NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. NGINX is known for its high performance, stability, rich feature set, simple configuration, and low resource consumption
the nginx configuration file can be found in: /etc/nginx/nginx.conf
This file consists of:
gzip on;
worker_processes 2; # directive in global context http { # http context gzip on; # directive in http context server { # server context listen 80; # directive in server context } }
Inside nginx, you can specify multiple virtual servers, each described by a server { }
context.
server { listen *:80 default_server; server_name netguru.co; return 200 "Hello from netguru.co"; } server { listen *:80; server_name foo.co; return 200 "Hello from foo.co"; } server { listen *:81; server_name bar.co; return 200 "Hello from bar.co"; }
Nginx will first check the listen
directive to test which virtual server is listening on the given IP:port combination.
Then, the value from server_name
directive is tested against the Host
header, which stores the domain name of the server.
Nginx will choose the virtual server in the following order:
server_name
directive;default_server
flag;server_name netguru.co www.netguru.co; # exact match server_name *.netguru.co; # wildcard matching server_name netguru.*; # wildcard matching server_name ~^[0-9]*\.netguru\.co$; # regexp matching
Enabling gzip
should significantly reduce the weight of your response, thus it will appear faster on the client side.
SSL (standing for Socket Secure Layer) is a protocol providing a secure connection over HTTP. Technically SSL and TLS are different (as each is describing the different version of a protocol) - but many use those names interchangeably.
server { listen 443 ssl default_server; listen [::]:443 ssl default_server; ssl_certificate /etc/nginx/ssl/netguru.crt; ssl_certificate_key /etc/nginx/ssl/netguru.key; }
A reverse proxy is an intermediary proxy service which takes a client request, passes it on to one or more servers, and subsequently delivers the server’s response to the client. Benefits:
https://medium.com/@mohsin061/forward-proxy-and-reverse-proxy-500b9bd4bf8e
PHP-FPM
location ~* \.php$ { fastcgi_pass unix:/run/php/php7.0-fpm.sock; }
#fastcgi_pass 127.0.0.1:9000; #tcp connection #fastcgi_pass unix:/tmp/php5-fpm.sock; #unix socket
Using a socket (e.g. listen = '/tmp/php-fpm.sock') makes sense when both the front-end (e.g. Nginx) and php-fpm are in the same box and
C10K problem is referred for the network socket unable to handle a large number of client (10,000) at the same time.