Why Choose Drupal and RamNode?
Drupal Advantages:
- • Enterprise-grade security and scalability
- • Advanced content modeling and workflows
- • Multi-site management capabilities
- • Strong multilingual support
- • Extensive API and integration options
RamNode + Nginx Benefits:
- • High-performance SSD storage
- • Nginx for superior PHP performance
- • Full server control and customization
- • Cost-effective enterprise hosting
- • Reliable network infrastructure
Prerequisites
Before starting, ensure you have:
Server Requirements
- • RamNode VPS (Ubuntu 22.04 LTS recommended)
- • Domain name pointed to your server IP
- • SSH access to your server
- • At least 2GB RAM (4GB+ recommended for production)
Knowledge Requirements
- • Basic Linux command line skills
- • Understanding of web servers
- • Domain DNS management
- • Basic PHP/MySQL knowledge helpful
2
Initial Server Setup
Connect to your RamNode VPS and prepare the system:
Connect via SSH
ssh root@your-server-ipUpdate System Packages
apt update && apt upgrade -yInstall Essential Tools
apt install curl wget unzip software-properties-common apt-transport-https ca-certificates gnupg lsb-release -yCreate Non-Root User
adduser drupaluser
usermod -aG sudo drupaluser
su - drupaluser💡 Security: Using a non-root user for daily operations improves server security.
3
Install Nginx Web Server
Install and configure Nginx as the web server:
Install Nginx
sudo apt install nginx -yStart and Enable Nginx
sudo systemctl start nginx
sudo systemctl enable nginx
sudo systemctl status nginxConfigure Firewall
sudo ufw allow 'Nginx Full'
sudo ufw allow OpenSSH
sudo ufw --force enable✅ You can now visit your server's IP address to see the Nginx welcome page.
4
Install MySQL Database
Install MySQL server for Drupal data storage:
Install MySQL Server
sudo apt install mysql-server -ySecure MySQL Installation
sudo mysql_secure_installationConfigure the following security options:
- Set up VALIDATE PASSWORD component (Y)
- Choose password validation policy (2 - Strong)
- Set a strong root password
- Remove anonymous users (Y)
- Disallow root login remotely (Y)
- Remove test database (Y)
- Reload privilege tables (Y)
Create Drupal Database
sudo mysql -u root -pMySQL Database Setup
CREATE DATABASE drupal_db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'drupal_user'@'localhost' IDENTIFIED BY 'strong_password_here';
GRANT ALL PRIVILEGES ON drupal_db.* TO 'drupal_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;5
Install PHP
Install PHP 8.1 and required extensions for Drupal:
Install PHP and Extensions
sudo apt install php8.1-fpm php8.1-mysql php8.1-curl php8.1-gd php8.1-mbstring \
php8.1-xml php8.1-zip php8.1-intl php8.1-bcmath php8.1-soap \
php8.1-opcache php8.1-readline php8.1-common php8.1-cli php8.1-apcu -yConfigure PHP for Drupal
sudo nano /etc/php/8.1/fpm/php.iniUpdate these PHP settings for optimal Drupal performance:
PHP Configuration for Drupal
memory_limit = 512M
upload_max_filesize = 100M
post_max_size = 100M
max_execution_time = 300
max_input_vars = 5000
opcache.enable=1
opcache.memory_consumption=256
opcache.interned_strings_buffer=16
opcache.max_accelerated_files=10000
opcache.validate_timestamps=0
opcache.save_comments=1Start and Enable PHP-FPM
sudo systemctl restart php8.1-fpm
sudo systemctl enable php8.1-fpm
sudo systemctl status php8.1-fpm6
Install Composer
Install Composer for managing Drupal dependencies:
Download and Install Composer
curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer
sudo chmod +x /usr/local/bin/composerVerify Composer Installation
composer --version📦 Composer: Essential for modern Drupal development and module management.
7
Download Drupal
Download and install Drupal using Composer:
Create Web Directory
sudo mkdir -p /var/www/html/your-domain.com
sudo chown -R $USER:www-data /var/www/html/your-domain.comInstall Drupal via Composer
cd /var/www/html/your-domain.com
composer create-project drupal/recommended-project . --no-interactionSet Proper Permissions
sudo chown -R www-data:www-data /var/www/html/your-domain.com
sudo chmod -R 755 /var/www/html/your-domain.com
sudo chmod -R 775 /var/www/html/your-domain.com/web/sites/default/files
sudo chmod 664 /var/www/html/your-domain.com/web/sites/default/settings.php✅ Drupal 10 is now downloaded and ready for configuration.
8
Configure Nginx for Drupal
Create Nginx virtual host configuration optimized for Drupal:
Create Nginx Configuration
sudo nano /etc/nginx/sites-available/your-domain.comAdd the following Drupal-optimized configuration:
Nginx Drupal Configuration
server {
listen 80;
listen [::]:80;
server_name your-domain.com www.your-domain.com;
root /var/www/html/your-domain.com/web;
index index.php index.html index.htm;
client_max_body_size 100M;
client_body_timeout 120s;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Very rarely should these ever be accessed outside of your lan
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}
location ~ \..*/.*\.php$ {
return 403;
}
location ~ ^/sites/.*/private/ {
return 403;
}
# Block access to scripts in site files directory
location ~ ^/sites/[^/]+/files/.*\.php$ {
deny all;
}
# Allow "Well-Known URIs" as per RFC 5785
location ~* ^/.well-known/ {
allow all;
}
# Block access to "hidden" files and directories whose names begin with a
# period. This includes directories used by version control systems such
# as Subversion or Git to store control files.
location ~ (^|/)\. {
return 403;
}
location / {
try_files $uri /index.php?$query_string;
}
location @rewrite {
rewrite ^/(.*)$ /index.php?q=$1;
}
# Don't allow direct access to PHP files in the vendor directory.
location ~ /vendor/.*\.php$ {
deny all;
return 404;
}
# In Drupal 8, we must also match new paths where the '.php' appears in
# the middle, such as update.php/selection. The rule we use is strict,
# and only allows this pattern with the update.php front controller.
# This allows legacy path aliases in the form of
# blog/index.php/legacy-path to continue to route to Drupal nodes. If
# you do not have any paths like that, then you might prefer to use a
# laxer rule, such as:
# location ~ \.php(/|$) {
# The laxer rule will continue to work if Drupal uses this new URL
# pattern with front controllers other than update.php in a future
# release.
location ~ '\.php$|^/update.php' {
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
# Security note: If you're running a version of PHP older than the
# latest 5.3, you should have "cgi.fix_pathinfo = 0;" in php.ini.
# See http://serverfault.com/q/627903/94922 for details.
include fastcgi_params;
# Block httpoxy attacks. See https://httpoxy.org/.
fastcgi_param HTTP_PROXY "";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
}
# Fighting with Styles? This little gem is amazing.
location ~ ^/sites/.*/files/styles/ { # For Drupal >= 7
try_files $uri @rewrite;
}
# Handle private files through Drupal. Private file's path can come
# with a language prefix.
location ~ ^(/[a-z\-]+)?/system/files/ { # For Drupal >= 7
try_files $uri /index.php?$query_string;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
expires 1y;
add_header Cache-Control "public, immutable";
log_not_found off;
}
}Enable Site and Test Configuration
sudo ln -s /etc/nginx/sites-available/your-domain.com /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx9
Complete Drupal Installation
Complete the Drupal installation through the web interface:
🌐 Web Installation: Visit http://your-domain.com in your browser to start the Drupal installation wizard.
Follow the installation wizard:
- Choose language: Select your preferred language
- Choose profile: Select "Standard" for most use cases
- Database configuration:
- Database type: MySQL, MariaDB, Percona Server, or equivalent
- Database name: drupal_db
- Database username: drupal_user
- Database password: [your password]
- Host: localhost
- Site configuration:
- Site name: Your site name
- Site email: Your email address
- Admin username: Choose a secure username
- Admin password: Use a strong password
- Default country and timezone
🎉 Success: Drupal is now installed! You can access the admin area at /user/login
10
Install SSL Certificate
Secure your Drupal site with a free SSL certificate from Let's Encrypt:
Install Certbot
sudo apt install snapd -y
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbotCreate Certbot Symlink
sudo ln -s /snap/bin/certbot /usr/bin/certbotObtain SSL Certificate
sudo certbot --nginx -d your-domain.com -d www.your-domain.comUpdate Drupal Base URL
sudo nano /var/www/html/your-domain.com/web/sites/default/settings.phpAdd this line to force HTTPS:
Force HTTPS in Drupal
$settings['reverse_proxy_trusted_headers'] = array('HTTP_X_FORWARDED_PROTO', 'HTTP_X_FORWARDED_PORT');Test SSL Renewal
sudo certbot renew --dry-run🔒 SSL Active: Your Drupal site is now secured with HTTPS!
11
Security Hardening
Implement additional security measures for your Drupal installation:
Hide Nginx Version
sudo nano /etc/nginx/nginx.confAdd this line to the http block:
Nginx Security Configuration
server_tokens off;Secure Drupal File Permissions
cd /var/www/html/your-domain.com
sudo chown -R www-data:www-data .
sudo find . -type d -exec chmod 755 {} \;
sudo find . -type f -exec chmod 644 {} \;
sudo chmod 444 web/sites/default/settings.php
sudo chmod -R 775 web/sites/default/filesInstall Security Module
cd /var/www/html/your-domain.com
composer require drupal/security_review
composer require drupal/seckit
composer require drupal/captchaEnable security modules through Drupal admin or via Drush:
Enable Security Modules
composer require drush/drush
vendor/bin/drush en security_review seckit captcha -y
vendor/bin/drush cr🔐 Security: Configure the security modules through the Drupal admin interface for additional protection.
12
Performance Optimization
Optimize your Drupal site for better performance:
Install Redis for Caching
sudo apt install redis-server -y
sudo systemctl enable redis-server
sudo systemctl start redis-serverInstall Redis Module for Drupal
cd /var/www/html/your-domain.com
composer require drupal/redis
vendor/bin/drush en redis -yConfigure Redis in Drupal
sudo nano /var/www/html/your-domain.com/web/sites/default/settings.phpAdd Redis configuration to settings.php:
Redis Configuration
// Redis configuration
$settings['redis.connection']['interface'] = 'PhpRedis';
$settings['redis.connection']['host'] = '127.0.0.1';
$settings['redis.connection']['port'] = 6379;
$settings['cache']['default'] = 'cache.backend.redis';
$settings['cache_prefix'] = 'drupal_';
// Always set the fast backend for bootstrap, discover and config, otherwise
// this gets lost when redis is enabled.
$settings['cache']['bins']['bootstrap'] = 'cache.backend.chainedfast';
$settings['cache']['bins']['discovery'] = 'cache.backend.chainedfast';
$settings['cache']['bins']['config'] = 'cache.backend.chainedfast';Enable Performance Modules
composer require drupal/advagg
vendor/bin/drush en advagg -y
vendor/bin/drush crConfigure performance settings in Drupal admin:
- Navigate to Configuration → Development → Performance
- Enable "Aggregate CSS files" and "Aggregate JavaScript files"
- Set cache lifetime to appropriate value (e.g., 1 hour)
- Configure Redis cache settings
Clear All Caches
vendor/bin/drush crTroubleshooting
Next Steps & Recommendations
Essential Drupal Modules
- • Admin Toolbar: Enhanced admin experience
- • Pathauto: Automatic URL path generation
- • Metatag: SEO meta tag management
- • Backup & Migrate: Database and files backup
- • Views: Custom content listings (core in D8+)
- • Webform: Advanced form builder
Maintenance Tasks
- • Regular Drupal core and module updates
- • Database maintenance and optimization
- • Automated backups setup
- • Security monitoring and updates
- • Performance monitoring and cache management