Comprehensive Guide to Nginx: Architecture, Configuration, and Advanced Features

This article provides a thorough introduction to Nginx, highlighting its high‑performance HTTP and reverse‑proxy capabilities and emphasizing the importance of understanding its architecture and working principles for developers.

1. Nginx Introduction

Key characteristics such as asynchronous non‑blocking I/O, modular design, low memory consumption, high reliability, hot deployment, and support for massive concurrent connections are described.

2. Installation

Installation steps are referenced, with a link to a separate guide for CentOS 7.

3. Directory Overview

The tree /usr/local/nginx/ -L 2 command output shows the layout of configuration, HTML, logs, binaries, and other directories.

4. nginx.conf Structure

The configuration file consists of global, events, http, server, location, and upstream blocks. Each block’s purpose is explained, and a simplified hierarchy is illustrated.

5. Location Matching Rules

Various location modifiers (=, ~, ~*, ^~, /) and their matching priorities are detailed, with practical curl examples demonstrating exact, prefix, regex, and generic matches.

6. Reverse Proxy

Steps to configure upstream services and use proxy_pass for request forwarding are shown, including troubleshooting permission issues with SELinux.

7. Load Balancing

Common load‑balancing algorithms (round‑robin, weight, ip_hash, least_conn) are compared, and configuration examples illustrate how to influence traffic distribution among multiple backend services.

8. Static/Dynamic Separation

Static assets are served directly from Nginx while dynamic requests are proxied to backend services, improving performance and reducing backend load.

9. Cross‑Origin Resource Sharing (CORS)

The article explains the same‑origin policy, demonstrates CORS issues, and shows how to avoid them by serving frontend and backend under the same server block.

10. Caching

Proxy caching directives ( proxy_cache_path, proxy_cache, proxy_cache_valid, etc.) are described, with examples of cache key design, cache bypass conditions, and cache status headers.

11. Black/White Lists

Access control using allow and deny directives is demonstrated, including IP‑based restrictions and the use of external files for large lists.

12. Rate Limiting

Both request‑rate limiting ( limit_req_zone, limit_req) and connection‑based limiting ( limit_conn_zone, limit_conn) are covered, with explanations of burst buffers, nodelay, and custom status codes.

13. HTTPS Configuration

Steps to enable SSL, obtain a free certificate, configure ssl_certificate and ssl_certificate_key, and set up HTTP‑to‑HTTPS redirection are provided.

14. Compression

Enabling gzip compression with directives such as gzip on, gzip_types, and gzip_comp_level is explained, showing the trade‑off between reduced payload size and CPU overhead.

15. Additional Useful Directives

Common directives like rewrite, if, global variables, auto_index, root, alias, and upstream parameters (weight, backup, fail_timeout) are summarized.

16. Retry Strategies

Configuration of failure detection, retry attempts, and backup servers using fail_timeout, max_fails, and the backup flag is illustrated.

17. Full nginx.conf Example

The complete configuration file used throughout the tutorial is presented, encompassing all previously discussed features.