Category Archives: Nginx

Rate Limit Requests per URL with Nginx

You can rate limit requests per URL with Nginx. So lets say you want to limit requests on /v2/api URL to max 150 per minute independently from the remote IP address, you can do like this: Add this inside http{} block: limit_req_zone $server_name zone=one:100m rate=150r/m;limit_req_zone $server_name zone=one:100m rate=150r/m; Then inside the server{} block add this: […]

Rate Limit Requests per IP with Nginx

You can limit requests per IP per second with Nginx. Add this line inside http{} block to limti 1 request per second per IP: limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; Lets say you want to limit requests only on /events/: Add this text inside server{} block: location /events/ { limit_req zone=one nodelay; }location /events/ […]

Nginx Rewrite Rule to Add Slash to The End of Any URL

Solution 1 If you want to append a slash “/” to the end of any URL, such as: website.com/category => website.com/category/website.com/category => website.com/category/ You can use this Nginx rewrite rule: rewrite ^(.*[^/])$ $1/ permanent;rewrite ^(.*[^/])$ $1/ permanent; Solution 2 If you want to append the slash only if the URL NOT contains a dot, example: […]

How to Enable HTTP/2 on Nginx

It is simple to enable HTTP/2 on Nginx, just replace this: listen 443 ssl;listen 443 ssl; With this: listen 443 ssl http2;listen 443 ssl http2; And reload your Nginx configuration: service nginx reloadservice nginx reload You can find here a complete SSL configuration: Let’s Encrypt on Nginx and SSL Grade A+

Let’s Encrypt on Nginx and SSL Grade A+

A few steps to install Let’s Encrypt on Debian with Nginx and score a A+ grade on SSL Labs. We will install Certbot to simplify the creation and renew of SSL certificates with Let’s Encrypt. Simple tutorial that can help you setup Let’s Encrypt with Nginx in just a few minutes. Login via SSH on […]

Sample Nginx FastCGI Cache Configuration File

Example Nginx FastCGI cache configuration file for a vhost: #FASTCGI MICROCACHE – START# fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=microcache:100m max_size=1024m inactive=1h; add_header X-Cache $upstream_cache_status; #FASTCGI MICROCACHE – END#   server { listen 80; server_name website.com;   […]   #FASTCGI MICROCACHE – START#   set $no_cache 0;   # POST requests and urls with a query string should […]

Rotate Nginx vHosts Log Files with Logrotate

Edit /etc/logrotate.d/nginx and add: /var/www/vhosts/*/logs/*.log { daily missingok rotate 52 compress delaycompress notifempty create 640 nginx adm sharedscripts postrotate [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` endscript }/var/www/vhosts/*/logs/*.log { daily missingok rotate 52 compress delaycompress notifempty create 640 nginx adm sharedscripts postrotate [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` endscript } […]

Block user-agents and referrers with Nginx map

The code below must be included inside the http{} block: ## Add here all user agents that are to be blocked. map $http_user_agent $bad_bot { default 0; libwww-perl 1; ~(?i)(httrack|htmlparser|libwww) 1; }   ## Add here all referrers that are to blocked. map $http_referer $bad_referer { default 0; ~(?i)(babes|click|diamond|forsale|girl|jewelry|love|nudit|organic|poker|porn|poweroversoftware|sex|teen|webcam|zippo|casino|replica) 1; }## Add here all user […]

Compress JavaScript files with Gzip

This is a list of JavaScript content-types: text/js application/javascript application/x-javascript text/javascripttext/js application/javascript application/x-javascript text/javascript Example usage in /etc/nginx/nginx.conf file: gzip on; gzip_http_version 1.1; gzip_comp_level 6; # http://wiki.nginx.org/NginxHttpGzipModule#gzip_disable gzip_disable "msie6"; gzip_proxied any; gzip_types text/plain text/css text/xml text/js application/xml application/javascript application/x-javascript text/javascript application/json application/xml+rss; gzip_buffers 16 8k; gzip_vary on;gzip on; gzip_http_version 1.1; gzip_comp_level 6; # http://wiki.nginx.org/NginxHttpGzipModule#gzip_disable gzip_disable […]

Use Nginx Helper without ngx_cache_purge module

Create a file in your website root folder named purge.php: <?php   // Allow only safe IP addresses //if ( $_SERVER[‘REMOTE_ADDR’] != "SERVER.IP.ADDRESS.HERE" ) die( "IP address not allowed!" );   echo date("Y-m-d H:i:s", time())." :: Checking cache file…<br />";   $cache_path = ‘/var/www/nginx-cache/’;   if ( !is_dir($cache_path) ) die( date("Y-m-d H:i:s", time())." :: ".htmlspecialchars($cache_path)." […]