Configuring Nginx for High‑Performance Static Sites: Caching, Gzip, CORS, and Anti‑Hotlinking
This article explains how to configure Nginx for a high‑performance static website by setting up proper caching headers, enabling gzip compression, configuring cross‑origin resource sharing, and implementing hotlink protection, with detailed code examples and explanations of the underlying principles.
Overview: The article summarizes practical issues encountered when configuring Nginx for a high‑performance static website, covering caching, gzip compression, cross‑origin resource sharing (CORS), and hotlink protection.
Cache: By setting appropriate Expires and Cache-Control headers (e.g., expires 30d or max-age=time ), browsers can reuse resources, reducing latency and improving user experience.
location ~* \.(jpg|jpeg|png|gif)$ {
expires 30d;
}
#expires 30s; # cache 30 seconds
#expires 30m; # cache 30 minutes
#expires 2h; # cache 2 hours
#expires 30d; # cache 30 daysPrinciple analysis: The request‑response flow is described step‑by‑step, showing how the browser first fetches a resource, how the server returns caching headers, how the browser validates cached content using ETag and Last-Modified , and how a 304 response is used when the resource is unchanged.
Cache‑control rules: The article explains that Cache-Control has higher priority than Expires and provides example configurations for static assets such as CSS and JavaScript.
location ~* \.(css|js)$ {
expires 7d;
add_header Cache-Control "public";
}location ~* \.(css|js)$ {
expires 600;
add_header Cache-control max-age=800;
}Gzip module: Enabling gzip reduces the amount of data transferred; the article shows how to turn it on, set the HTTP version, compression level, and the MIME types to compress.
location ~ .*\.(jpg|gif|png|js)$ {
gzip on;
gzip_http_version 1.1;
gzip_comp_level 2; # compression level, default 1, max 9
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif img/png;
}CORS and anti‑hotlinking: The article provides Nginx directives to allow specific origins, methods, and headers, handle OPTIONS pre‑flight requests, and block hotlinking by checking the Referer header.
server {
listen 80;
server_name www.stark.com;
location / {
add_header 'Access-Control-Allow-Origin' 'http://stark1.com https://stark2.com';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type';
add_header 'Access-Control-Max-Age' 1728000;
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
}
}server {
listen 80;
server_name yourdomain.com;
location / {
root /path/to/your/files;
valid_referers none blocked server_names *.yourdomain.com;
if ($invalid_referer) {
return 403;
}
}
}Java Architect Essentials
Committed to sharing quality articles and tutorials to help Java programmers progress from junior to mid-level to senior architect. We curate high-quality learning resources, interview questions, videos, and projects from across the internet to help you systematically improve your Java architecture skills. Follow and reply '1024' to get Java programming resources. Learn together, grow together.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.