Nginx Cheat Sheet
Nginx is one of the world's most popular web servers, reverse proxies and load balancers. This cheat sheet covers the most commonly used commands, configuration examples, SSL setup, troubleshooting tips and performance optimization techniques.
In This Guide
Nginx Service Commands
These are the most commonly used commands for managing the Nginx service on Ubuntu and most Linux distributions.
sudo systemctl start nginxsudo systemctl stop nginxsudo systemctl restart nginxsudo systemctl reload nginxsudo systemctl status nginxsudo systemctl enable nginxsudo systemctl disable nginxConfiguration Validation
Always validate your configuration before reloading Nginx.
sudo nginx -tsudo nginx -TImportant Nginx Locations
/etc/nginx/nginx.conf
/etc/nginx/sites-available/
/etc/nginx/sites-enabled/
/var/log/nginx/access.log
/var/log/nginx/error.log
/etc/nginx/conf.d/
/etc/nginx/snippets/Monitor Nginx Logs
tail -f /var/log/nginx/access.logtail -f /var/log/nginx/error.loggrep "500" /var/log/nginx/access.loggrep "404" /var/log/nginx/access.logBasic Virtual Host Example
Simple website configuration serving content from a web root directory.
server {
listen 80;
server_name example.com www.example.com;
root /var/www/example;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
}Enable Virtual Host
sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/sudo nginx -t && sudo systemctl reload nginxRedirect HTTP To HTTPS
Force all visitors to use secure HTTPS connections.
server {
listen 80;
server_name example.com www.example.com;
return 301 https://$host$request_uri;
}SSL Certificate Configuration
server {
listen 443 ssl http2;
server_name example.com;
ssl_certificate /etc/ssl/example.crt;
ssl_certificate_key /etc/ssl/example.key;
}Generate Free SSL Certificate With Certbot
sudo apt install certbot python3-certbot-nginx -ysudo certbot --nginx -d example.com -d www.example.comReverse Proxy Example
Commonly used for Node.js, Next.js, APIs, Docker containers and backend services.
server {
listen 80;
server_name api.example.com;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}Nginx For Node.js Applications
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}PHP-FPM Configuration
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.3-fpm.sock;
}Basic Load Balancer Example
upstream backend {
server 10.0.0.10:3000;
server 10.0.0.11:3000;
server 10.0.0.12:3000;
}
server {
listen 80;
location / {
proxy_pass http://backend;
}
}Enable Gzip Compression
Gzip significantly reduces page size and improves load times.
gzip on;
gzip_comp_level 5;
gzip_min_length 256;
gzip_vary on;
gzip_proxied any;
gzip_types
text/plain
text/css
application/json
application/javascript
application/xml
text/javascript;Browser Cache Configuration
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 30d;
add_header Cache-Control "public";
}Security Headers
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header Referrer-Policy "strict-origin";
add_header X-XSS-Protection "1; mode=block";Rate Limiting
Protect applications against abuse and brute force attacks.
limit_req_zone $binary_remote_addr zone=login:10m rate=5r/s;
location /login {
limit_req zone=login burst=20 nodelay;
}Block Access To Hidden Files
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}Performance Optimization Checklist
🚀 Speed Optimization
- ✓ Enable Gzip Compression
- ✓ Configure Browser Cache
- ✓ Enable HTTP/2
- ✓ Optimize Proxy Buffers
- ✓ Use CDN
🛡 Security Hardening
- ✓ Enable SSL/TLS
- ✓ Configure Security Headers
- ✓ Block Hidden Files
- ✓ Enable Rate Limiting
- ✓ Disable Server Tokens
CloudRevol AcceleronX Nginx Optimization
At CloudRevol, we go beyond standard Nginx deployments. Our AcceleronX Hosting Stack includes advanced web server, database and infrastructure optimizations designed to improve website speed, scalability and reliability without requiring application changes.
Gzip Compression
Reduces page size and improves load times.
Worker Process Tuning
Automatically adjusted based on available CPU cores.
Proxy Buffer Optimization
Improves reverse proxy efficiency and throughput.
Security Hardening
Hardened configurations to reduce attack surfaces.
Automated Backups
Protect websites and applications with scheduled backups.
Continuous Monitoring
Proactive monitoring and issue detection.
Nginx Troubleshooting Commands
sudo nginx -tsudo systemctl status nginxsudo journalctl -u nginx -fsudo netstat -tulpn | grep :80sudo netstat -tulpn | grep :443sudo ss -tulpncurl -I https://example.comcurl -v https://example.comWhy Businesses Choose CloudRevol
Why Businesses Choose CloudRevol
CloudRevol delivers enterprise-grade hosting backed by expert engineers, AcceleronX optimization, security hardening, proactive monitoring and exceptional support.
AcceleronX Performance
Optimized stack for maximum website speed.
Free Migration
Seamless migration without additional costs.
No Management Fees
Technical management included at no extra charge.
Frequently Asked Questions
What is Nginx?
Nginx is a high-performance web server, reverse proxy, load balancer and caching solution.
How do I restart Nginx?
Use: sudo systemctl restart nginx
How do I test Nginx configuration?
Use: sudo nginx -t
Where are Nginx logs stored?
Usually in /var/log/nginx/access.log and /var/log/nginx/error.log
What is a reverse proxy?
A reverse proxy sits between visitors and backend applications, improving performance and security.
Need Help Optimizing Nginx?
CloudRevol provides managed cloud hosting, Nginx optimization, performance tuning, free migration, security monitoring, automated backups and expert support.