Category Archives: Nginx

Nginx Load Balancing Example

Nginx can be used as load balancer, so it can split the traffic within N servers specified in the upstream section of the Nginx configuration file. This is useful to scale the web traffic if it becomes too much for a single server or VPS. Using Nginx as load balancer is incredibly easy, in short, […]

Nginx Static Content Test (Concurrent Connections)

Here I test how many concurrent connections Nginx can handle when serving static content. In this test I benchmark Nginx on port 80 (HTTP) and on port 443 (HTTPS). The static file is a simple .HTML file and this is the Nginx.conf file I used in the test: user nginx; worker_processes auto; error_log /var/log/nginx/error.log warn; […]

Rate Limit Requests per URL with Nginx

You can rate limit requests per URL with Nginx. So lets say you want to limit requests on /v2/api URL to max 150 per minute independently from the remote IP address, you can do like this: Add this inside http{} block: limit_req_zone $server_name zone=one:100m rate=150r/m;limit_req_zone $server_name zone=one:100m rate=150r/m; Then inside the server{} block add this: […]

Rate Limit Requests per IP with Nginx

You can limit requests per IP per second with Nginx. Add this line inside http{} block to limti 1 request per second per IP: limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; Lets say you want to limit requests only on /events/: Add this text inside server{} block: location /events/ { limit_req zone=one nodelay; }location /events/ […]

Nginx Rewrite Rule to Add Slash to The End of Any URL

Solution 1 If you want to append a slash “/” to the end of any URL, such as: => => You can use this Nginx rewrite rule: rewrite ^(.*[^/])$ $1/ permanent;rewrite ^(.*[^/])$ $1/ permanent; Solution 2 If you want to append the slash only if the URL NOT contains a dot, example: […]

How to Enable HTTP/2 on Nginx

It is simple to enable HTTP/2 on Nginx, just replace this: listen 443 ssl;listen 443 ssl; With this: listen 443 ssl http2;listen 443 ssl http2; And reload your Nginx configuration: service nginx reloadservice nginx reload You can find here a complete SSL configuration: Let’s Encrypt on Nginx and SSL Grade A+

Let’s Encrypt on Nginx and SSL Grade A+

A few steps to install Let’s Encrypt on Debian with Nginx and score a A+ grade on SSL Labs. We will install Certbot to simplify the creation and renew of SSL certificates with Let’s Encrypt. Simple tutorial that can help you setup Let’s Encrypt with Nginx in just a few minutes. Login via SSH on […]

Sample Nginx FastCGI Cache Configuration File

Example Nginx FastCGI cache configuration file for a vhost: #FASTCGI MICROCACHE – START# fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=microcache:100m max_size=1024m inactive=1h; add_header X-Cache $upstream_cache_status; #FASTCGI MICROCACHE – END#   server { listen 80; server_name;   […]   #FASTCGI MICROCACHE – START#   set $no_cache 0;   # POST requests and urls with a query string should […]

Rotate Nginx vHosts Log Files with Logrotate

Edit /etc/logrotate.d/nginx and add: /var/www/vhosts/*/logs/*.log { daily missingok rotate 52 compress delaycompress notifempty create 640 nginx adm sharedscripts postrotate [ -f /var/run/ ] && kill -USR1 `cat /var/run/` endscript }/var/www/vhosts/*/logs/*.log { daily missingok rotate 52 compress delaycompress notifempty create 640 nginx adm sharedscripts postrotate [ -f /var/run/ ] && kill -USR1 `cat /var/run/` endscript } […]

Block user-agents and referrers with Nginx map

The code below must be included inside the http{} block: ## Add here all user agents that are to be blocked. map $http_user_agent $bad_bot { default 0; libwww-perl 1; ~(?i)(httrack|htmlparser|libwww) 1; }   ## Add here all referrers that are to blocked. map $http_referer $bad_referer { default 0; ~(?i)(babes|click|diamond|forsale|girl|jewelry|love|nudit|organic|poker|porn|poweroversoftware|sex|teen|webcam|zippo|casino|replica) 1; }## Add here all user […]