Difference between revisions of "Nginx"
Jump to navigation
Jump to search
(4 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[https://nginx.org/ Nginx] is a webserver working very well on small systems | [https://nginx.org/ Nginx] is a webserver working very well on small systems | ||
+ | |||
+ | ;nginx -t | ||
+ | :Test configuration | ||
+ | |||
+ | ;nginx -V | ||
+ | :Print version, compiler version and configured parameters | ||
=Tips= | =Tips= | ||
# Put al customizations in your site-definitions (in ./sites-available) or in .conf files in the ./conf.d subdir. This make it easier to migrate your configuration to another server. | # Put al customizations in your site-definitions (in ./sites-available) or in .conf files in the ./conf.d subdir. This make it easier to migrate your configuration to another server. | ||
+ | |||
+ | ==PHP support== | ||
+ | To enable php suppport in ./sites-available/xxx put this | ||
+ | location ~ \.php$ { | ||
+ | #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini | ||
+ | include snippets/fastcgi-php.conf; | ||
+ | fastcgi_pass unix:/var/run/php/php8.1-fpm.sock; | ||
+ | fastcgi_intercept_errors on; | ||
+ | fastcgi_param HTTPS on; | ||
+ | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
+ | fastcgi_param SCRIPT_NAME $fastcgi_script_name; | ||
+ | |||
+ | } | ||
+ | |||
+ | ==Force clients to use https (HSTS)== | ||
+ | Add to ./conf.d/myconfig.conf | ||
+ | :<code>add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;</code> | ||
+ | |||
+ | Wipe browser history for the HSTS websites if HSTS settings were disabled but the max-age has not passed yet for your browser (31536000 seconds is 1 year). | ||
=Issues and fixes= | =Issues and fixes= | ||
Line 8: | Line 33: | ||
:Due to many servernames in a server definition. In a .conf file in /etc/nginx/conf.d put a line like | :Due to many servernames in a server definition. In a .conf file in /etc/nginx/conf.d put a line like | ||
:<code>server_names_hash_bucket_size 64;</code> | :<code>server_names_hash_bucket_size 64;</code> | ||
+ | |||
+ | ;Using listen <nowiki>[::]:80</nowiki> ipv6only=on; | ||
+ | :The ipv6only parameter can be set only once. If you have several virtual host you should not use it. |
Latest revision as of 14:36, 2 October 2022
Nginx is a webserver working very well on small systems
- nginx -t
- Test configuration
- nginx -V
- Print version, compiler version and configured parameters
Tips
- Put al customizations in your site-definitions (in ./sites-available) or in .conf files in the ./conf.d subdir. This make it easier to migrate your configuration to another server.
PHP support
To enable php suppport in ./sites-available/xxx put this
location ~ \.php$ { #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini include snippets/fastcgi-php.conf; fastcgi_pass unix:/var/run/php/php8.1-fpm.sock; fastcgi_intercept_errors on; fastcgi_param HTTPS on; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; }
Force clients to use https (HSTS)
Add to ./conf.d/myconfig.conf
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
Wipe browser history for the HSTS websites if HSTS settings were disabled but the max-age has not passed yet for your browser (31536000 seconds is 1 year).
Issues and fixes
- could not build server_names_hash, you should increase server_names_hash_bucket_size: 32
- Due to many servernames in a server definition. In a .conf file in /etc/nginx/conf.d put a line like
server_names_hash_bucket_size 64;
- Using listen [::]:80 ipv6only=on;
- The ipv6only parameter can be set only once. If you have several virtual host you should not use it.