How to bind a domain to a web server

Last week I set up my first domain name and attached it to a website, and it wasn't as hard as I thought. In this post I hope to enlighten you the steps you need to take in order to point a domain name to a web server. I will also show you how to configure the nginx software to display a webpage when someone types your domain name. As a bonus I describe how to set up TLS on your website using a certificate from Let's Encrypt.

Point the domain to your server

I assume you have already bought the domain and are now trying to figure out how to use it.

You need to add an A record to the domain with a target of your IP address.

1. Go to your domain registrar's control panel and navigate to the DNS records page.

2. Add a new record leaving Host (or the name of the first field in your control panel) blank, leave Time to Live (second field name) unchanged, and Target (third field name) to your IP address.

   This lets users access mydomainname.com, sending requests to the server on your IP address.

3. Optionally, you can add a new record with the same values as the first one, but with Host set to www, this will allow users to access www.mydomainname.com as well.

Changes to DNS records take up to 24 hours to propagate to root name servers, but I've observed changes taking effect after only a few hours.

Create a web server

I usually use nginx as my web server software, so I will show you how to configure it.

1. First you must install nginx: apt-get install nginx. This also enables and starts the nginx service on your server, but if it didn't start for some reason, you can start it manually with systemctl start nginx.
2. Create a new WWW folder for your website in /var/www/, such as /var/www/mydomainname.com. This folder will store your website HTML/CSS/JS files. Also make an html/ subfolder in there: mkdir -p /var/www/mydomainname.com/html creates them both at once.

3. Copy the default index.html file to your newly created folder: cp /var/www/html/index.nginx-debian.html /var/www/mydomainname.com/html/

   By default, index.nginx-debian.html is recognized as an index page, so don't worry whether it will be loaded as the homepage, it will.

4. Copy the default nginx configuration file to a new file for your own website: cp /etc/nginx/sites-available/default /etc/nginx/sites-available/mydomainname.com

5. Open the newly copied configuration file, and remove default_server from the listen directive, so replace listen 80 default_server; with listen 80; and listen [::]:80 default_server; with listen [::]:80;.
   Also replace server_name _; with server_name mydomainname.com www.mydomainname.com;. The www domain name is optional and enables serving for the www subdomain.

6. Right now we have a website configuration but it's not enabled yet. We can enable it by linking the configuration file to the sites-enabled subfolder like this: ln -s /etc/nginx/sites-available/mydomainname.com /etc/nginx/sites-enabled/

7. Restart nginx for the changes to take effect: systemctl restart nginx.

Now you can go to your website and it will display the default nginx landing page. But currently it only works with HTTP. Let's see how to make it work with HTTPS.

Set up TLS

You can get TLS certificates for free, courtesy of Let's Encrypt. These certificates expire every 3 months.

The easiest way to get started with Let's Encrypt is head over to the Certbot website, and selecting your server operating system and hosting software. It will generate instructions to install the certificate specifically for your configuration. But, let's review the instructions for nginx running on Ubuntu here:

1. Install certbot and the nginx plugin for certbot: apt-get install certbot python3-certbot-nginx.
2. In your server, run certbot --nginx. This starts the interactive configuration for creating the certificate.
3. When prompted, supply your email address and agree to the license terms, and choose whether you want to receive newsletters from Electronic Frontier Foundation (EFF).
4. Certbot scans your nginx configuration for site names hosted on it. It presents a list of these names, and asks you to select the ones you want to enable HTTPS, essentially install the certificate, for.
5. It puts a file on your web server, and then tries to download it from the internet, to verify that you own the domain in question. This prevents you from registering a site you don't own.

After you complete all of these steps, you will get a success message that tells you when your certificate will expire. You can renew your certificate at any time, non-interactively, with certbot renew.

Image by Mudassar Iqbal from Pixabay