The info:
Using AWS EC2 with Ubuntu 14.04 (trusty)
NGINX 1.4.6 as a web server
During a PCI compliance scan, it was found the the server I was working on was running NGINX 1.4.6, a version released on 2014-03-04, nearly 2 and a half years old (at this writing).
This is the default version installed with the AWS packages for Ubuntu anyway, but I'm not sure about other packages.
On the DEV machine I was using, I tried to do the basic update:
sudo apt-get install nginx
The resulting version of NGINX was still 1.4.6, so I figured it was the repo being used.
FIRST STEP: Make sure you backup your config files!!! To some place other than /etc/nginx/, like perhaps your home dir. When I performed my install, all the files in /etc/nginx/sites-available were deleted.
I followed the above section on Ubuntu and everything went great.
After the upgrade was complete, I was running 1.11.4. Great! But now I had to configure my website.
The files in /etc/nginx/sites-available were gone, so I copied my backup to that directory.
Then in /etc/nginx/nginx.conf
- set user to www-data
- Add the line if you are still using sites-available:
- include /etc/nginx/sites-enabled/*;
In the directory /etc/nginx/conf.d, rename default.conf to something else.
Restart NGINX:
sudo service nginx restart
