Nginx can directly serve static files (such as HTML, CSS) and also act as a reverse proxy, forwarding requests to your web service (such as an application running on port 8080).

Configuration Files

The main configuration file is typically located at /etc/nginx/nginx.conf, but you’ll more often use site configurations in /etc/nginx/sites-available/ and /etc/nginx/sites-enabled/.

Event-Driven Model

You don’t need to understand it deeply, but knowing that Nginx can efficiently handle a large number of concurrent requests is enough.

Installation and Basic Operations

Installation

  • Ubuntu/Debian: sudo apt update && sudo apt install nginx
  • CentOS/RHEL: sudo yum install nginx
  • Check version: nginx -v

Common Commands

  • Start: sudo systemctl start nginx
  • Restart: sudo systemctl restart nginx
  • Test configuration: nginx -t (very important to avoid configuration errors)
  • Reload configuration (without service interruption): sudo systemctl reload nginx
  • Stop: sudo systemctl stop nginx

Configuration File Basics

Structure

The configuration consists of “blocks” enclosed in {}, such as server {}, location {}.

Common Directives

  • listen: The port to listen on (e.g., listen 80;)
  • server_name: Domain name or IP (e.g., server_name example.com;)
  • proxy_pass: Forward requests to the backend (e.g., proxy_pass http://localhost:8080;)
  • root and index: If directly serving static files, specify the file path and default homepage

Reverse Proxy Configuration

This is the feature you’ll need most right now. Assuming your web service is running on localhost:8080, the configuration is as follows:

server {
    listen 80;
    server_name your-domain.com;

    location / {
        proxy_pass http://localhost:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

This will forward requests from the external network to your service.

Basic Traffic Control

Request Rate Limiting

Example:

limit_req_zone $binary_remote_addr zone=mylimit:10m rate=1r/s;
server {
    listen 80;
    location / {
        limit_req zone=mylimit burst=5;
        proxy_pass http://localhost:8080;
    }
}

Meaning: Each IP can make at most 1 request per second, with bursts of up to 5 requests allowed.

Blacklist

Example:

server {
    listen 80;
    deny 192.168.1.100; # Block specific IP
    allow all;          # Allow all others
    location / {
        proxy_pass http://localhost:8080;
    }
}

Logging and Debugging

Default Log Paths

  • Access log: /var/log/nginx/access.log
  • Error log: /var/log/nginx/error.log
  • Check logs: tail -f /var/log/nginx/error.log (real-time error viewing)

Steps for Beginners Using Nginx

1. Install and Start

After installation, access your server’s IP. If you see the “Welcome to nginx!” page, it means it’s running properly.

2. Create a Simple Reverse Proxy

Create a file in /etc/nginx/sites-available/ (e.g., myapp):

server {
    listen 80;
    server_name your-ip-or-domain;

    location / {
        proxy_pass http://localhost:8080;
    }
}

3. Enable Configuration

sudo ln -s /etc/nginx/sites-available/myapp /etc/nginx/sites-enabled/
nginx -t # Check configuration is correct before
sudo systemctl reload nginx

4. Test Access

Use a browser or curl to access your server’s IP and ensure you can see the content of your web service.

5. Gradually Add Features

  • Need HTTPS? Configure SSL with Certbot
  • Need a blacklist? Add deny directives
  • Need rate limiting? Add limit_req

Key Focus Areas for New Developers

  1. Learn the Basics First: Reverse proxy, port listening, simple location routing
  2. Expand as Needed: Learn load balancing when traffic increases, SSL and firewall when security requirements are high
  3. Utilize Tools:
    • Online configuration generators (like nginxconfig.io) can quickly generate configuration files
    • Official documentation (nginx.org) and community tutorials are practical
  4. Common Problem Solutions:
    • 502 error: Backend service not running or wrong address
    • 403/404: Permission or path issues, check logs
    • Configuration not taking effect: Forgot to reload

Learning Suggestions

  • Goal-Oriented: Focus first on your needs (exposing services, blacklisting), don’t start with complex features
  • Practice-Based: Set up an environment on your local machine or cloud server, try changing configurations to see effects
  • Step by Step:
    1. First step: Get reverse proxy working
    2. Second step: Add a blacklist or rate limiting
    3. Third step: Configure HTTPS (using free Let’s Encrypt certificates)

Summary

For new developers, you need to master:

  • Installing Nginx and basic commands
  • Simple reverse proxy configuration (proxy_pass)
  • Basic traffic control (limit_req, deny)
  • Log viewing and troubleshooting

Comments