How to install nginx

[Nickk96]

Thread removed.

Nickk96 Reviewed by Nickk96 on 25th Sep 2011. How to install nginx Thread removed. Rating: 5

[Robin H]

Which OS?

[Lock Down]

There are several ways to stop ddos on apache. Have you tried any?
Using IPtables:

Iptables Limits Connections Per IP


The syntax is as follows:
/sbin/iptables -A INPUT -p tcp --syn --dport $port -m connlimit --connlimit-above N -j REJECT --reject-with tcp-reset
# save the changes see iptables-save man page, the following is redhat and friends specific command
service iptables save
Example: Limit SSH Connections Per IP / Host

Only allow 3 ssg connections per client host:
/sbin/iptables -A INPUT -p tcp --syn --dport 22 -m connlimit --connlimit-above 3 -j REJECT
# save the changes see iptables-save man page, the following is redhat and friends specific command
service iptables save
Example: Limit HTTP Connections Per IP / Host

Only allow 20 http connections per IP (MaxClients is set to 60 in httpd.conf):
WARNING! Please note that large proxy servers may legitimately create a large number of connections to your server. You can skip those ips using ! syntax
/sbin/iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 20 -j REJECT --reject-with tcp-reset
# save the changes see iptables-save man page, the following is redhat and friends specific command
service iptables save

Skip proxy server IP 1.2.3.4 from this kind of limitations:
/sbin/iptables -A INPUT -p tcp --syn --dport 80 -d ! 1.2.3.4 -m connlimit --connlimit-above 20 -j REJECT --reject-with tcp-reset
Example: Class C Limitations

In this example, limit the parallel http requests to 20 per class C sized network (24 bit netmask)
/sbin/iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 20 --connlimit-mask 24 -j REJECT --reject-with tcp-reset
# save the changes see iptables-save man page
service iptables save
Example: Limit Connections Per Second

The following example will drop incoming connections if IP make more than 10 connection attempts to port 80 within 100 seconds (add rules to your iptables shell script)
#!/bin/bash
IPT=/sbin/iptables
# Max connection in seconds
SECONDS=100
# Max connections per IP
BLOCKCOUNT=10
# ....
# ..
# default action can be DROP or REJECT
DACTION="DROP"
$IPT -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set
$IPT -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds ${SECONDS} --hitcount ${BLOCKCOUNT} -j ${DACTION}
# ....
# ..
How Do I Test My Firewall Working?

Use the following shell script to connect to your web server hosted at 202.1.2.3:
#!/bin/bash
ip="202.1.2.3"
port="80"
for i in {1..100}
do
# do nothing just connect and exit
echo "exit" | nc ${ip} ${port};
done

OR:

These are few steps to be taken when you feel that the server is under attack:
--------------------------------------------------------------------------------
-
Step 1: Check the load using the command "w".

Step 2: Check which service is utilizing maximum CPU by "nice top".

Step 3: Check which IP address is taking maximum connection using the command:

netstat -anpl|grep :80|awk {'print $5'}|cut -d":" -f1|sort|uniq -c|sort -n
netstat -an|awk '/tcp/ {print $6}'|sort|uniq -c

Step 4: Check the IP address of the server having maximum connection using the
command:

netstat -alpn | grep :80 | awk '{print $4}' | cut -d: -f1 |sort |uniq -c

Step 5: Then block the IP address using APF firewall "apf -d <IP address>" or
using CSF firewall "csf -d <IP address>
--------------------------------------------------------------------------------
-

In future, to avoid DDoS attack or to lower its intensity you can install the
following modules.

============
*Mod_security: Since DDoS often targets HTTP (port 80), it is a good idea to
have a filtering system for Apache. 'Mod_security' will analyze requests before
passing them to the web server.

*Mod_dosevasive: This is an Apache module which performs 'evasive' action in the
event of an HTTP DDoS attack or brute force attack.

*(D)DoS Deflate: This is a shell script which assists in combating denial of
service attacks.
============

Please go through the following URLs for more information on how to install
"mod_security", "mod_evasive" and "dos_deflate" on your server:

-------------------
http://prasadnaik15.wordpress.com/ho...t-ddos-attack/
-------------------
http://www.eth0.us/mod_evasive
-------------------
http://forum.whmdestek.com/security/...tallation.html
-------------------

You can also enable Sysctl protection against DDoS. Please go through the
following URL for more information in this regard:

----------
http://forums.softlayer.com/showthread.php?t=304 [use your portal
username/password to login]

As mentioned by others, having some connections in TIME_WAIT is a normal part of the TCP connection. You can see the interval by examining /proc/sys/net/ipv4/tcp_fin_timeout:
[root@host ~]# cat /proc/sys/net/ipv4/tcp_fin_timeout
60

And change it by modifying that value:
[root@dev admin]# echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout

Or permanently by adding it to /etc/sysctl.conf
net.ipv4.tcp_fin_timeout=30

Also, if you don't use the RPC service or NFS, you can just turn it off:
/etc/init.d/nfsd stop

And turn it off completely
chkconfig nfsd off

[ChokY]

nginx wont help you with ddos

but iptable or firewall would help you a bit
follow Lock Down instruction for that

my sugestion are using semi managed server with ddos protection
as its not only using firewall software or script but firewall hardware

[.:Raymond:.]

Code: 

1. In order to get the cPanel server ready for nginx ? you must first install an apache module called mod_rpaf

Login as root:
# cd /usr/local/src
 # wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
 # tar xvzf mod_rpaf-0.6.tar.gz
 # cd mod_rpaf-0.6
 # /usr/local/apache/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

 2. Doing so will install the module into the Apache module directory.

Then Go to your  Web Host Manager (WHM) follow the tree here:
 Main >> Service Configuration >> Apache Configuration > Include Editor > Pre Main Include and Select the apache version that is running on your cPanel server. and then add following code section there, and replace (place your ips here without the brakets) with the list of IP addresses on your Cpanel server:

==================================================
 LoadModule rpaf_module modules/mod_rpaf-2.0.so

RPAFenable On
 # Enable reverse proxy add forward

RPAFproxy_ips 127.0.0.1  (place all your ips here without the brakets)

RPAFsethostname On
 # let rpaf update vhost settings allowing to have
 # the same hostnames as in the ?actual? configuration for the
 # forwarding apache installation

RPAFheader X-Real-IP
 # Allows you to change which header we have mod_rpaf looking for
 # when trying to find the ip the that is forwarding our requests
 ===================================================

3. Once this is completed ? we are ready to move Apache to another port. To move the apache to another port follow the below:

Go to your WHM  >> ?tweak settings?  and change the apache port from 80 to 81 (find 0.0.0.0:80 and change it to 0.0.0.0.:81)

4. Do the following

# /usr/local/cpanel/whostmgr/bin/whostmgr2 ?updatetweaksettings

5. Check your ?/usr/local/apache/conf/httpd.conf?  for any occurrences of port 80,
#  vi /usr/local/apache/conf/httpd.conf

Find for port 80 if you found any occurrences of port 80 then rebuild your apache configuration file by running
# /scripts/rebuildhttpdconf   and make sure your httpd.conf file is up to date 

6. Then run
# /etc/init.d/httpd restart

7. Now install Nginx. You must install pcre library in order to install Nginx on your cPanel server:

# wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-7.9.tar.gz
 # tar xvzf pcre-7.9.tar.gz
 # cd pcre-7.9
 # ./configure
 # make
 # make install

Now Install Nginx

#wget http://sysoev*****nginx/nginx-0.7.63.tar.gz
 # tar xvzf nginx-0.7.63.tar.gz
 # cd nginx-0.7.63
 # ./configure
 # make
 # make install 

9. Create nginx.sh file and put the below code section to the file :

# vi  nginx.sh
 ===================================================================
#!/bin/sh

cat > ?/usr/local/nginx/conf/nginx.conf? <<EOF
 user  nobody;
 # no need for more workers in the proxy mode
 worker_processes  2;

error_log  logs/error.log info;

worker_rlimit_nofile  8192;

events {
 worker_connections  1024; # you might need to increase this setting for busy servers
 use epoll; #  Linux kernels 2.6.x change to epoll
 }

http {
 server_names_hash_max_size 2048;

include    mime.types;
 default_type  application/octet-stream;

sendfile on;
 tcp_nopush on;
 tcp_nodelay on;

keepalive_timeout  10;

gzip on;
 gzip_min_length  1100;
 gzip_buffers  4 32k;
 gzip_types    text/plain application/x-javascript text/xml text/css;
 ignore_invalid_headers on;

client_header_timeout  3m;
 client_body_timeout 3m;
 send_timeout     3m;
 connection_pool_size  256;
 client_header_buffer_size 4k;
 large_client_header_buffers 4 32k;
 request_pool_size  4k;
 output_buffers   4 32k;
 postpone_output  1460;

include ?/usr/local/nginx/conf/vhost.conf?;
 }

EOF

/bin/cp /dev/null /usr/local/nginx/conf/vhost.conf

cd /var/cpanel/users
 for USER in *; do
 for DOMAIN in `cat $USER | grep ^DNS | cut -d= -f2`; do
 IP=`cat $USER|grep ^IP|cut -d= -f2`;
 ROOT=`grep ^$USER: /etc/passwd|cut -d: -f6`;
 echo ?Converting $DOMAIN for $USER?;

cat >> ?/usr/local/nginx/conf/vhost.conf? <<EOF
 server {
 access_log off;

error_log  logs/vhost-error_log warn;
 listen    80;
 server_name  $DOMAIN www.$DOMAIN;

location ~* \.(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|html|htm|wml)$ {
 root   $ROOT/public_html;
 }

location / {
 client_max_body_size    10m;
 client_body_buffer_size 128k;

proxy_send_timeout   90;
 proxy_read_timeout   90;

proxy_buffer_size    4k;
 # you can increase proxy_buffers here to suppress ?an upstream response
 #  is buffered to a temporary file? warning
 proxy_buffers     16 32k;
 proxy_busy_buffers_size 64k;
 proxy_temp_file_write_size 64k;

proxy_connect_timeout 30s;

proxy_redirect  http://www.$DOMAIN:81   http://www.$DOMAIN;
 proxy_redirect  http://$DOMAIN:81   http://$DOMAIN;

proxy_pass   http://$IP:81/;

proxy_set_header   Host   \$host;
 proxy_set_header   X-Real-IP  \$remote_addr;
 proxy_set_header   X-Forwarded-For \$proxy_add_x_forwarded_for;
 }
 }
 EOF
 done
 done
 ===================================================================================

8. Save the file and change the permision and then run :
# chmod 755 nginx.sh
 # sh nginx.sh

9. Now Check the  Nginx configuration
#/usr/local/nginx/sbin/nginx -t

=============================
 Great install instructions, everything worked fine just some additional info if you get error like  invalid event type ?rtsig? when you run this commmand: # /usr/local/nginx/sbin/nginx -t

To correct this error you should do this: vi /usr/local/nginx/conf/nginx.conf
 Find line 11 and change ?rtsig? to ?epoll? .

This error occures in case your server is using kernel 2.4.x
 ===============================

10. Restart Nginx
# /usr/local/nginx/sbin/nginx 

11. create init script

# vi /etc/init.d/nginx
 And put the below code section to the file:
 ========================================================================
 #!/bin/sh
 #
 # nginx ? this script starts and stops the nginx daemin
 # Taken from http://www.hikaro.com
 # chkconfig:   ? 85 15
 # description:  Nginx is an HTTP(S) server, HTTP(S) reverse \
 #               proxy and IMAP/POP3 proxy server
 # processname: nginx
 # config:      /usr/local/nginx/conf/nginx.conf
 # pidfile:     /usr/local/nginx/logs/nginx.pid

# Source function library.
 . /etc/rc.d/init.d/functions

# Source networking configuration.
 . /etc/sysconfig/network

# Check that networking is up.
 [ "$NETWORKING" = "no" ] && exit 0

nginx=?/usr/local/nginx/sbin/nginx?
 prog=$(basename $nginx)

NGINX_CONF_FILE=?/usr/local/nginx/conf/nginx.conf?

lockfile=/var/lock/subsys/nginx

start() {
 [ -x $nginx ] || exit 5
 [ -f $NGINX_CONF_FILE ] || exit 6
 echo -n $?Starting $prog: ?
 daemon $nginx -c $NGINX_CONF_FILE
 retval=$?
 echo
 [ $retval -eq 0 ] && touch $lockfile
 return $retval
 }

stop() {
 echo -n $?Stopping $prog: ?
 killproc $prog -QUIT
 retval=$?
 echo
 [ $retval -eq 0 ] && rm -f $lockfile
 return $retval
 }

restart() {
 configtest || return $?
 stop
 start
 }

reload() {
 configtest || return $?
 echo -n $?Reloading $prog: ?
 killproc $nginx -HUP
 RETVAL=$?
 echo
 }

force_reload() {
 restart
 }

configtest() {
 $nginx -t -c $NGINX_CONF_FILE
 }

rh_status() {
 status $prog
 }

rh_status_q() {
 rh_status >/dev/null 2>&1
 }

case ?$1″ in
 start)
 rh_status_q && exit 0
 $1
 ;;
 stop)
 rh_status_q || exit 0
 $1
 ;;
 restart|configtest)
 $1
 ;;
 reload)
 rh_status_q || exit 7
 $1
 ;;
 force-reload)
 force_reload
 ;;
 status)
 rh_status
 ;;
 condrestart|try-restart)
 rh_status_q || exit 0
 ;;
 *)
 echo $?Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}?
 exit 2
 esac
 ========================================================================================

11. save the code and execute
# chmod +x /etc/init.d/nginx

12. make it start when the server run
# /sbin/chkconfig nginx on

13.You can run following command to check if its running:

# service nginx start
 # service nginx stop
 # service nginx restart
 # service nginx reload
 # service nginx configtest
 # service nginx status

14. To Create an automatic virtualhost entry in nginx virtualhost configuration  (/usr/local/nginx/conf/vhost.conf)  when cPanel account get created on the server follow the below instructions:

Go to the cPanel script that is :

# vi /scripts/postwwwacct
 # chmod 755 /scripts/postwwwacct
 and put the same code that is used in ?nginx.sh? in the step 9 and it will create an virtualhost entry to the nginx.

15.To remove virtualhost entry from nginx virtualhost configuration (/usr/local/nginx/conf/vhost.conf)  when cPanel account get terminated from the server follow the below instructions:

Go to the cPanel script that is :

# vi /scripts/postwkillacct
 # chmod 755 /scripts/postwkillacct

and put the same code that is used in ?nginx.sh? in the step 9 and it will create an virtualhost entry to the nginx.

DONE!! Cheers!!!!

[DLow]

Why not just ask your web host to midigate the attack ?

[Nickk96]

Thread removed.

[Nickk96]

Wait I dont think you can use Mod_secrity and mod_desevasive on nginx.

I think you can use (D)DoS deflate on nginx though.

Anyway if I follow Raymonds tutorial, will my site have any downtime whilst doing it?

If it goes wrong doing it raymonds way, how do I un-install it.

[MrOSX]

Good luck getting this sorted nick Dibble

[Nickk96]

Code: 

1. In order to get the cPanel server ready for nginx ? you must first install an apache module called mod_rpaf

Login as root:
# cd /usr/local/src
 # wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
 # tar xvzf mod_rpaf-0.6.tar.gz
 # cd mod_rpaf-0.6
 # /usr/local/apache/bin/apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

 2. Doing so will install the module into the Apache module directory.

Then Go to your  Web Host Manager (WHM) follow the tree here:
 Main >> Service Configuration >> Apache Configuration > Include Editor > Pre Main Include and Select the apache version that is running on your cPanel server. and then add following code section there, and replace (place your ips here without the brakets) with the list of IP addresses on your Cpanel server:

==================================================
 LoadModule rpaf_module modules/mod_rpaf-2.0.so

RPAFenable On
 # Enable reverse proxy add forward

RPAFproxy_ips 127.0.0.1  (place all your ips here without the brakets)

RPAFsethostname On
 # let rpaf update vhost settings allowing to have
 # the same hostnames as in the ?actual? configuration for the
 # forwarding apache installation

RPAFheader X-Real-IP
 # Allows you to change which header we have mod_rpaf looking for
 # when trying to find the ip the that is forwarding our requests
 ===================================================

3. Once this is completed ? we are ready to move Apache to another port. To move the apache to another port follow the below:

Go to your WHM  >> ?tweak settings?  and change the apache port from 80 to 81 (find 0.0.0.0:80 and change it to 0.0.0.0.:81)

4. Do the following

# /usr/local/cpanel/whostmgr/bin/whostmgr2 ?updatetweaksettings

5. Check your ?/usr/local/apache/conf/httpd.conf?  for any occurrences of port 80,
#  vi /usr/local/apache/conf/httpd.conf

Find for port 80 if you found any occurrences of port 80 then rebuild your apache configuration file by running
# /scripts/rebuildhttpdconf   and make sure your httpd.conf file is up to date 

6. Then run
# /etc/init.d/httpd restart

7. Now install Nginx. You must install pcre library in order to install Nginx on your cPanel server:

# wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-7.9.tar.gz
 # tar xvzf pcre-7.9.tar.gz
 # cd pcre-7.9
 # ./configure
 # make
 # make install

Now Install Nginx

#wget http://sysoev*****nginx/nginx-0.7.63.tar.gz
 # tar xvzf nginx-0.7.63.tar.gz
 # cd nginx-0.7.63
 # ./configure
 # make
 # make install 

9. Create nginx.sh file and put the below code section to the file :

# vi  nginx.sh
 ===================================================================
#!/bin/sh

cat > ?/usr/local/nginx/conf/nginx.conf? <<EOF
 user  nobody;
 # no need for more workers in the proxy mode
 worker_processes  2;

error_log  logs/error.log info;

worker_rlimit_nofile  8192;

events {
 worker_connections  1024; # you might need to increase this setting for busy servers
 use epoll; #  Linux kernels 2.6.x change to epoll
 }

http {
 server_names_hash_max_size 2048;

include    mime.types;
 default_type  application/octet-stream;

sendfile on;
 tcp_nopush on;
 tcp_nodelay on;

keepalive_timeout  10;

gzip on;
 gzip_min_length  1100;
 gzip_buffers  4 32k;
 gzip_types    text/plain application/x-javascript text/xml text/css;
 ignore_invalid_headers on;

client_header_timeout  3m;
 client_body_timeout 3m;
 send_timeout     3m;
 connection_pool_size  256;
 client_header_buffer_size 4k;
 large_client_header_buffers 4 32k;
 request_pool_size  4k;
 output_buffers   4 32k;
 postpone_output  1460;

include ?/usr/local/nginx/conf/vhost.conf?;
 }

EOF

/bin/cp /dev/null /usr/local/nginx/conf/vhost.conf

cd /var/cpanel/users
 for USER in *; do
 for DOMAIN in `cat $USER | grep ^DNS | cut -d= -f2`; do
 IP=`cat $USER|grep ^IP|cut -d= -f2`;
 ROOT=`grep ^$USER: /etc/passwd|cut -d: -f6`;
 echo ?Converting $DOMAIN for $USER?;

cat >> ?/usr/local/nginx/conf/vhost.conf? <<EOF
 server {
 access_log off;

error_log  logs/vhost-error_log warn;
 listen    80;
 server_name  $DOMAIN www.$DOMAIN;

location ~* \.(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|html|htm|wml)$ {
 root   $ROOT/public_html;
 }

location / {
 client_max_body_size    10m;
 client_body_buffer_size 128k;

proxy_send_timeout   90;
 proxy_read_timeout   90;

proxy_buffer_size    4k;
 # you can increase proxy_buffers here to suppress ?an upstream response
 #  is buffered to a temporary file? warning
 proxy_buffers     16 32k;
 proxy_busy_buffers_size 64k;
 proxy_temp_file_write_size 64k;

proxy_connect_timeout 30s;

proxy_redirect  http://www.$DOMAIN:81   http://www.$DOMAIN;
 proxy_redirect  http://$DOMAIN:81   http://$DOMAIN;

proxy_pass   http://$IP:81/;

proxy_set_header   Host   \$host;
 proxy_set_header   X-Real-IP  \$remote_addr;
 proxy_set_header   X-Forwarded-For \$proxy_add_x_forwarded_for;
 }
 }
 EOF
 done
 done
 ===================================================================================

8. Save the file and change the permision and then run :
# chmod 755 nginx.sh
 # sh nginx.sh

9. Now Check the  Nginx configuration
#/usr/local/nginx/sbin/nginx -t

=============================
 Great install instructions, everything worked fine just some additional info if you get error like  invalid event type ?rtsig? when you run this commmand: # /usr/local/nginx/sbin/nginx -t

To correct this error you should do this: vi /usr/local/nginx/conf/nginx.conf
 Find line 11 and change ?rtsig? to ?epoll? .

This error occures in case your server is using kernel 2.4.x
 ===============================

10. Restart Nginx
# /usr/local/nginx/sbin/nginx 

11. create init script

# vi /etc/init.d/nginx
 And put the below code section to the file:
 ========================================================================
 #!/bin/sh
 #
 # nginx ? this script starts and stops the nginx daemin
 # Taken from http://www.hikaro.com
 # chkconfig:   ? 85 15
 # description:  Nginx is an HTTP(S) server, HTTP(S) reverse \
 #               proxy and IMAP/POP3 proxy server
 # processname: nginx
 # config:      /usr/local/nginx/conf/nginx.conf
 # pidfile:     /usr/local/nginx/logs/nginx.pid

# Source function library.
 . /etc/rc.d/init.d/functions

# Source networking configuration.
 . /etc/sysconfig/network

# Check that networking is up.
 [ "$NETWORKING" = "no" ] && exit 0

nginx=?/usr/local/nginx/sbin/nginx?
 prog=$(basename $nginx)

NGINX_CONF_FILE=?/usr/local/nginx/conf/nginx.conf?

lockfile=/var/lock/subsys/nginx

start() {
 [ -x $nginx ] || exit 5
 [ -f $NGINX_CONF_FILE ] || exit 6
 echo -n $?Starting $prog: ?
 daemon $nginx -c $NGINX_CONF_FILE
 retval=$?
 echo
 [ $retval -eq 0 ] && touch $lockfile
 return $retval
 }

stop() {
 echo -n $?Stopping $prog: ?
 killproc $prog -QUIT
 retval=$?
 echo
 [ $retval -eq 0 ] && rm -f $lockfile
 return $retval
 }

restart() {
 configtest || return $?
 stop
 start
 }

reload() {
 configtest || return $?
 echo -n $?Reloading $prog: ?
 killproc $nginx -HUP
 RETVAL=$?
 echo
 }

force_reload() {
 restart
 }

configtest() {
 $nginx -t -c $NGINX_CONF_FILE
 }

rh_status() {
 status $prog
 }

rh_status_q() {
 rh_status >/dev/null 2>&1
 }

case ?$1″ in
 start)
 rh_status_q && exit 0
 $1
 ;;
 stop)
 rh_status_q || exit 0
 $1
 ;;
 restart|configtest)
 $1
 ;;
 reload)
 rh_status_q || exit 7
 $1
 ;;
 force-reload)
 force_reload
 ;;
 status)
 rh_status
 ;;
 condrestart|try-restart)
 rh_status_q || exit 0
 ;;
 *)
 echo $?Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}?
 exit 2
 esac
 ========================================================================================

11. save the code and execute
# chmod +x /etc/init.d/nginx

12. make it start when the server run
# /sbin/chkconfig nginx on

13.You can run following command to check if its running:

# service nginx start
 # service nginx stop
 # service nginx restart
 # service nginx reload
 # service nginx configtest
 # service nginx status

14. To Create an automatic virtualhost entry in nginx virtualhost configuration  (/usr/local/nginx/conf/vhost.conf)  when cPanel account get created on the server follow the below instructions:

Go to the cPanel script that is :

# vi /scripts/postwwwacct
 # chmod 755 /scripts/postwwwacct
 and put the same code that is used in ?nginx.sh? in the step 9 and it will create an virtualhost entry to the nginx.

15.To remove virtualhost entry from nginx virtualhost configuration (/usr/local/nginx/conf/vhost.conf)  when cPanel account get terminated from the server follow the below instructions:

Go to the cPanel script that is :

# vi /scripts/postwkillacct
 # chmod 755 /scripts/postwkillacct

and put the same code that is used in ?nginx.sh? in the step 9 and it will create an virtualhost entry to the nginx.

DONE!! Cheers!!!!

Is there any other way?