Nginx configuration, security, and other information

0

Nginx is rapidly gaining popularity in the WebHosting world, especially since performance, speed, and scaling are becoming ever more important.  Nginx is capable of handling a large amount of concurrent connections with a fair amount of ease. It is used today in over 25% or so of the top 10,000 websites which tells you how much its performance is valued.  It is especially written to handle the C10K problem which means that it is designed to handle 10,000 concurrent connections on a website.

In the past several months with various clients, rolling out Nginx has been a real treat to work with.  In my recent dealings with Nginx, I have compiled some odds and ends of things I have run into with Nginx configuration wise, security, etc, and the workarounds or configuration details to get around those things.

Installing Nginx in Ubuntu:

  • apt-get update && apt-get install nginx

Hiding Nginx Server Version:

Add the following to nginx.conf under a server configuration block:

  • server_tokens off;

Default Nginx Server configuration block for WordPress

Redirecting a Site in Nginx

server {
   
    listen 80;
    server_name website.toberedirected.com;
    rewrite ^/(.*) https://www.targetwebsite.com/$1 permanent;
 
}

Deleting Pagespeed Cache Nginx

  • touch /var/ngx_pagespeed_cache/cache.flush

Output Current Nginx configuration to a text file:

  • nginx -V &> text.txt

SSL configuration Nginx

Create the certificate key:

cd /etc/nginx/conf

# openssl genrsa -des3 -out server.key 2048
# openssl req -new -key server.key -out server.csr
# cp server.key server.key.org
# openssl rsa -in server.key.org -out server.key
# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Change the server block to something similar to the following:

server {
server_name example.com;
listen 443;
ssl on;
ssl_certificate /usr/local/nginx/conf/server.crt;
ssl_certificate_key /usr/local/nginx/conf/server.key;
access_log /usr/local/nginx/logs/ssl.access.log;
error_log /usr/local/nginx/logs/ssl.error.log;
}

Nginx.conf with Pagespeed module and gzip settings

 

Final Thoughts

These are just a few things I have ran into in configuring and setting up Nginx on a few WordPress installations and tweaks that have presented themselves in going along.  Please comment additional tweaks you guys have seen that have made a difference in your Nginx environments.