Operations 5 min read

Essential Nginx Configuration Cheat Sheet: Listening Ports, SSL, Proxy, and More

This article compiles a practical Nginx cheat sheet covering listening ports, access logs, server names, static file serving, redirects, reverse proxy, load balancing, SSL settings, and a visual configuration tool, providing ready-to-use snippets for high‑performance web server setups.

Liangxu Linux

Dec 9, 2021

Nginx is a high‑performance HTTP server and reverse proxy that also supports IMAP/POP3/SMTP services.

Listening Ports

server {
    # Standard HTTP
    listen 80;
    # Standard HTTPS
    listen 443 ssl;
    # Enable HTTP/2 on HTTPS
    listen 443 ssl http2;
    # IPv6 HTTP
    listen [::]:80;
    # IPv6 only
    listen [::]:80 ipv6only=on;
}

Access Log

server {
    # Path to log file (absolute or relative)
    access_log /path/to/file.log;
    # Enable or disable logging
    access_log on;
}

Domain (Server Name)

server {
    # Single domain
    server_name yourdomain.com;
    # Multiple domains (uncomment as needed)
    # server_name yourdomain.com www.yourdomain.com;
    # Wildcard for all sub‑domains
    server_name *.yourdomain.com;
    # Wildcard for any top‑level domain
    server_name yourdomain.*;
    # Empty string matches requests without a Host header (IP address)
    server_name "";
}

Static Assets

server {
    listen 80;
    server_name yourdomain.com;
    location / {
        root /path/to/website;
    }
}

Redirects

# Redirect www to bare domain
server {
    listen 80;
    server_name www.yourdomain.com;
    return 301 http://yourdomain.com$request_uri;
}

# Redirect a specific path to another domain
server {
    listen 80;
    server_name www.yourdomain.com;
    location /redirect-url {
        return 301 http://otherdomain.com;
    }
}

Reverse Proxy

server {
    listen 80;
    server_name yourdomain.com;
    location / {
        proxy_pass http://0.0.0.0:3000;  # Application server (e.g., Node.js)
    }
}

Load Balancing

upstream node_js {
    server 0.0.0.0:3000;
    server 0.0.0.0:4000;
    server 123.131.121.122;
}

server {
    listen 80;
    server_name yourdomain.com;
    location / {
        proxy_pass http://node_js;
    }
}

SSL Configuration

server {
    listen 443 ssl;
    server_name yourdomain.com;
    ssl_certificate /path/to/cert.pem;
    ssl_certificate_key /path/to/privatekey.pem;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /path/to/fullchain.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_session_timeout 1h;
    ssl_session_cache shared:SSL:50m;
    add_header Strict-Transport-Security "max-age=15768000";
}

# Permanent HTTP→HTTPS redirect
server {
    listen 80;
    server_name yourdomain.com;
    return 301 https://$host$request_uri;
}

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.

load balancing Nginx reverse proxy Web server SSL

Written by

Liangxu Linux

Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)

0 followers

Reader feedback

How this landed with the community

Rate this article

Was this worth your time?

Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.