To work in the TECH industry as a Full Stack Engineer It's essential to know the configuration of NGINX and its core features! in this post I'm gon...
For further actions, you may consider blocking this person and/or reporting abuse
At first glance I liked the article. But then I figure out some issues.
Of course I understand it's written nowhere that this is the absolute best practice guide to nginx, but well I think a comment that mention the issues related to this cannot be a bad thing.
So let get started:
worker_processes 1;
is not good (especially with theworker_connection
config), and now nginx will use root user which is not really great...Thanks anyway for writing this article that shows nginx in a(n interesting) way. I just wanted to highlight that it's not the recommanded way. And I think you should mention this in your article.
If you're setting up a load balancer with TLS I recommend redirecting http to https. You can do this with a configuration along the following lines in nginx:
I'd also recommend running ssltest against your site. HTTPS has been around for a long time and there are several cyphers you don't want to allow; this site will give recommendations as to which cyphers you probably want to block.
Thanks, Jonathan for the tip. I think we need to create another virtual server in order to redirect HTTP to HTTPS:
I'm assuming you meant! great to hear ssltest, this is something I didn't know, will use it definitely in the future, and the credits will go to you. hope to have good rest of your life!
Is there a reason to build from source instead of
sudo apt install nginx
?Your distribution may (or may not) support optional packages such as
headers-more
, needed for proxy applications where you want to set the Server: response header for example.docs.nginx.com/nginx/admin-guide/d...
If your distro doesn't have them, then building from source is an alternative.
Nice to see simple and updated article on HTTP2 and SSL support :] well done!
Glad to hear it, Travis!
Simple and informative. Just what I needed. Thanks
A small typo in ssl part where you have slef.crt instead of self.crt
For easy folks with copy paste disorder might get busy by this :)
Great article!
Lately I'm working with gRPC, I'm wondering if you can proxy gRPC backend with NGINX HTTP2? Have you tried it?
Honestly, I just heard gPRC and don't know how to configure. here is the blog post Nginx as Reverse Proxy with GRPC and GRPC! Thanks for this awesome question, I'll try to learn this!
Nicely written!