Comprehensive Guide to Nginx: Installation, Configuration, and Performance Optimization

This article provides a deep dive into Nginx, starting with an introduction to its role as a high‑performance reverse proxy and load balancer, and explaining why moving from a single‑node deployment to a load‑balanced architecture improves availability and scalability.

It details step‑by‑step environment setup, including directory creation, downloading the source package, installing dependencies via yum , extracting the tarball, configuring with ./configure --prefix=/soft/nginx/ , compiling with make && make install , and verifying the installation.

The guide then covers core Nginx features:

Reverse proxy and load balancing with an upstream block, weight‑based traffic distribution, and health‑check settings.

Static‑dynamic separation using location regexes to serve static assets directly from a dedicated directory, reducing backend load.

Resource compression via the gzip module, with recommended directives for types, levels, and conditions.

Buffering configuration, explaining proxy_buffering , proxy_buffers , and related timeout and size parameters.

Proxy caching, including proxy_cache_path , cache keys, validity periods, and cache control directives.

IP whitelist/blacklist implementation using allow and deny , with external include files for easier management.

CORS handling by adding appropriate Access-Control-* headers and responding to preflight OPTIONS requests.

Anti‑hotlinking using valid_referers and returning a 403 status for invalid referers.

Large file transfer settings such as client_max_body_size and timeout adjustments.

SSL/TLS configuration with certificate, key, and protocol settings, plus HTTP‑to‑HTTPS redirection.

High availability using Keepalived and a virtual IP (VIP), including VRRP scripts, priority settings, and automatic Nginx restart scripts.

Performance tuning recommendations: enabling keepalive connections, sendfile , TCP options ( tcp_nodelay , tcp_nopush ), worker process scaling, CPU affinity, epoll event model, and connection limits.

Throughout the article, code snippets are presented in pre blocks with code tags to preserve exact commands and configuration syntax.

By following this guide, readers can deploy a robust, secure, and high‑performance Nginx gateway that supports load balancing, static asset delivery, caching, SSL, and automatic failover.