In this guide I will present my Nginx optimization tips for your website or blog. Nginx is a free, open-source, high-performance HTTP server and reverse proxy, best known for its performance, stability, rich feature set, simple configuration, and low resource consumption.
My discussions below will be based on the actual Nginx config for this blog (view on GitHub). The focus will be on actual optimizations, instead of basic
nginx.conf syntax. These are for your reference only, use at your own risk.
Configure Nginx log settings. In this example,
$real_scheme is added to the default format. In addition, extra log files are created under
Here we further identify some "bad" user-agents used by web scanners and outdated browsers. Also blocked are
wget and some frequently exploited URLs. This is intended for use with the Ghost blog (see my tutorial). Do NOT use this with Wordpress or PHP!
The bots identified earlier are excluded with the code below. For those "bad" user-agents, we redirect them to the "browser-update" website.
In the server's
ssl directives, we enable HTTP/2 and optimize SSL protocols and cipher suites. To prevent the "Logjam" attack, a strong Diffie-Hellman group is generated. In addition, SSL stapling is enabled to further reduce latency for website visitors. Test your SSL configuration at SSL Labs, and see if you can get an "A+".
Reject invalid hostnames and un-needed HTTP methods. The first line is required because in
$host variable may be undefined.
Block referrer spams such as "best-seo-report" and "buttons-for-website".
Here we configure caching for the Nginx reverse proxy (for use with Ghost blog). In this example, HTTP codes 200, 301 and 302 are cached for 30 days, while 404 is cached for 10 minutes. Requests from our own IP(s) will bypass the cache.
Finally, we serve user-friendly error pages for HTTP status 404, 503, etc. Create and place your customized error pages in
This concludes my discussion of optimizing Nginx config for your website. I hope you will find it useful! Some additional optimizations that I did not discuss above can be found in my full Nginx config file hosted on GitHub.
Please share this post if you like it, and do not hesitate to write your comments or questions in the Disqus form below.