10 Essential Nginx Settings to Boost Performance and Security

1. Set worker processes

Nginx uses a master‑worker model; set worker_processes auto to let Nginx detect CPU cores, or manually set e.g. worker_processes 4 for a 4‑core CPU.

2. Configure worker connections

The worker_connections directive defines the maximum simultaneous connections per worker. Ensure the value is large enough for peak traffic. The total maximum concurrent connections equals worker_processes * worker_connections.

events {
    worker_connections 1024;
}

3. Enable gzip compression

Gzip reduces HTTP response size. Add the following directives:

gzip on;
gzip_types text/plain text/css application/json application/javascript application/xml;
gzip_proxied any;
gzip_vary on;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;

4. Configure browser caching

Set Cache-Control and Expires headers to control client caching:

location ~*\.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
    expires 30d;
    access_log off;
}

5. Limit request body size

Prevent oversized uploads with:

client_max_body_size 100m;

6. Set up SSL/TLS

Enable HTTPS using certificates such as Let’s Encrypt.

7. Enable HTTP/2

Add http2 to the listen directive:

listen 443 ssl http2;

8. Adjust connection timeouts

client_header_timeout 15s;
client_body_timeout 15s;
send_timeout 15s;

9. Hide Nginx version

server_tokens off;

10. Use Lua extensions

Lua can extend Nginx for features like WAF or API gateways.