Nginx
These notes are written for Ubuntu/Debian. Commands using
aptmay differ on other distributions.
Web server and reverse proxy. Used to serve static files and route traffic to your applications.
Installation
File Structure
/var/www/— where your websites live. You can delete the default/var/www/htmland clone your projects here./etc/nginx/sites-available/— config files for each site (inactive until linked)./etc/nginx/sites-enabled/— symlinks to active sites.
Remove the Default Page
After installation, nginx serves a default welcome page for any unmatched request. To get a 404 instead, remove the default site:
This unlinks the default config without deleting it from sites-available. Once removed, requests that don't match any configured server_name will return 404.
Rate Limiting
Define a rate limit zone in /etc/nginx/nginx.conf, inside the http {} block:
| Parameter | Description |
|---|---|
$binary_remote_addr |
Key per client IP |
zone=general:10m |
Zone named general, 10MB of memory (~160k IPs) |
rate=10r/s |
Max 10 requests per second per IP |
Configure a Site
Create a config file in sites-available:
server {
server_name lucasgoi.fr;
location / {
limit_req zone=general burst=20 nodelay;
root /var/www/lucasgoi.fr/lucasgoi-website;
index index.html;
}
}
| Directive | Description |
|---|---|
zone=general |
Uses the zone defined in nginx.conf |
burst=20 |
Allows up to 20 queued requests above the rate limit |
nodelay |
Excess burst requests are processed immediately (not delayed) |
| Directive | Description |
|---|---|
server_name |
Domain(s) this block responds to |
root |
Path to the website files |
index |
Default file to serve |
Then enable it by creating a symlink to sites-enabled:
Test and reload:
Firewall
Allow Nginx through UFW: