Set Up and Configure an Application Server on Ubuntu 24.04

Setting up and configuring an application server on Ubuntu 24.04 is essential for deploying web applications in production environments. Whether you’re hosting Node.js applications, Python web services, or PHP-based sites, a properly configured application server provides the foundation for reliable, secure, and scalable deployments. This tutorial guides you through setting up a production-ready application server on a DigitalOcean Droplet running Ubuntu 24.04. You’ll learn how to install and configure essential components, set up a reverse proxy with Nginx, secure your server with SSL certificates, and deploy applications using systemd for process management. The configuration follows production best practices, ensuring your server is ready to handle real-world workloads. Before you begin, ensure you have the following: Start by updating your system’s package index and upgrading existing packages to ensure you have the latest security patches and software versions: This ensures your Ubuntu 24.04 server has the most recent package information and security updates. Ubuntu 24.04 includes updated package versions compared to Ubuntu 22.04, including newer versions of systemd, Nginx, and other core components. Nginx serves as a reverse proxy, handling incoming HTTP and HTTPS requests and forwarding them to your application server. This setup provides several benefits: SSL termination, load balancing capabilities, and improved security by keeping your application server behind the proxy. Install Nginx using apt: After installation, start and enable Nginx to run automatically on boot: Verify that Nginx is running: You should see output indicating that Nginx is active and running. Ubuntu 24.04 uses UFW (Uncomplicated Firewall) for firewall management. Configure it to allow HTTP, HTTPS, and SSH traffic while blocking other unnecessary ports. First, ensure UFW is installed and check its status: If UFW is not active, enable it and configure the necessary rules: The Nginx Full profile allows both HTTP (port 80) and HTTPS (port 443) traffic. Verify the firewall rules: You should see rules allowing OpenSSH and Nginx Full traffic. Securing your application server with SSL/TLS encryption is essential for production deployments. Let’s Encrypt provides free SSL certificates that can be automatically renewed. Install Certbot and the Nginx plugin: Obtain an SSL certificate for your domain. Replace your_domain with your actual domain name: Certbot will prompt you for an email address and ask whether you want to redirect HTTP traffic to HTTPS. Choose to redirect for better security. The certificate will be automatically renewed before expiration. Test the automatic renewal process: If this command completes without errors, automatic renewal is configured correctly. Create an Nginx server block configuration to route traffic to your application server. This example shows a generic configuration that you can adapt for different application types. Create a new configuration file for your domain: Add the following configuration, replacing your_domain with your actual domain and adjusting the proxy_pass URL to match your application’s port: Enable the configuration by creating a symbolic link: Test the Nginx configuration for syntax errors: If the test passes, reload Nginx to apply the changes: The runtime dependencies you need depend on your application type. This section covers setup for Node.js, Python, and PHP applications. For Node.js applications, install Node.js using NodeSource’s repository to get the latest LTS version: Verify the installation: Ubuntu 24.04 includes Python 3.12 by default. Install pip and virtual environment tools: Verify the installation: For PHP applications, install PHP and PHP-FPM (FastCGI Process Manager): Verify PHP-FPM is running: <$>
Note: Ubuntu 24.04 includes PHP 8.3. Adjust version numbers if your system uses a different version.
<$> Systemd manages your application as a service, ensuring it starts automatically on boot and restarts if it crashes. This example creates a systemd service for a Node.js application, but you can adapt it for other application types. Create a systemd service file: Add the following configuration, adjusting paths and environment variables as needed: Key configuration points: Reload systemd and start your service: Check the service status: For a Python application using Gunicorn, your systemd service might look like this: For PHP applications, you typically use PHP-FPM with Nginx. Configure Nginx to pass requests to PHP-FPM: Create a directory for your application and set appropriate permissions: Deploy your application files to this directory. You can use Git, SCP, or other deployment methods: Install dependencies and build your application as needed. For Node.js: After deploying, restart your application service: Apply these security measures to harden your application server for production use. Edit the SSH configuration: Enable automatic security updates: Configure log rotation to prevent log files from consuming disk space. Edit the logrotate configuration: Set up monitoring to alert you when disk space is low. Install and configure monitoring tools: This section addresses common problems you might encounter when setting up your application server. Check the service status and logs: Common issues include: This usually means Nginx cannot connect to your application. Check: If SSL certificates fail to renew: Monitor memory usage: If your application consumes too much memory, consider: An application server is a server environment that runs and manages web applications. On Ubuntu 24.04, this typically involves configuring a runtime environment (like Node.js, Python, or PHP), setting up a reverse proxy (like Nginx), and using systemd to manage application processes. The application server handles incoming requests, executes application code, and returns responses to clients. To configure systemd for your application, you’ll need to create a service file. Here’s a step-by-step example: Suppose your application is a Node.js app located at /home/ubuntu/my-app, and you want to run it with npm start using the ubuntu user. Now, your app will run in the background, restart on failure, and automatically start at boot. You can check its status with: This method works with most applications. Just adjust the ExecStart, User, and WorkingDirectory as needed for your stack. Both Nginx and Apache work well as reverse proxies, but Nginx is often preferred for modern application servers due to its lower memory footprint, better performance under high concurrency, and simpler configuration for reverse proxy scenarios. Nginx also excels at handling static content and proxying requests to application servers, making it ideal for production deployments. Apache remains a solid choice, especially if you need specific modules or are more familiar with its configuration syntax. Secure your application server by: enabling UFW firewall and allowing only necessary ports, installing SSL certificates with Let’s Encrypt, running applications as non-root users, disabling root SSH login, configuring automatic security updates, keeping software packages updated, and implementing proper file permissions. Additionally, use strong passwords or SSH keys, configure fail2ban to prevent brute-force attacks, and regularly review application and system logs for suspicious activity. Yes, you can host multiple applications on a single Ubuntu 24.04 server. Configure separate systemd services for each application, each listening on different ports (e.g., 3000, 3001, 8000). Set up Nginx server blocks (virtual hosts) for each domain or subdomain, with each block proxying to the appropriate application port. This approach allows you to efficiently use server resources while maintaining isolation between applications. Verify your application is running by checking the systemd service status with sudo systemctl status your-app. Review application logs using sudo journalctl -u your-app -f to see real-time log output. Test the application by accessing it through your domain or IP address. Check that Nginx is routing requests correctly by reviewing Nginx access and error logs at /var/log/nginx/access.log and /var/log/nginx/error.log. Monitor resource usage with htop or free -h to ensure your application isn’t consuming excessive CPU or memory. You’ve successfully set up and configured a production ready application server on Ubuntu 24.04. Your DigitalOcean Droplet is now equipped with Nginx as a reverse proxy, SSL/TLS encryption, systemd service management, and security hardening measures. This setup supports deploying Node.js, Python, PHP, and other web applications in a secure, scalable environment. The configuration follows production best practices, including automatic service restarts, SSL certificate renewal, firewall protection, and proper user permissions. Your application server is ready to handle real-world workloads and can be scaled as your needs grow. For further learning and advanced configurations, explore these related DigitalOcean tutorials: Ready to deploy your applications? Get started with DigitalOcean Droplets to create scalable, reliable infrastructure for your application server. With features like automated backups, monitoring, and flexible pricing, DigitalOcean Droplets provide the foundation you need for production deployments. Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases. Learn more about our products I help Businesses scale with AI x SEO x (authentic) Content that revives traffic and keeps leads flowing | 3,000,000+ Average monthly readers on Medium | Sr Technical Writer @ DigitalOcean | Ex-Cloud Consultant @ AMEX | Ex-Site Reliability Engineer(DevOps)@Nutanix This textbox defaults to using Markdown to format your answer. You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link! Please complete your information! Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation. Full documentation for every DigitalOcean product. The Wave has everything you need to know about building a business, from raising funding to marketing your product. Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter. New accounts only. By submitting your email you agree to our Privacy Policy Scale up as you grow — whether you're running one virtual machine or ten thousand. Sign up and get $200 in credit for your first 60 days with DigitalOcean.* *This promotional offer applies to new accounts only.