This guide explains how to configure Nginx to serve a Vvveb CMS installation securely and efficiently.
It applies to both single‑site and multi‑site setups.

1. Copy the Vvveb Nginx Configuration

Vvveb includes a ready‑to‑use nginx.conf file in the root folder.
To enable it, copy it into your Nginx sites-available directory and create a symbolic link in sites-enabled:

sudo cp nginx.conf /etc/nginx/sites-available/vvveb
sudo ln -s /etc/nginx/sites-available/vvveb /etc/nginx/sites-enabled/vvveb

After adding the configuration, test and reload Nginx:

sudo nginx -t
sudo systemctl reload nginx

2. File Permissions (Important for Security)

To keep your installation secure, ensure that only the owner can write or execute sensitive PHP files.

Required permissions:

Executable PHP entry points

These files must be readable and executable only by the owner:

  • index.php
  • admin/index.php
  • install/index.php

Set permissions to:

744

This means:

  • Owner: read, write, execute
  • Group: read
  • Others: read

Admin and Install folders

The admin and install directories should also be restricted:

744

This prevents group and world users from writing or executing files inside these directories.

3. Document Root Recommendation

For best security, point your Nginx root directive to:

/var/html/vvveb/public

This ensures:

  • Only one PHP file (public/index.php) is exposed
  • Core system files, plugins, and configuration remain outside the public web root
  • Reduced attack surface and better isolation

If you use the provided nginx.conf, this is already configured.

4. Restart Nginx

After making changes, reload Nginx:

sudo systemctl reload nginx

If you made major changes:

sudo systemctl restart nginx

5. Troubleshooting

404 errors on all pages

  • Check that try_files rules in nginx.conf are correct.
  • Ensure the document root points to /public.

Admin login not working

  • Make sure permissions on admin/index.php are correct.
  • If using a custom admin path, confirm it matches your server root.

PHP files downloading instead of executing

  • Ensure PHP-FPM is installed and configured.
  • Confirm the fastcgi_pass directive points to the correct PHP-FPM socket.