BestHub
Sign in
Backend Development 4 min read

Essential Nginx Configuration Cheat Sheet for Fast Web Servers

This article presents a concise Nginx cheat sheet covering common configuration blocks such as listening ports, access logs, server names, static file serving, redirects, reverse proxy, load balancing, and SSL settings, providing ready-to-use code snippets to help developers quickly set up and optimize their web servers.

Open Source Linux
Open Source Linux
Open Source Linux
Essential Nginx Configuration Cheat Sheet for Fast Web Servers

Nginx is a high‑performance HTTP and reverse‑proxy web server that also provides IMAP/POP3/SMTP services; its rich feature set, stability, example configurations and low resource consumption make it popular among developers. This article summarizes several commonly used Nginx configuration snippets.

Listening Ports

server {
  # Standard HTTP Protocol
  listen 80;
  # Standard HTTPS Protocol
  listen 443 ssl;
  # For http2
  listen 443 ssl http2;
  # Listen on 80 using IPv6
  listen [::]:80;
  # Listen only on using IPv6
  listen [::]:80 ipv6only=on;
}

Access Log

server {
  # Relative or full path to log file
  access_log /path/to/file.log;
  # Turn 'on' or 'off'
  access_log on;
}

Server Names (Domain)

server {
  # Listen to yourdomain.com
  server_name yourdomain.com;
  # Listen to multiple domains
  server_name yourdomain.com www.yourdomain.com;
  # Listen to all subdomains
  server_name *.yourdomain.com;
  # Listen to all top‑level domains
  server_name yourdomain.*;
  # Listen to unspecified Hostnames (IP address itself)
  server_name "";
}

Static Resources

server {
  listen 80;
  server_name yourdomain.com;
  location / {
      root /path/to/website;
  }
}

Redirects

server {
  listen 80;
  server_name www.yourdomain.com;
  return 301 http://yourdomain.com$request_uri;
}
server {
  listen 80;
  server_name www.yourdomain.com;
  location /redirect-url {
     return 301 http://otherdomain.com;
  }
}

Reverse Proxy

server {
  listen 80;
  server_name yourdomain.com;
  location / {
     proxy_pass http://0.0.0.0:3000;
     # where 0.0.0.0:3000 is your application server (e.g., node.js) bound on 0.0.0.0 listening on port 3000
  }
}

Load Balancing

upstream node_js {
  server 0.0.0.0:3000;
  server 0.0.0.0:4000;
  server 123.131.121.122;
}
server {
  listen 80;
  server_name yourdomain.com;
  location / {
     proxy_pass http://node_js;
  }
}

SSL Settings

server {
  listen 443 ssl;
  server_name yourdomain.com;
  ssl on;
  ssl_certificate /path/to/cert.pem;
  ssl_certificate_key /path/to/privatekey.pem;
  ssl_stapling on;
  ssl_stapling_verify on;
  ssl_trusted_certificate /path/to/fullchain.pem;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_session_timeout 1h;
  ssl_session_cache shared:SSL:50m;
  add_header Strict-Transport-Security max-age=15768000;
}
# Permanent Redirect for HTTP to HTTPS
server {
  listen 80;
  server_name yourdomain.com;
  return 301 https://$host$request_uri;
}
Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

HTTPSSL
Open Source Linux
Written by

Open Source Linux

Focused on sharing Linux/Unix content, covering fundamentals, system development, network programming, automation/operations, cloud computing, and related professional knowledge.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment