Running OXID eShop Community Edition (Version 4.5.9) On Nginx (LEMP) on Debian Squeeze/Ubuntu 11.10

Version 1.0
Author: Falko Timme
Follow me on Twitter

This tutorial shows how you can install and run OXID eShop Community Edition (version 4.5.9) on a Debian Squeeze or Ubuntu 11.10 system that has nginx installed instead of Apache (LEMP = Linux + nginx (pronounced "engine x") + MySQL + PHP). OXID eShop is a feature-rich ecommerce platform; I will use the Community Edition here which is licensed under an open source certified license (GPL v3.0). nginx is a HTTP server that uses much less resources than Apache and delivers pages a lot of faster, especially static files.

I do not issue any guarantee that this will work for you!


1 Preliminary Note

I want to install OXID eShop in a vhost called here with the document root /var/www/

You should have a working LEMP installation, as shown in these tutorials:

A note for Ubuntu users:

Because we must run all the steps from this tutorial with root privileges, we can either prepend all commands in this tutorial with the string sudo, or we become root right now by typing

sudo su


2 Installing APC

APC is a free and open PHP opcode cacher for caching and optimizing PHP intermediate code. It's similar to other PHP opcode cachers, such as eAccelerator and XCache. It is strongly recommended to have one of these installed to speed up your PHP page.

APC can be installed as follows:

apt-get install php-apc

If you use PHP-FPM as your FastCGI daemon (like in Installing Nginx With PHP5 (And PHP-FPM) And MySQL Support On Ubuntu 11.10), restart it as follows:

/etc/init.d/php5-fpm restart

If you use lighttpd's spawn-fcgi program as your FastCGI daemon (like in Installing Nginx With PHP5 And MySQL Support On Debian Squeeze), we must kill the current spawn-fcgi process (running on port 9000) and create a new one. Run

netstat -tap

to find out the PID of the current spawn-fcgi process:

[email protected]:~# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 *:sunrpc                *:*                     LISTEN      734/portmap
tcp        0      0 *:www                   *:*                     LISTEN      2987/nginx
tcp        0      0 *:ssh                   *:*                     LISTEN      1531/sshd
tcp        0      0 *:57174                 *:*                     LISTEN      748/rpc.statd
tcp        0      0 localhost.localdom:smtp *:*                     LISTEN      1507/exim4
tcp        0      0 localhost.localdom:9000 *:*                     LISTEN      1542/php5-cgi
tcp        0      0 localhost.localdo:mysql *:*                     LISTEN      1168/mysqld
tcp        0     52      ESTABLISHED 1557/0
tcp6       0      0 [::]:www                [::]:*                  LISTEN      2987/nginx
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN      1531/sshd
tcp6       0      0 ip6-localhost:smtp      [::]:*                  LISTEN      1507/exim4
[email protected]:~#

In the above output, the PID is 1542, so we can kill the current process as follows:

kill -9 1542

Afterwards we create a new spawn-fcgi process:

/usr/bin/spawn-fcgi -a -p 9000 -u www-data -g www-data -f /usr/bin/php5-cgi -P /var/run/


3 Installing OXID eShop

The document root of my web site is /var/www/ - if it doesn't exist, create it as follows:

mkdir -p /var/www/

Create the folder /tmp/oxid where we will put the OXID eShop archive:

mkdir /tmp/oxid 

Next download OXID eShop Community Edition from to your client PC and upload it from there to /tmp/oxid (e.g. with WinSCP).

Make sure unzip is installed:

apt-get install unzip

Now uncompress OXID eShop and move it to your document root (/var/www/

cd /tmp/oxid
unzip OXID_ESHOP_CE_4.5.9_*.zip
rm -f OXID_ESHOP_CE_4.5.9_*.zip
mv * .htaccess /var/www/

It is recommended to make the document root and the OXID eShop files in it writable by the nginx daemon which is running as user www-data and group www-data:

chown -R www-data:www-data /var/www/

If you haven't already created a MySQL database for OXID eShop (including a MySQL OXID eShop user), you can do that as follows (I name the database oxid in this example, and the user is called oxid_admin, and his password is oxid_admin_password):

mysql -u root -p

GRANT ALL PRIVILEGES ON oxid.* TO 'oxid_admin'@'localhost' IDENTIFIED BY 'oxid_admin_password';
GRANT ALL PRIVILEGES ON oxid.* TO 'oxid_admin'@'localhost.localdomain' IDENTIFIED BY 'oxid_admin_password';


Because you can run your OXID eShop website under http and under https (that's totally up to you if you want to offer https, but recommended if your customers submit sensitive data such as credit card numbers, etc.), we need to add the following section to the http {} section in /etc/nginx/nginx.conf (before the two include lines) which determines if the visitor uses http or https and sets the $fastcgi_https variable (which we will use in our vhost) accordingly:

vi /etc/nginx/nginx.conf
http {
        ## Detect when HTTPS is used
        map $scheme $fastcgi_https {
          default off;
          https on;

        # Virtual Host Configs

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;

Next we create an nginx vhost configuration for our vhost in the /etc/nginx/sites-available/ directory as follows:

vi /etc/nginx/sites-available/
server {
       listen 80;

       ## SSL directives might go here
       ## see
       ## if you want to enable SSL for this vhost

       root /var/www/;
       if ($http_host != "") {
                 rewrite ^$request_uri permanent;
       index index.php index.html;

       if ($request_method ~ ^(TRACE|TRACK)$ ) {
                return 403;

       location = /favicon.ico {
                log_not_found off;
                access_log off;
       location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;

       location ~ (/\.|EXCEPTION_LOG\.txt|\.log$|\.tpl$|pkg.rev) {
                deny all;

       location ~ /out/pictures/.*(\.jpg|\.gif|\.png)$ {
                try_files $uri /core/utils/getimg.php;

       location ~ ^/(admin|setup)/?$ {

       location ~ /(core|export|modules|out|tmp|views)/ {

       location / {
                try_files $uri $uri/ /oxseo.php;

       location = /oxseo.php {
                if ($args ~ "mod_rewrite_module_is=off") {
                       rewrite /oxseo.php /oxseo.php?mod_rewrite_module_is=on? break;
                try_files $uri =404;
                include /etc/nginx/fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param  HTTPS $fastcgi_https;

       location ~ \.php$ {
                try_files $uri =404;
                include /etc/nginx/fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param  HTTPS $fastcgi_https;


See the comments in the above configuration if you want to enable https for the vhost. The procedure is described in this tutorial: How To Set Up SSL Vhosts Under Nginx + SNI Support (Ubuntu 11.04/Debian Squeeze)

To enable that vhost, we create a symlink to it from the /etc/nginx/sites-enabled/ directory:

cd /etc/nginx/sites-enabled/
ln -s /etc/nginx/sites-available/

Reload nginx for the changes to take effect:

/etc/init.d/nginx reload
Share this page:

Suggested articles

5 Comment(s)

Add comment


By: Norbert

The Oxid weblink provided in the how to, does not work!

They moved things!

I found the download link, however the download does not complete, it stops at about 50%. Tried it three times, same result.

The download is extremely throttled to a minimum, or lets say the speed of a 33 Kbaud modem.

I think it is unacceptable, even if for free or trial.

Will not consider this software!

By: Anonymous

So if you're on your way to the BMW dealership and traffic is slow, is a BMW no longer considered worthwhile?

Anyways, I've downloaded this software several times (over several years) and have never had 'throttling' issues.  Maybe your interweb was having a bad day.  Also, there is more than one way to skin a cat.  Had you tried an alternative, you may of found (among others):

By: Anonymous

I've been testing out the vhosts configuration file suggested here, using it as somewhat of a learning platform for NGINX and have found some important things to note:

  •  Foremost, it is not secure.  As is, anybody will be able to download raw php files from the applicable site.
  • The handling of oxseo.php is not complete.  Query arguments are dropped which will lead to some pages not rendering correctly.


I am no NGINX expert, and maybe I was missing something when testing.  But from what I've read about NGINX so far, the above issues make sense relative to the configuration.

By: svizzera

could you please update this to Oxid 4.7.x ?

By: Ravikiran

Hi all,

i was trying to configure the same thing to alias in nginx. if it is in apache we can simply modify the RewriteBase /<alias>. if it is the same thing in nginx alias like<alias> then how would be the code..? Please help. below mentioned code is my configuration ( i have converted htaccess code from apache to nginx online). now the problem is either im able to generated folder article images or banner images but not both at a time. i tried multiple ways. nothing worked for me. my code as follows.

# nginx configuration

location ~ / {

rewrite ^(.*)$ / redirect;



        location ~ (\/admin\/|\/core\/|\/application\/|\/export\/|\/modules\/|\/setup\/|\/tmp\/|\/views\/) {


        autoindex off;

        location /<alias> {

        if ($request_method ~ "^(TRACE|TRACK)"){

                return 403;


        if ($request_uri ~ "oxseo\.php$"){

                rewrite oxseo\.php$ /<alias>/oxseo.php?mod_rewrite_module_is=on break;


        if (!-e $request_filename){

                rewrite !(\.html|\/|\.jpg|\.css|\.pdf|\.doc|\.gif|\.png|\.js|\.htc|\.svg)$ /<alias>/$request_uri/ redirect;


        if (!-e $request_filename){

                rewrite (\.html|\/)$ /<alias>/oxseo.php;


        if ($request_uri ~ "(\/out\/pictures\/)"){

        rewrite (\.jpg|\.gif|\.png|\.svg)$ /<alias>/getimg.php;


        if ($request_uri ~ "(\/out\/pictures\/promo\/)"){

                rewrite !(\.html|\/|\.jpg|\.css|\.pdf|\.doc|\.gif|\.png|\.js|\.htc|\.svg)$ /<alias>/$request_uri/ redirect;



        location ~ (EXCEPTION_LOG\.txt|\.log$|\.tpl$|pkg\.rev|\.ini|pkg\.info|\.pem$) {

        deny all;