_http_xslt_filter_module (shared) --with-http_image_filter_module=shared enable ngx_http_image_filter_module (shared) --with-http_geoip_module=shared enable ngx_http_geoip_module --with-http_sub_module=shared enable ngx_http_sub_filter_module (shared) --with-http_flv_module=shared enable ngx_http_flv_module (shared) --with-http_slice_module=shared enable ngx_http_slice_module (shared) --with-http_mp4_module=shared enable ngx_http_mp4_module (shared) --with-http_concat_module=shared enable ngx_http_concat_module (shared) --with-http_random_index_module=shared enable ngx_http_random_index_module (shared) --with-http_secure_link_module=shared enable ngx_http_secure_link_module (shared) --with-http_sysguard_module=shared enable ngx_http_sysguard_module (shared) --with-http_charset_filter_module=shared enable ngx_http_charset_filter_module (shared) --with-http_userid_filter_module=shared enable ngx_http_userid_filter_module (shared) --with-http_footer_filter_module=shared enable ngx_http_footer_filter_module (shared) --with-http_trim_filter_module=shared enable ngx_http_trim_filter_module (shared) --with-http_access_module=shared enable ngx_http_access_module (shared) --with-http_autoindex_module=shared enable ngx_http_autoindex_module (shared) --with-http_map_module=shared enable ngx_http_map_module (shared) --with-http_split_clients_module=shared enable ngx_http_split_clients_module (shared) --with-http_referer_module=shared enable ngx_http_referer_module (shared) --with-http_rewrite_module=shared enable ngx_http_rewrite_module (shared) --with-http_fastcgi_module=shared enable ngx_http_fastcgi_module (shared) --with-http_uwsgi_module=shared enable ngx_http_uwsgi_module (shared) --with-http_scgi_module=shared enable ngx_http_scgi_module (shared) --with-http_memcached_module=shared enable ngx_http_memcached_module (shared) --with-http_limit_conn_module=shared enable ngx_http_limit_conn_module (shared) --with-http_limit_req_module=shared enable ngx_http_limit_req_module (shared) --with-http_empty_gif_module=shared enable ngx_http_empty_gif_module (shared) --with-http_browser_module=shared enable ngx_http_browser_module (shared) --with-http_user_agent_module=shared enable ngx_http_user_agent_module (shared) --with-http_upstream_ip_hash_module=shared enable ngx_http_upstream_ip_hash_module (shared) --with-http_upstream_least_conn_module=shared enable ngx_http_upstream_least_conn_module (shared) --with-http_upstream_session_sticky_module=shared enable ngx_http_upstream_session_sticky_module (shared) --with-http_reqstat_module=shared enable ngx_http_reqstat_module (shared) --without-http_charset_module disable ngx_http_charset_filter_module --without-http_gzip_module disable ngx_http_gzip_filter_module --without-http_ssi_module disable ngx_http_ssi_module --without-http_ssl_module disable ngx_http_ssl_module --without-http_userid_module disable ngx_http_userid_filter_module --without-http_footer_filter_module disable ngx_http_footer_filter_module --without-http_trim_filter_module disable ngx_http_trim_filter_module --without-http_access_module disable ngx_http_access_module --without-http_auth_basic_module disable ngx_http_auth_basic_module --without-http_autoindex_module disable ngx_http_autoindex_module --without-http_geo_module disable ngx_http_geo_module --without-http_map_module disable ngx_http_map_module --without-http_split_clients_module disable ngx_http_split_clients_module --without-http_referer_module disable ngx_http_referer_module --without-http_rewrite_module disable ngx_http_rewrite_module --without-http_proxy_module disable ngx_http_proxy_module --without-http_fastcgi_module disable ngx_http_fastcgi_module --without-http_uwsgi_module disable ngx_http_uwsgi_module --without-http_scgi_module disable ngx_http_scgi_module --without-http_memcached_module disable ngx_http_memcached_module --without-http_limit_conn_module disable ngx_http_limit_conn_module --without-http_limit_req_module disable ngx_http_limit_req_module --without-http_empty_gif_module disable ngx_http_empty_gif_module --without-http_browser_module disable ngx_http_browser_module --without-http_upstream_check_module disable ngx_http_upstream_check_module --without-http_upstream_least_conn_module disable ngx_http_upstream_least_conn_module --without-http_upstream_session_sticky_module disable ngx_http_upstream_session_sticky_module --without-http_upstream_keepalive_module disable ngx_http_upstream_keepalive_module --without-http_upstream_ip_hash_module disable ngx_http_upstream_ip_hash_module --without-http_upstream_consistent_hash_module disable ngx_http_upstream_consistent_hash_module --without-http_user_agent_module disable ngx_http_user_agent_module --without-http_stub_status_module disable ngx_http_stub_status_module --without-http_reqstat_module disable ngx_http_reqstat_module --with-http_perl_module enable ngx_http_perl_module --with-perl_modules_path=PATH set Perl modules path --with-perl=PATH set perl binary pathname --without-http-upstream-rbtree disable using rbtree for upstream lookup --with-http_lua_module enable ngx_http_lua_module (will also enable --with-md5 and --with-sha1) --with-http_lua_module=shared enable ngx_http_lua_module (shared) (will also enable --with-md5 and --with-sha1) --with-luajit-inc=PATH set LuaJIT headers path (where lua.h/lauxlib.h/... are located) --with-luajit-lib=PATH set LuaJIT library path (where libluajit-5.1.{a,so} are located) --with-lua-inc=PATH set Lua headers path (where lua.h/lauxlib.h/... are located) --with-lua-lib=PATH set Lua library path (where liblua.{a,so} are located, only support Lua-5.1.x) --with-http_tfs_module enable ngx_http_tfs_module (will also enable --with-md5) --with-http_tfs_module=shared enable ngx_http_tfs_module (shared) (will also enable --with-md5) --with-libyajl-inc=PATH set libyajl headers path (where yajl.h is located) --with-libyajl-lib=PATH set libyajl library path (where libyajl.{a,so} is located) --http-log-path=PATH set http access log pathname --http-client-body-temp-path=PATH set path to store http client request body temporary files --http-proxy-temp-path=PATH set path to store http proxy temporary files --http-fastcgi-temp-path=PATH set path to store http fastcgi temporary files --http-uwsgi-temp-path=PATH set path to store http uwsgi temporary files --http-scgi-temp-path=PATH set path to store http scgi temporary files --without-http disable HTTP server --without-http-cache disable HTTP cache --with-mail enable POP3/IMAP4/SMTP proxy module --with-mail_ssl_module enable ngx_mail_ssl_module --without-mail_pop3_module disable ngx_mail_pop3_module --without-mail_imap_module disable ngx_mail_imap_module --without-mail_smtp_module disable ngx_mail_smtp_module --with-google_perftools_module enable ngx_google_perftools_module --with-cpp_test_module enable ngx_cpp_test_module --with-backtrace_module enable ngx_backtrace_module --add-module=PATH enable an external module --with-cc=PATH set C compiler pathname --with-cpp=PATH set C preprocessor pathname --with-cc-opt=OPTIONS set additional C compiler options --with-ld-opt=OPTIONS set additional linker options --with-cpu-opt=CPU build for the specified CPU, valid values: pentium, pentiumpro, pentium3, pentium4, athlon, opteron, sparc32, sparc64, ppc64 --without-pcre disable PCRE library usage --with-pcre force PCRE library usage --with-pcre=DIR set path to PCRE library sources --with-pcre-opt=OPTIONS set additional build options for PCRE --with-pcre-jit build PCRE with JIT compilation support --with-md5=DIR set path to md5 library sources --with-md5-opt=OPTIONS set additional build options for md5 --with-md5-asm use md5 assembler sources --with-sha1=DIR set path to sha1 library sources --with-sha1-opt=OPTIONS set additional build options for sha1 --with-sha1-asm use sha1 assembler sources --with-zlib=DIR set path to zlib library sources --with-zlib-opt=OPTIONS set additional build options for zlib --with-zlib-asm=CPU use zlib assembler sources optimized for the specified CPU, valid values: pentium, pentiumpro --with-libatomic force libatomic_ops library usage --with-libatomic=DIR set path to libatomic_ops library sources --with-jemalloc force jemalloc library usage --with-jemalloc=DIR set path to jemalloc library files --with-openssl=DIR set path to OpenSSL library sources --with-openssl-opt=OPTIONS set additional build options for OpenSSL --with-debug enable debug logging ======================================================================
It's time to build your custom package, which includes the modules you downloaded.
:~# cd /root/tengine-2.0.3
Copy the entire block of text below and paste it into your server terminal window.
:~# Begin copy here: >sudo ./configure --prefix=/srv/www --sbin-path=/usr/local/sbin/nginx --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --http-proxy-temp-path=/var/lib/nginx/proxy --lock-path=/var/lock/nginx.lock --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-log-path=/var/log/nginx/access.log --user=www-data --group=www-data --without-http_proxy_module --without-mail_pop3_module --without-mail_smtp_module --without-mail_imap_module --without-http_uwsgi_module --without-http_scgi_module --with-ipv6 --with-http_spdy_module --with-http_gzip_static_module --with-http_stub_status_module --with-pcre=$HOME/pcre-8.35 --with-pcre-jit --with-zlib=$HOME/zlib-1.2.8 --add-module=$HOME/lua-nginx-module-master --add-module=$HOME/lua-upstream-cache-nginx-module-master --add-module=$HOME/ngx_pagespeed-1.8.31.3-beta --add-module=$HOME/ngx_cache_purge --add-module=$HOME/naxsi-master/naxsi_src --add-module=$HOME/ngx_http_enhanced_memcached_module --add-module=$HOME/nginx-upload-progress-module-master --add-module=$HOME/headers-more-nginx-module-0.25< End copy here:
Your configuration summary should look something like this:
Configuration summary + using PCRE library: /root/pcre-8.35 + using system OpenSSL library + md5: using OpenSSL library + sha1: using OpenSSL library + using zlib library: /root/zlib-1.2.8 + jemalloc library is disabled nginx path prefix: "/srv/www" nginx binary file: "/usr/local/sbin/nginx" nginx configuration prefix: "/etc/nginx" nginx configuration file: "/etc/nginx/nginx.conf" nginx pid file: "/var/run/nginx.pid" nginx error log file: "/var/log/nginx/error.log" nginx http access log file: "/var/log/nginx/access.log" nginx http client request body temporary files: "/var/lib/nginx/body" nginx dso module path: "/srv/www/modules/" nginx http fastcgi temporary files: "/var/lib/nginx/fastcgi"
The following commands will actually install your compiled version of Nginx.
:~# cd /root/tengine-2.0.3;sudo make;sudo make install
Enable Nginx
Now, it's time to fire this thing up.
:~# cd;sudo git clone https://github.com/Fleshgrinder/nginx-sysvinit-script.git;sudo cp nginx-sysvinit-script/nginx /etc/init.d/nginx :~# sudo chmod +x /etc/init.d/nginx;sudo chown root:root /etc/init.d/nginx;sudo chmod 755 /etc/init.d/nginx;sudo /usr/sbin/update-rc.d -f nginx defaults :~# sudo mkdir /etc/nginx/conf.d/;sudo mkdir /etc/nginx/sites-enabled/;sudo mkdir /var/cache/nginx/;sudo mkdir /var/cache/nginx/microcache :~# sudo service nginx start;sudo nginx -t -c /etc/nginx/nginx.conf;sudo nginx -v
If everything worked as desired, the output will be as follows:
[ ok ] nginx: starting. the configuration file /etc/nginx/nginx.conf syntax is ok configuration file /etc/nginx/nginx.conf test is successful Tengine version: Tengine/2.0.3 (nginx/1.4.7)
Congratulations, you have successfully installed your very own high performance Nginx custom-built web server.