Measures Concepts
GitHub icon

Nginx

Nginx - Config format

< >
menu_book edit

Nginx is an open source config format created in 2004.

#94on PLDB 20Years Old 6kRepos

Nginx ( EN-jin-EKS) (stylized as NGINX, NGiИX or nginx) is a web server which can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. The software was created by Igor Sysoev and first publicly released in 2004. A company of the same name was founded in 2011 to provide support and Nginx plus paid software.Nginx is free and open-source software, released under the terms of a BSD-like license. Read more on Wikipedia...


Example from the web:
#user nobody; worker_processes 1; #error_log logs/error.log; #pid /run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; gzip on; gzip_http_version 1.1; gzip_comp_level 2; gzip_types text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript; server { listen 80; server_name localhost; access_log logs/localhost.access.log main; location / { root html; index index.html index.htm; } include /etc/nginx/sites-enabled/*; } }
Example from Linguist:
# Move the www people to no-www server { listen 80; server_name www.example.com; return 301 $scheme://example.com$request_uri; } server { listen 80; listen 443 ssl; server_name example.com; # Certs sent to the client in SERVER HELLO are concatenated in ssl_certificate ssl_certificate /srv/www/example.com/ssl/example.com.crt; ssl_certificate_key /srv/www/example.com/ssl/example.com.key; # Allow multiple connections to use the same key data ssl_session_timeout 5m; ssl_session_cache shared:SSL:50m; # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits ssl_dhparam /etc/ssl/certs/dhparam.pem; # Intermediate configuration. tweak to your needs ssl_protocols TLSv1 TLSv1.1 TLSv1.2; include snippets/ssl_ciphers_intermediate.conf; ssl_prefer_server_ciphers on; # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months) #add_header Strict-Transport-Security max-age=15768000; # OCSP Stapling - fetch OCSP records from URL in ssl_certificate and cache them ssl_stapling on; ssl_stapling_verify on; # Verify chain of trust of OCSP response using Root CA and Intermediate certs ssl_trusted_certificate /srv/www/example.com/ssl/unified-ssl.crt; resolver 8.8.8.8 8.8.4.4; resolver_timeout 10s; root /srv/www/example.com/htdocs; index index.php index.html index.htm; charset UTF-8; autoindex off; # Deny access based on HTTP method (set in HTTP level) if ($bad_method = 1) { return 444; } # Show "Not Found" 404 errors in place of "Forbidden" 403 errors, because # forbidden errors allow attackers potential insight into your server's # layout and contents error_page 403 = 404; # It's always good to set logs, note however you cannot turn off the error log # setting error_log off; will simply create a file called 'off'. access_log /var/log/nginx/example.com.access.log; error_log /var/log/nginx/example.com.error.log; # Add trailing slash to */wp-admin requests. rewrite /wp-admin$ $scheme://$host$uri/ permanent; location / { # This try_files directive is used to enable pretty, SEO-friendly URLs # and permalinks for Wordpress. Leave it *off* to start with, and then # turn it on once you've gotten Wordpress configured! try_files $uri $uri/ /index.php?$args; } # Option to create password protected directory # http://www.howtoforge.com/basic-http-authentication-with-nginx # location /admin { # auth_basic "Administrator Login"; # auth_basic_user_file /var/www/domain.com/admin/.htpasswd; # } # Do not log access to these to keep the logs cleaner location = /favicon.ico { log_not_found off; access_log off; } location = /apple-touch-icon.png { log_not_found off; access_log off; } location = /apple-touch-icon-precomposed.png { log_not_found off; access_log off; } # This block will catch static file requests, such as images, css, js # The ?: prefix is a 'non-capturing' mark, meaning we do not require # the pattern to be captured into $1 which should help improve performance location ~* \.(?:3gp|gif|jpg|jpe?g|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff)$ { # Some basic cache-control for static files to be sent to the browser expires max; add_header Pragma public; add_header Cache-Control "public, must-revalidate, proxy-revalidate"; } # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) location ~ /\. { access_log off; log_not_found off; deny all; } location ~ ~$ { access_log off; log_not_found off; deny all; } # Common deny or internal locations, to help prevent access to areas of # the site that should not be public location ~* wp-admin/includes { deny all; } location ~* wp-includes/theme-compat/ { deny all; } location ~* wp-includes/js/tinymce/langs/.*\.php { deny all; } location /wp-content/ { internal; } # Deny access to any files with a .php extension in the uploads directory # Works in sub-directory installs and also in multisite network # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) location ~* /(?:uploads|files)/.*\.php$ { deny all; } # Make sure these get through, esp with dynamic WP sitmap plugin location = /robots.txt { try_files $uri /index.php; } location = /sitemap.xml { try_files $uri /index.php; } location = /sitemap.xml.gz { try_files $uri /index.php; } # Fix for Firefox issue with cross site font icons location ~* \.(eot|otf|ttf|woff)$ { add_header Access-Control-Allow-Origin *; } # Redirect server error pages to the static page /50x.html # Make sure 50x.html exists at that location error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } # Cache everything by default set $skip_cache 0; # POST requests and urls with a query string should always go to PHP if ($request_method = POST) { set $skip_cache 1; } if ($query_string != "") { set $skip_cache 1; } # Don't cache uris containing the following segments if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") { set $skip_cache 1; } # Don't use the cache for logged in users or recent commenters if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") { set $skip_cache 1; } # Pass all .php files onto a php-fpm/php-fcgi server. location ~ [^/]\.php(/|$) { # regex to split $uri to $fastcgi_script_name and $fastcgi_path fastcgi_split_path_info ^(.+\.php)(/.+)$; # Check that the PHP script exists before passing it try_files $fastcgi_script_name =404; # Bypass the fact that try_files resets $fastcgi_path_info # see: http://trac.nginx.org/nginx/ticket/321 set $path_info $fastcgi_path_info; fastcgi_param PATH_INFO $path_info; fastcgi_pass unix:/var/run/example.com.sock; fastcgi_index index.php; # Uncomment if site is HTTPS #fastcgi_param HTTPS on; include fastcgi.conf; fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; fastcgi_cache WORDPRESS; fastcgi_cache_valid 60m; } location ~ /purge(/.*) { fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1"; } # Use this block if PHPMyAdmin is enabled for this domain location /phpmyadmin { root /usr/share/; index index.php index.html index.htm; location ~ ^/phpmyadmin/(.+\.php)$ { try_files $uri =404; root /usr/share/; fastcgi_pass unix:/var/run/example.com.sock; fastcgi_index index.php; include fastcgi.conf; } location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /usr/share/; } } location /phpMyAdmin { rewrite ^/* /phpmyadmin last; } # End PHPMyAdmin block } # End of server block.

Language features

Feature Supported Token Example
Comments ✓ 
# A comment
Line Comments ✓ # 
# A comment
Semantic Indentation X
MultiLine Comments X

View source

- Build the next great programming language · Search · Add Language · Features · Creators · Resources · About · Blog · Acknowledgements · Queries · Stats · Sponsor · Day 605 · feedback@pldb.io · Logout