How to Install Nginx on Ubuntu 26.04, 24.04 and 22.04

Ubuntu already ships a solid Nginx package in the default repositories, so getting a reverse proxy, a static site server, or the first piece of a LEMP stack online does not need a third-party repo project. You can install Nginx on Ubuntu 26.04, 24.04, and 22.04 straight from APT and move into service checks, firewall rules, and site setup with the stock Ubuntu layout.

For the standard Ubuntu path, you do not download a separate installer. The base nginx package is enough for most deployments, while nginx-full and nginx-extras only make sense when you need their extra Ubuntu-packaged modules. Ubuntu Server, cloud VPS, and minimal images follow the same APT flow, although stripped-down images may still be missing helper tools like curl. If you need a newer upstream branch instead, use the separate guides to install Nginx Mainline on Ubuntu or build Nginx from source on Ubuntu.

Install Nginx on Ubuntu

Start with Ubuntu’s packaged branch unless you already know you need nginx.org mainline or a source build. The default repository path integrates cleanly with systemd, UFW, and the standard Ubuntu file layout.

Choose the Ubuntu Nginx package

Ubuntu offers three common Nginx package choices through its repositories:

Package	What you get	Best for	Trade-offs
nginx	The standard Ubuntu Nginx package with the default module set	Most reverse proxies, static sites, and first-time installs	Fewer optional modules than the larger Ubuntu variants
nginx-full	nginx plus extra packaged modules such as auth PAM, DAV, GeoIP2, subs filter, and upstream fair	Servers that need more packaged modules without leaving Ubuntu repositories	Larger footprint than the default package
nginx-extras	nginx plus the broadest Ubuntu-packaged module set, including image filter, Perl, mail, stream, fancyindex, uploadprogress, and nchan	Stacks that already depend on Ubuntu’s extra modules	The heaviest package set, and a poor fit if you later switch to nginx.org packages

Choose one package before you install Nginx. For most users, install nginx. Move to nginx-full only when you know you need one of its packaged modules, and treat nginx-extras as a niche option for servers that already depend on those extra Ubuntu modules. On current Ubuntu LTS releases, nginx-full and nginx-extras come from the universe repository, so some stripped-down images may need you to enable Universe on Ubuntu before those package names appear.

Update Ubuntu and install Nginx

Refresh package metadata and apply pending updates before installing the web server:

sudo apt update && sudo apt upgrade -y

Commands that install packages or change service files need sudo. If your account is not in the sudoers file yet, follow the guide to add a new user to sudoers on Ubuntu first.

Install the default package with:

sudo apt install nginx -y

If you chose one of the larger module bundles, install that package instead of the default package. Run only the variant you need.

sudo apt install nginx-full -y

sudo apt install nginx-extras -y

Ubuntu starts and enables the service during installation on all three supported LTS releases, so you usually do not need a separate start command unless you disabled it earlier.

Verify the Nginx installation on Ubuntu

Check the installed version first:

nginx -v

nginx version: nginx/1.28.3 (Ubuntu)

Then confirm the service is active and enabled:

systemctl is-active nginx
systemctl is-enabled nginx

active
enabled

If the service is not active, bring it back with sudo systemctl enable --now nginx and re-run the status check.

Ubuntu’s packaged Nginx branch depends on your LTS release, so version queries are normal:

Ubuntu release	Default Nginx version	What to expect
Ubuntu 26.04	1.28.x	The newest Ubuntu-packaged branch in the current LTS set
Ubuntu 24.04	1.24.x	A long-lived baseline for most LTS deployments
Ubuntu 22.04	1.18.x	An older feature set; move to mainline if you need a newer upstream branch

Current version output prints nginx version: nginx/1.28.3 (Ubuntu) on Ubuntu 26.04, nginx version: nginx/1.24.0 (Ubuntu) on Ubuntu 24.04, and nginx version: nginx/1.18.0 (Ubuntu) on Ubuntu 22.04.

Configure Firewall Rules for Nginx on Ubuntu

UFW is often installed on Ubuntu servers and cloud images, but it is usually inactive until you enable it. Check its current state before assuming the firewall is already protecting the host.

Allow SSH before enabling UFW on Ubuntu

If you are connected remotely, allow SSH first so enabling the firewall does not cut off your session:

sudo ufw status
sudo ufw allow OpenSSH

Status: inactive

Rules updated
Rules updated (v6)

For a broader UFW walkthrough after Nginx is online, use the guide to install and configure UFW firewall on Ubuntu.

Allow the right Nginx UFW profile on Ubuntu

After Nginx is installed, UFW exposes application profiles you can use instead of raw port numbers:

sudo ufw app list

Relevant lines include the Nginx profiles:

Available applications:
  Nginx Full
  Nginx HTTP
  Nginx HTTPS

• Nginx HTTP opens port 80 only.
• Nginx HTTPS opens port 443 only.
• Nginx Full opens both ports 80 and 443.

On Ubuntu 26.04 you may also see Nginx QUIC, which only matters after you intentionally configure HTTP/3. For a standard web server, the usual choice is Nginx Full.

sudo ufw allow 'Nginx Full'
sudo ufw --force enable
sudo ufw status numbered

Status: active

     To                         Action      From
     --                         ------      ----
[ 2] OpenSSH                    ALLOW IN    Anywhere
[ 3] Nginx Full                 ALLOW IN    Anywhere
[ 5] OpenSSH (v6)               ALLOW IN    Anywhere (v6)
[ 6] Nginx Full (v6)            ALLOW IN    Anywhere (v6)

Your server may already have extra rules, so the numbering can differ. The important part is seeing the Nginx profile you chose and an active firewall state.

Create an Nginx Server Block on Ubuntu

A fresh Nginx install serves the default welcome page from /var/www/html. For a real domain, create a separate web root and a separate server block so your site configuration stays isolated from Ubuntu’s stock default.

Create the web root for your Nginx site on Ubuntu

Ubuntu runs Nginx worker processes as www-data by default, so using that user and group keeps a simple static site straightforward.

sudo mkdir -p /var/www/example.com/html
sudo chown -R www-data:www-data /var/www/example.com

Create a basic test page for the new site:

sudo nano /var/www/example.com/html/index.html

Paste in a small test page like this, then save the file:

<html>
  <head>
    <title>example.com on Ubuntu</title>
  </head>
  <body>
    <h1>Nginx server block is working on Ubuntu</h1>
  </body>
</html>

Create the Nginx server block file on Ubuntu

Create a new site definition in sites-available:

sudo nano /etc/nginx/sites-available/example.com.conf

Use this basic server block as the starting point:

server {
    listen 80;
    listen [::]:80;

    server_name example.com www.example.com;
    root /var/www/example.com/html;
    index index.html;

    location / {
        try_files $uri $uri/ =404;
    }
}

The server_name line ties this block to your domain, and the root line points Nginx at the site files you just created. Once this base site works, you can expand it into a reverse proxy, add URL rewrites, or change listening ports with guides on creating a reverse proxy in Nginx, creating rewrite rules in Nginx, and changing ports in Nginx.

Enable the Nginx server block and test the configuration

Link the new file into sites-enabled, which is the switch that tells Ubuntu’s Nginx layout to load the server block, then validate and restart the service:

sudo ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-enabled/example.com.conf
sudo nginx -t
sudo systemctl restart nginx

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

To confirm the symlink points at the expected site file, resolve it directly:

readlink -f /etc/nginx/sites-enabled/example.com.conf

/etc/nginx/sites-available/example.com.conf

Test the Nginx server block before DNS changes finish

Opening http://example.com in a browser only works after the domain already points to this server. Until DNS catches up, test locally with curl by sending the request to the server IP while keeping the domain in the Host header.

Some minimal Ubuntu images do not include curl yet. Install it first if the next command returns curl: command not found, or run the same request from another Linux machine that can reach the server.

sudo apt install curl -y

If you run the test over SSH on the server, 127.0.0.1 is the server itself. From another machine, replace 127.0.0.1 with the server’s actual public or private IP.

curl -fsS -H 'Host: example.com' http://127.0.0.1/

<html>
  <head>
    <title>example.com on Ubuntu</title>
  </head>
  <body>
    <h1>Nginx server block is working on Ubuntu</h1>
  </body>
</html>

Manage Nginx on Ubuntu

Once the web server is online, daily maintenance mostly comes down to a few service commands, a small set of file locations, and the normal Ubuntu update path.

Use systemctl to manage Nginx on Ubuntu

Use reload after configuration changes, restart after deeper module or package changes, and enable --now if you need to restore the service immediately:

sudo systemctl reload nginx
sudo systemctl restart nginx
sudo systemctl enable --now nginx
sudo systemctl disable --now nginx

Find important Nginx files and directories on Ubuntu

Path	Purpose
/etc/nginx/nginx.conf	Main global Nginx configuration file
/etc/nginx/sites-available/	Site definitions you keep available but not necessarily enabled
/etc/nginx/sites-enabled/	Symlinks for the server blocks Nginx actually loads
/var/www/html/	Ubuntu’s default web root for the stock welcome page
/var/log/nginx/access.log	Request log
/var/log/nginx/error.log	Error log for syntax, permissions, and upstream failures

Ubuntu’s Nginx worker processes run as www-data by default, which matters when you are setting ownership on web roots, PHP-FPM sockets, cache directories, or upload locations.

Update Nginx on Ubuntu

Use the normal Ubuntu package path to pull newer Nginx updates from your configured repositories:

sudo apt update
sudo apt install --only-upgrade nginx nginx-common -y

APT either installs the available update or reports that the packages are already at the newest revision for your enabled Ubuntu repositories. If you installed nginx-full or nginx-extras, include that package name in the upgrade command too so the matching module bundle stays in sync.

Secure Nginx on Ubuntu with Certbot

Once your domain already points at the server and the HTTP site answers correctly, Ubuntu’s Certbot integration is the quickest path to HTTPS. For a fuller TLS walkthrough, use the dedicated guide to secure Nginx with Let’s Encrypt on Ubuntu.

Install Certbot for Nginx on Ubuntu

Install the Nginx plugin and verify that Certbot is available:

sudo apt install python3-certbot-nginx -y
certbot --version

The version output should begin with certbot followed by the packaged branch for your Ubuntu release. Ubuntu 24.04 and 22.04 print older Certbot branches, but the Nginx plugin and timer-based renewal workflow are the same.

When DNS is live for your real domain, issue the certificate against the server block you already tested:

sudo certbot --nginx -d example.com -d www.example.com

Certbot will prompt for your email address and whether HTTP traffic should redirect to HTTPS. After the certificate is issued, it updates the Nginx configuration for you.

Confirm the Certbot renewal timer on Ubuntu

Current Ubuntu packages use a systemd timer for renewal checks, so you do not need to create a custom cron job:

systemctl is-enabled certbot.timer
systemctl is-active certbot.timer

enabled
active

That timer-based flow is the current Ubuntu behavior, so old tutorials that still tell you to build a manual Certbot cron job are out of date.

Troubleshoot Nginx on Ubuntu

Most first-run Nginx problems on Ubuntu come down to one of three things: another service already owns port 80, the configuration does not pass nginx -t, or the server is still answering with the stock welcome page instead of your own site.

Fix port 80 conflicts for Nginx on Ubuntu

If Nginx will not start, check what is already listening on TCP port 80. Pairing ss with grep keeps the output focused on the listener you actually care about.

sudo ss -lntp | grep -E '(:80[[:space:]]|:80$)'

Relevant output can look like this; the process ID and file descriptor numbers vary:

LISTEN 0      5            0.0.0.0:80        0.0.0.0:*    users:(("python3",pid=[varies],fd=[varies]))

That output means some other service already owns the port. Stop or reconfigure the conflicting process, then start Nginx again and confirm it returns to an active state.

Fix Nginx configuration test failures on Ubuntu

Always run a configuration test before you reload or restart the service:

sudo nginx -t

Relevant output for a failed test includes the broken directive and the file that contains it. The line number varies with your file:

[emerg] unknown directive "invalid_directive" in /etc/nginx/sites-enabled/example.com.conf:[line varies]
nginx: configuration file /etc/nginx/nginx.conf test failed

The file path matters more than the exact text. Fix the broken directive, missing semicolon, or mismatched brace in that file, then run sudo nginx -t again until you get the successful output shown earlier in the server-block section.

Fix the Welcome to nginx page after adding a site on Ubuntu

If your browser still shows the stock welcome page, the usual causes are unfinished DNS propagation or the default site still being enabled. The fastest split test is to hit the server locally with your real hostname.

curl -fsS -H 'Host: example.com' http://127.0.0.1/

If that command returns your custom page, Nginx is already configured correctly and DNS is the remaining issue. If it still lands on the stock page and this server only needs your own site, remove the default symlink and restart Nginx:

sudo rm /etc/nginx/sites-enabled/default
sudo systemctl restart nginx

Remove Nginx from Ubuntu

If you no longer need the web server, stop it first and purge the Ubuntu packages. Include nginx-full or nginx-extras in the same command only if you installed one of those variants.

sudo systemctl disable --now nginx
sudo apt remove --purge -y nginx nginx-common nginx-core nginx-full nginx-extras

Preview the dependency cleanup before removing anything else:

sudo apt autoremove --dry-run

If the preview only lists packages you expect to remove, run the cleanup interactively:

sudo apt autoremove

Confirm no Nginx packages remain installed:

if dpkg -l 'nginx*' 2>/dev/null | grep '^ii'; then
    echo "Some Nginx packages are still installed"
else
    echo "No installed Nginx packages found"
fi

No installed Nginx packages found

On current Ubuntu releases, purging nginx and nginx-common removes /etc/nginx for you, so a separate rm -rf /etc/nginx step is usually unnecessary.

Only remove web roots and certificate directories if you created them yourself and know you no longer need the site data. Those paths can contain your actual application files, uploads, or live TLS material.

sudo rm -rf /var/www/example.com
sudo rm -rf /etc/letsencrypt/live/example.com /etc/letsencrypt/archive/example.com
sudo rm -f /etc/letsencrypt/renewal/example.com.conf

Conclusion

Nginx is running on Ubuntu with the package branch that matches your LTS release, the firewall open for web traffic, and a server block you can test before DNS fully propagates. From here, you can create a reverse proxy in Nginx, configure security headers in Nginx, or move into a full stack with install WordPress with Nginx, MariaDB, and PHP on Ubuntu.