Book Image

NGINX Cookbook

By : Tim Butler
Book Image

NGINX Cookbook

By: Tim Butler

Overview of this book

NGINX Cookbook covers the basics of configuring NGINX as a web server for use with common web frameworks such as WordPress and Ruby on Rails, through to utilization as a reverse proxy. Designed as a go-to reference guide, this book will give you practical answers based on real-world deployments to get you up and running quickly. Recipes have also been provided for multiple SSL configurations, different logging scenarios, practical rewrites, and multiple load balancing scenarios. Advanced topics include covering bandwidth management, Docker container usage, performance tuning, OpenResty, and the NGINX Plus commercial features. By the time you've read this book, you will be able to adapt and use a wide variety of NGINX implementations to solve any problems you have.

Related Content you might be interested in

Current Title:

Small book image
NGINX Cookbook
Tim Butler
Aug, 2017 | 278 pages
Small book image
Nginx HTTP Server.
Martin Bjerretoft Fjordvald | Clement Nedelcu
Feb, 2018 | 348 pages
Small book image
Python Microservices Development – 2nd edition
Simon Fraser | Tarek Ziadé
Sep, 2021 | 310 pages
Small book image
Building Distributed Applications in Gin
Mohamed Labouardy
Jul, 2021 | 482 pages
Table of Contents (14 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Conventions
Reader feedback
Customer support
Free Chapter
1
Let's Get Started
Let's Get Started
Introduction
A quick installation guide
Configuring NGINX
Enabling modules
Deploying a basic site
Basic monitoring
Real-time statistics
2
Common PHP Scenarios
Common PHP Scenarios
Introduction
Configuring NGINX for WordPress
WordPress multisite with NGINX
Running Drupal using NGINX
Using NGINX with MediaWiki
Using Magento with NGINX
Configuring NGINX for Joomla
3
Common Frameworks
Common Frameworks
Introduction
Setting up Django with NGINX
Setting up NGINX with Express
Running Ruby on Rails with NGINX
Easy Flask with NGINX
Laravel via NGINX
Meteor applications with NGINX
High speed Beego with NGINX
4
All About SSLs
All About SSLs
Introduction
Basic SSL certificates
Enabling HTTP/2 on NGINX
Configuring HSTS in NGINX
Easy SSL certificates with Let's Encrypt
Making NGINX PCI DSS compliant
OCSP stapling with NGINX
Achieving full A+ Qualys rating
5
Logging
Logging
Introduction
Logging to syslog
Customizing web access logs
Virtual host log format
Application focused logging
Logging TLS mode and cipher information
Logging POST data
Conditional logging
Using the Elastic Stack
6
Rewrites
Rewrites
Introduction
Redirecting non-www to www-based sites
Redirecting to a new domain
Blocking malicious user agents
Redirecting all calls to HTTPS to secure your site
Redirecting pages and directories
Redirecting 404 errors through a search page
7
Reverse Proxy
Reverse Proxy
Introduction
Configuring NGINX as a simple reverse proxy
Content caching with NGINX
Monitoring cache status
Microcaching
Serving from cache when your backend is down
SSL termination proxy
Rate limiting
8
Load Balancing
Load Balancing
Introduction
Round robin load balancing
Least connected load balancing
Hash-based load balancing
Testing and debugging NGINX load balancing
TCP / application load balancing
NGINX as an SMTP load balancer
9
Advanced Features
Advanced Features
Introduction
Authentication with NGINX
WebDAV with NGINX
Bandwidth management with NGINX
Connection limiting with NGINX
Header modification with NGINX
10
Docker Containers
Docker Containers
Introduction
NGINX web server via Docker
NGINX reverse proxy via Docker
Docker Compose with NGINX
NGINX load balancing with Docker
11
Performance Tuning
Performance Tuning
Introduction
Gzipping content in NGINX
Enhancing NGINX with keep alive
Tuning worker processes and connections
Fine tuning basic Linux system limits
Integrating ngx_pagespeed
12
OpenResty
OpenResty
Introduction
Installing OpenResty
Getting started with OpenResty Lua
Lua microservices with OpenResty
Simple hit counter with a Redis backend
Powering API Gateways with OpenResty
13
NGINX Plus – The Commercial Offering
NGINX Plus – The Commercial Offering
Introduction
Installing NGINX Plus
Real-time server activity monitoring
Dynamic config reloading
Session persistence

Achieving full A+ Qualys rating

One of the benchmarks for configuring an SSL-based site is to achieve an A+ rating using the Qualys Server SSL Test. This is because Qualys has set a stringent set of expected results and minimum standards, designed to ensure that your website is as secure as possible.

Achieving this requires you to disable old protocols and ciphers, much in the way we do for PCI-DSS configurations. In fact, the basic PCI-DSS configuration we tested earlier already achieves an A+ rating. We're going to take it and go a bit further to give the ultimate SSL configuration for NGINX.

Some of these changes can cause backwards compatibility issues with older devices and browsers. Ensure you test it against your intended target audience thoroughly before using it in production.

Before we start, here's what a basic configuration (for example, our Let's Encrypt...

Previous Section
End of Chapter 4
Next Chapter