
Its a web server, 2.5 times quicker than Apache. Apache uses a process-driven approach and creates a new thread for each request. Whereas NGINX uses an event-driven architecture to handle multiple requests within one thread. High Performance, High Concurrency, Low Resource Usage. Offical Docs
1
2
3
4
ls -l /etc/nginx/
nginx -h # get help
nginx -t # test site config
tail -n 1 /var/log/nginx/error.log # to see last line of error.log
Create a simple proxy server
Create a site call local.dev
and paste following code init, enable local.dev
site and restart nginx.
sudo vim /etc/nginx/sites-available/local.dev
sudo ln -sf /etc/nginx/sites-available/local.dev /etc/nginx/sites-enabled/
sudo echo "127.0.0.1 local.dev" >> /etc/hosts
nginx -t
-
sudo systemctl restart nginx
ornginx -s reload
code for local.dev
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# 301 = Permanently, 302 = Temporarily
# redirect http to https
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _; # This is just an invalid value which will never trigger on a real hostname.
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
# return 302 https://$host$request_uri;
return 503;
}
upstream local_dev {
server 127.0.0.1:80;
}
server {
listen [::]:443 ssl ipv6only=on;
listen 443 ssl http2;
server_name local.dev;
root /var/www/html;
index index.html index.nginx-debian.html;
access_log /var/log/nginx/local.dev.access.log;
error_log /var/log/nginx/local.dev.error.log;
autoindex off;
server_tokens off;
add_header X-Frame-Options SAMEORIGIN;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
# add_header Referrer-Policy "no-referrer-when-downgrade";
# add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'";
# enable if letsencrypt
# ssl_certificate /etc/letsencrypt/live/local.dev/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/local.dev/privkey.pem;
# include /etc/letsencrypt/options-ssl-nginx.conf;
# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# enable if mkcert for localhost
# ssl_certificate /etc/nginx/ssl/local.dev/cert.pem;
# ssl_certificate_key /etc/nginx/ssl/local.dev/key.pem;
# enable if certbot verification were failed with other options
# location /.well-known/acme-challenge/ {
# root /letsencrypt/;
# default_type "text/plain";
# # try_files $uri =404;
# # break;
# }
location / {
try_files $uri $uri/ @app =404;
}
location @app {
proxy_pass https://local_dev;
proxy_hide_header X-Powered-By;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}