NGINX conf file structure templates

Nginx, Web Servers

Below is a list of general nginx configurations (or nginx conf) that can be used for different type of applications. These configurations are web application type specific.

NGINX simple config

server {
	listen 80;
	server_tokens off;
	
	server_name <host_name> www.<host_name>;
	
	location / {
		#-- Location to the website/webapp 
		#-- default: /var/www/html
		root <path_to_web>;
		
		#-- If serving a static HTML website
		#index index.html index.htm;
		
		try_files $uri $uri/ =404;
	}
	
	location ~ /\.ht {
		deny all;
	}

	# case insensitive matching
        if ($http_user_agent ~* (netcrawl|npbot|malicious|LWP::Simple|BBBike|wget|jorgee)) {
                return 403;
        }

	add_header Allow "GET, POST, HEAD" always;
	if ( $request_method !~ ^(GET|POST|HEAD)$ ) {
		return 405;
	}
}

NGINX serving php files

server {
	listen 80;
	server_tokens off;
	
	server_name <host_name> www.<host_name>;
	
	location / {
		#-- Location to the website/webapp 
		#-- default: /var/www/html
		root <path_to_web>;
		
		#-- If serving php website
		index index.php index.html index.htm;
		
		try_files $uri $uri/ =404;
	}
	
	# to enable fastcgi when using php
        location ~ \.php$ {
            include snippets/fastcgi-php.conf;
            fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        }
	
	location ~ /\.ht {
		deny all;
	}

	# case insensitive matching
        if ($http_user_agent ~* (netcrawl|npbot|malicious|LWP::Simple|BBBike|wget|jorgee)) {
                return 403;
        }

	add_header Allow "GET, POST, HEAD" always;
	if ( $request_method !~ ^(GET|POST|HEAD)$ ) {
		return 405;
	}

}

NGINX to serve react apps as reverse proxy

server {
        listen 80;
        server_tokens off;

        server_name <host_name> www.<host_name>;

        location / {
                proxy_pass http://127.0.0.1:3000;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
        }

	location ~ /\.ht {
		deny all;
	}
        
	# case insensitive matching
        if ($http_user_agent ~* (netcrawl|npbot|malicious|LWP::Simple|BBBike|wget|jorgee)) {
                return 403;
        }

}

NGINX as a load balancer with proxy settings

upstream lbapp {
        server <VM IP address(public|private)>;
        server <VM IP address(public|private)>;
}
server {
        listen 80;
        server_tokens off;
        server_name <host_name> www.<host_name>;

        location / {
                proxy_pass http://lbapp;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
        }

	# case insensitive matching
        if ($http_user_agent ~* (netcrawl|npbot|malicious|LWP::Simple|BBBike|wget|jorgee)) {
                return 403;
        }

}

Must Read