6. The NGINX HTTP Server | Mastering NGINX

Sign In Start Free Trial

Book Overview & Buying
Table Of Contents

Mastering NGINX - Second Edition

By : Aivaliotis

5 (1)

Mastering NGINX

5 (1)

By: Aivaliotis

Overview of this book

NGINX is a high-performance HTTP server and mail proxy designed to use very few system resources. But despite its power it is often a challenge to properly configure NGINX to meet your expectations. Mastering Nginx is the solution – an insider’s guide that will clarify the murky waters of NGINX’s configuration. Tune NGINX for various situations, improve your NGINX experience with some of the more obscure configuration directives, and discover how to design and personalize a configuration to match your needs. To begin with, quickly brush up on installing and setting up the NGINX server on the OS and its integration with third-party modules. From here, move on to explain NGINX's mail proxy module and its authentication, and reverse proxy to solve scaling issues. Then see how to integrate NGINX with your applications to perform tasks. The latter part of the book focuses on working through techniques to solve common web issues and the know-hows using NGINX modules. Finally, we will also explore different configurations that will help you troubleshoot NGINX server and assist with performance tuning.

Preface

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Free Chapter

1. Installing NGINX and Third-Party Modules

1. Installing NGINX and Third-Party Modules

Installing NGINX using a package manager

Installing NGINX from source

Configuring SSL support

Enabling various modules

Finding and installing third-party modules

Adding support for Lua

Putting it all together

Summary

2. A Configuration Guide

2. A Configuration Guide

The basic configuration format

NGINX global configuration parameters

Using the include files

The HTTP server section

The virtual server section

Locations – where, when, and how

Full sample configuration

Summary

3. Using the mail Module

3. Using the mail Module

Basic proxy service

Authentication service

Combining with memcached

Interpreting log files

Operating system limits

Summary

4. NGINX as a Reverse Proxy

4. NGINX as a Reverse Proxy

Introducing reverse proxying

The proxy module

Legacy servers with cookies

The upstream module

Keepalive connections

Types of upstream servers

Single upstream server

Multiple upstream servers

Non-HTTP upstream servers

Load-balancing

Converting an if-fy configuration to a more modern interpretation

Using error documents to handle upstream problems

Determining the client's real IP address

Summary

5. Reverse Proxy Advanced Topics

5. Reverse Proxy Advanced Topics

Security through separation

Isolating application components for scalability

Reverse proxy performance tuning

Summary

6. The NGINX HTTP Server

6. The NGINX HTTP Server

NGINX's architecture

The HTTP core module

Using limits to prevent abuse

Restricting access

Streaming media files

Predefined variables

SPDY and HTTP/2

Using NGINX with PHP-FPM

Wiring NGINX and uWSGI together

Summary

7. NGINX for the Application Developer

7. NGINX for the Application Developer

Caching integration

Changing content on-the-fly

Using Server Side Includes

Decision-making in NGINX

Creating a secure link

Generating images

Tracking website visitors

Preventing inadvertent code execution

Summary

8. Integrating Lua with NGINX

8. Integrating Lua with NGINX

The ngx_lua module

Integrating with Lua

Logging with Lua

Summary

9. Troubleshooting Techniques

9. Troubleshooting Techniques

Analyzing log files

Configuring advanced logging

Common configuration errors

Operating system limits

Performance problems

Using the Stub Status module

Summary

A. Directive Reference

A. Directive Reference

B. The Rewrite Rule Guide

B. The Rewrite Rule Guide

Introducing the rewrite module

Creating new rewrite rules

Translating from Apache

Summary

C. The NGINX Community

C. The NGINX Community

NGINX Plus

Mailing list

IRC channel

Web resources

Writing a good bug report

Summary

D. Persisting Solaris Network Tunings

D. Persisting Solaris Network Tunings

Index

Index

Using limits to prevent abuse

We build and host websites because we want users to visit them. We want our websites to always be available for legitimate access. This means that we may have to take measures to limit access to abusive users. We may define abusive to mean anything from one request per second to a number of connections from the same IP address. Abuse can also take the form of a distributed denial-of-service (DDoS) attack, where bots running on multiple machines around the world all try to access the site as many times as possible at the same time. In this section, we will explore methods to counter each type of abuse to ensure that our websites are available.

First, let's take a look at the different configuration directives that will help us achieve our goal:

HTTP limits directives	Explanation
`limit_conn`	This directive specifies a shared memory zone (configured with `limit_conn_zone`) and the maximum number of connections that are allowed per key value.
`limit_conn_log_level...`

CONTINUE READING

83

Tech Concepts

36

Programming languages

73

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Mastering NGINX

Search

Your notes and bookmarks