Nginx is a lightweight, high
performance web server/reverse proxy and e-mail (IMAP/POP3) proxy. It
runs on UNIX, GNU/Linux, BSD variants, Mac OS X, Solaris, and Microsoft
Windows. According to Netcraft, 6% of all domains on the Internet use
nginx webserver. Nginx is one of a handful of servers written to address
the C10K problem. Unlike traditional servers, Nginx doesn't rely on
threads to handle requests. Instead it uses a much more scalable
event-driven (asynchronous) architecture. Nginx powers several high
traffic web sites, such as WordPress, Hulu, Github, and SourceForge.
This page collects hints how to improve the security of nginx web
servers running on Linux or UNIX like operating systems.
Showing posts with label NGINX. Show all posts
Showing posts with label NGINX. Show all posts
Friday 27 December 2013
Configure and Install With IPv6 Networking Support on Nginx
Compile Nginx With IPv6 Support
You need to pass the --with-ipv6 option to configure command. Type the following command to compile it, enter:# cd /path/to/nginx-src-code/
# ./configure --without-http_autoindex_module --without-http_userid_module \
--without-http_auth_basic_module --without-http_geo_module \
--without-http_fastcgi_module --without-http_empty_gif_module \Block And Deny IP Address OR Network Subnets on Nginx
Nginx comes with a simple module called ngx_http_access_module to allow or deny access to IP address. The syntax is as follows:
deny IP; deny subnet; allow IP; allow subnet; # block all ips deny all; # allow all ips allow all;Note rules are checked in the order of their record to the first match.
HowTo Block User Agent on Nginx
How do I block a http user agent or a software agent using Nginx web server under Linux or Unix like operating systems?
You can block any http user agents with GET / POST requests that scrape your content or try to exploit software vulnerability. Use the following syntax. Edit /usr/local/nginx/conf/nginx.conf file, enter:
You can block any http user agents with GET / POST requests that scrape your content or try to exploit software vulnerability. Use the following syntax. Edit /usr/local/nginx/conf/nginx.conf file, enter:
Nginx Redirect URL With HTTP/1.1 301 Moved Permanently Header
How do I redirect old ugly urls such as
http://example.com/store/view.jsp?product=foo with clean url -
http://example.com/store/view/product/foo using nginx reverse proxy?
You need to use HttpRewriteModule under nginx web server. This module makes it possible to change URI using regular expressions (PCRE), and to redirect and select configuration depending on variables. The syntax is as follows to chage URI in accordance with the regular expression and the replacement string.
You need to use HttpRewriteModule under nginx web server. This module makes it possible to change URI using regular expressions (PCRE), and to redirect and select configuration depending on variables. The syntax is as follows to chage URI in accordance with the regular expression and the replacement string.
Too Many Open Files Error And Solution on Nginx
I'm getting the following error in my nginx server error log file:
2010/04/16 13:24:16 [crit] 21974#0: *3188937 open() "/usr/local/nginx/html/50x.html" failed (24: Too many open files), client: 88.x.y.z, server: example.com, request: "GET /file/images/background.jpg HTTP/1.1", upstream: "http://10.8.4.227:81//file/images/background.jpg", host: "example.com"
Setup SSL Reverse Proxy (Load Balanced SSL Proxy) on Nginx
A reverse proxy is a proxy server that
is installed in a server network. Typically, reverse proxies are used in
front of Web servers such as Apache, IIS, and Lighttpd. How do I setup
nginx web server as SSL reverse proxy?
When you've multiple backend web servers, encryption / SSL acceleration can be done by a reverse proxy. Nginx can act as SSL acceleration software. It provided the following benefits:
Easy of use : Nginx is easy to setup and upgrade.
When you've multiple backend web servers, encryption / SSL acceleration can be done by a reverse proxy. Nginx can act as SSL acceleration software. It provided the following benefits:
mod_extforward: Lighttpd Log Clients Real IP Behind Reverse Proxy / Load Balancer
I've setup 5 lighttpd web servers
behind Nginx based reverse proxy / load balancer to distribute load for
busy e-commerce website. However, all web server nodes putting my load
balncers two IP address in access log file. How do I force lighttpd to
log a real IP (public IP) address of all client computers visiting our
website?
You need to use mod_extforward under Lighttpd to extract and log the client's real IP from "X-Forwarded-For" or "X-Real-IP" header which is added by reverse proxy server such as Nginx or Squid proxy server.
You need to use mod_extforward under Lighttpd to extract and log the client's real IP from "X-Forwarded-For" or "X-Real-IP" header which is added by reverse proxy server such as Nginx or Squid proxy server.
Create Custom 404 / 403 Error Page on NGINX
How do I create a custom static HTTP 404 or HTTP 403 error page under nginx web server?
First create 404.html in your document root. The default is location is /usr/local/nginx/html/. So create a HTML file as follows:
First create 404.html in your document root. The default is location is /usr/local/nginx/html/. So create a HTML file as follows:
Nginx Redirect All HTTP Request To HTTPS Rewrite Rules
have setup nginx as a secure reverse proxy server. How do I redirect all http://example.com/ requests (traffic) to https://example.com/ under nginx web server?
The syntax is as follows. You need to add the following in location or server directives:
The syntax is as follows. You need to add the following in location or server directives:
Subscribe to:
Posts (Atom)