Locate the server configuration block, which will look like this:### You shoul

1. Locate the server configuration block, which will look like this:##
2. # You should look at the following URL's in order to grasp a solid
3. # understanding of Nginx configuration files in order to fully unleash
4. # the power of Nginx. http://wiki.nginx.org/Pitfalls
5. # http://wiki.nginx.org/QuickStart http://wiki.nginx.org/Configuration
6. /etc/nginx/sites-available/default# server {# Generally, you will want
7. to move this file somewhere, and start with a clean
8.    listen 80 default_server;# file but keep this around for reference.
9. Or just disable in sites-enabled.
10.    listen [::]:80 default_server;#
11.    . . .# Please see /usr/share/doc/nginx-doc/examples/ for more
12. detailed examples.
13. }##
14.  
15. # Default server configuration
16. Let's add a series of snippets to configure compression.# server {
17.  
18.  location = /favicon.ico { log_not_found off; access_log off; }
19. First, enable Gzip compression and set the compression level:
20.     location = /robots.txt { log_not_found off; access_log off; allow
21. all; } /etc/nginx/sites-available/default location ~*
22. \.(css|gif|ico|jpeg|jpg|js|png)$ { server { expires max;
23.     listen 80 default_server;
24.     listen [::]:80 default_server;
25.  
26.     gzip on;
27.     gzip_comp_level    5;
28.  
29. You can choose a number between 1 and 9 for this value. 5 is a perfect compromise between size and CPU usage, offering about a 75% reduction for most ASCII files (almost identical to level 9).
30.  
31. Next, tell Nginx not to compress anything that's already small and unlikely to shrink much further. The default is 20 bytes, which is bad as it usually leads to larger files after compression. Set it to 256 instead:
32.  
33. /etc/nginx/sites-available/default
34. ...
35.    gzip_comp_level    5;
36.    gzip_min_length    256;
37. Next, tell Nginx to compress data even for clients that are connecting to us via proxies like CloudFront:
38.  
39. /etc/nginx/sites-available/default
40. ...
41.    gzip_min_length    256;
42.    gzip_proxied       any;
43. Then tell these proxies to cache both the compressed and regular version of a resource whenever the client's Accept-Encoding capabilities header varies. This avoids the issue where a non-Gzip capable client, which is extremely rare today, would display gibberish if their proxy gave them the compressed version.
44.  
45. ...
46.     gzip_proxied       any;
47.     gzip_vary          on;
48. Lastly, specify the MIME-types for the output you want to compress. We'll compress images, JSON data, fonts, and other common file types:
49.  
50. /etc/nginx/sites-available/default
51. ...
52.    gzip_vary          on;
53.  
54.    gzip_types
55.    application/atom+xml
56.    application/javascript
57.    application/json
58.    application/ld+json
59.    application/manifest+json
60.    application/rss+xml
61.    application/vnd.geo+json
62.    application/vnd.ms-fontobject
63.    application/x-font-ttf
64.    application/x-web-app-manifest+json
65.    application/xhtml+xml
66.    application/xml
67.    font/opentype
68.    image/bmp
69.    image/svg+xml
70.    image/x-icon
71.    text/cache-manifest
72.    text/css
73.    text/plain
74.    text/vcard
75.    text/vnd.rim.location.xloc
76.    text/vtt
77.    text/x-component
78.    text/x-cross-domain-policy;
79.    # text/html is always compressed by gzip module
80. When you're done, the entire section should look like the following example:
81.  
82. /etc/nginx/sites-available/default
83. server {
84.     listen 80 default_server;
85.     listen [::]:80 default_server;
86.  
87.     gzip on;
88.     gzip_comp_level    5;
89.     gzip_min_length    256;
90.     gzip_proxied       any;
91.     gzip_vary          on;
92.  
93.     gzip_types
94.     application/atom+xml
95.     application/javascript
96.     application/json
97.     application/ld+json
98.     application/manifest+json
99.     application/rss+xml
100.     application/vnd.geo+json
101.     application/vnd.ms-fontobject
102.     application/x-font-ttf
103.     application/x-web-app-manifest+json
104.     application/xhtml+xml
105.     application/xml
106.     font/opentype
107.     image/bmp
108.     image/svg+xml
109.     image/x-icon
110.     text/cache-manifest
111.     text/css
112.     text/plain
113.     text/vcard
114.     text/vnd.rim.location.xloc
115.     text/vtt
116.     text/x-component
117.     text/x-cross-domain-policy;
118.     # text/html is always compressed by gzip module
119. }
120. Save and close the file.
121.  
122. You've added many lines to the configuration file, and there is always the chance that there's a missing character or semicolon that could break things. To make sure your file has no errors at this point, test the Nginx configuration:
123.  
124. sudo nginx -t
125. If you've made the changes exactly as stated in this tutorial, you'll see no error messages.
126.  
127. This change will provide the biggest acceleration in your site speed, but you can also configure Nginx to leverage browser caching, which will squeeze additional performance out of the server.
128.  
129. Step 3 — Configuring Browser Caching
130. The first time you visit a domain, these files are downloaded and stored in the browser's cache. On subsequent visits, the browser can serve the local versions instead of downloading the files again. This enables the web page to load much faster as it only needs to retrieve the data that has changed since the last visit. It offers a much better experience for users and is the reason Google’s PageSpeed Insights recommends that it be implemented.
131.  
132. Once again, open the default Nginx configuration file in your editor:
133.  
134. sudo nano /etc/nginx/sites-available/default
135. You will add a small piece of code that will tell browsers to store CSS, JavaScript, images, and PDF files in their cache for a period of seven days.
136.  
137. Insert the following snippet inside the server block directly after the previous code for Gzip compression:
138.  
139. /etc/nginx/sites-available/default
140.  
141. ...
142. # text/html is always compressed by gzip module
143.  
144. location ~*  \.(jpg|jpeg|png|gif|ico|css|js|pdf)$ {
145.    expires 7d;
146. }
147. Note: This is a configuration for content that change frequently. If you are running a simple blog for which the there is minimal development activity, there is no point in forcing new downloads every week. Instead, you can tell browsers to cache assets for a longer period of time, like 30 days or more.
148.  
149. The final Nginx configuration file should look like this:
150.  
151. /etc/nginx/sites-available/default
152. server {
153.    listen 80 default_server;
154.    listen [::]:80 default_server;
155.  
156.    gzip on;
157.    gzip_comp_level    5;
158.    gzip_min_length    256;
159.    gzip_proxied       any;
160.    gzip_vary          on;
161.  
162.    gzip_types
163.    application/atom+xml
164.    application/javascript
165.    application/json
166.    application/ld+json
167.    application/manifest+json
168.    application/rss+xml
169.    application/vnd.geo+json
170.    application/vnd.ms-fontobject
171.    application/x-font-ttf
172.    application/x-web-app-manifest+json
173.    application/xhtml+xml
174.    application/xml
175.    font/opentype
176.    image/bmp
177.    image/svg+xml
178.    image/x-icon
179.    text/cache-manifest
180.    text/css
181.    text/plain
182.    text/vcard
183.    text/vnd.rim.location.xloc
184.    text/vtt
185.    text/x-component
186.    text/x-cross-domain-policy;
187.    # text/html is always compressed by gzip module
188.  
189.    location ~*  \.(jpg|jpeg|png|gif|ico|css|js|pdf)$ {
190.        expires 7d;
191.    }
192. }
193. Save and close the file to exit. Ensure the configuration has no errors:
194.  
195. sudo nginx -t        log_not_found off;
196.    }
197.     # SSL configuration
198.     #
199.     # listen 443 ssl default_server;
200.     # listen [::]:443 ssl default_server;
201.     #
202.     # Note: You should disable gzip for SSL traffic.
203.     # See: https://bugs.debian.org/773332
204.     #
205.     # Read up on ssl_ciphers to ensure a secure configuration.
206.     # See: https://bugs.debian.org/765782
207.     #
208.     # Self signed certs generated by the ssl-cert package
209.     # Don't use them in a production server!
210.     #
211.     # include snippets/snakeoil.conf;
212.  
213.     root /var/www/html;
214.  
215.     # Add index.php to the list if you are using PHP
216.     index index.php index.html index.htm index.nginx-debian.html;
217.  
218.     server_name site.com www.site.com;
219.  
220.     location / {
221.         # First attempt to serve request as file, then
222.         # as directory, then fall back to displaying a 404.
223.         #try_files $uri $uri/ =404;
224.         try_files $uri $uri/ /index.php$is_args$args;
225.     }
226.  
227.  location ~ \.php$ {
228.         include snippets/fastcgi-php.conf;
229.         fastcgi_pass unix:/run/php/php7.0-fpm.sock;
230.     }
231.  
232.     location ~ /\.ht {
233.         deny all;
234.     }
235.     # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
236.     #
237.     #location ~ \.php$ {
238.     #   include snippets/fastcgi-php.conf;
239.     #
240.     #   # With php7.0-cgi alone:
241.     #   fastcgi_pass 127.0.0.1:9000;
242.     #   # With php7.0-fpm:
243.     #   fastcgi_pass unix:/run/php/php7.0-fpm.sock;
244.     #}
245.  
246.     # deny access to .htaccess files, if Apache's document root
247.     # concurs with nginx's one
248.     #
249.     #location ~ /\.ht {
250.     #   deny all;
251.     #}
252.  
253.     listen [::]:443 ssl ipv6only=on; # managed by Certbot
254.     listen 443 ssl; # managed by Certbot
255.     ssl_certificate /etc/letsencrypt/live/site.com/fullchain.pem; # managed by Certbot
256.     ssl_certificate_key /etc/letsencrypt/live/sitet.com/privkey.pem; # managed by Certbot
257.     include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
258.     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
259.  
260.  
261. }
262.  
263.  
264. # Virtual Host configuration for example.com
265. #
266. # You can move that to a different file under sites-available/ and symlink that
267. # to sites-enabled/ to enable it.
268. #
269. #server {
270. #   listen 80;
271. #   listen [::]:80;
272. #
273. #   server_name example.com;
274. #
275. #   root /var/www/example.com;
276. #   index index.html;
277. #
278. #   location / {
279. #       try_files $uri $uri/ =404;
280. #   }
281. #}
282.  
283. server {
284.     if ($host = www.site.com) {
285.         return 301 https://$host$request_uri;
286.     } # managed by Certbot
287.  
288.  
289.     if ($host = site.com) {
290.         return 301 https://$host$request_uri;
291.     } # managed by Certbot
292.  
293.  
294.     listen 80 default_server;
295.     listen [::]:80 default_server;
296.  
297.     gzip on;
298.     gzip_comp_level    5;
299.     gzip_min_length    256;
300.     gzip_proxied       any;
301.     gzip_vary          on;
302.      
303.     gzip_types
304.     application/atom+xml
305.     application/javascript
306.     application/json
307.     application/ld+json
308.     application/manifest+json
309.     application/rss+xml
310.     application/vnd.geo+json
311.     application/vnd.ms-fontobject
312.     application/x-font-ttf
313.     application/x-web-app-manifest+json
314.     application/xhtml+xml
315.     application/xml
316.     font/opentype
317.     image/bmp
318.     image/svg+xml
319.     image/x-icon
320.     text/cache-manifest
321.     text/css
322.     text/plain
323.     text/vcard
324.     text/vnd.rim.location.xloc
325.     text/vtt
326.     text/x-component
327.     text/x-cross-domain-policy;    
328.    
329.     location ~*  \.(jpg|jpeg|png|gif|ico|css|js|pdf)$ {
330.     expires 7d;
331. }
332.  
333.  server_name site.com www.site.com;
334.     return 404; # managed by Certbot
335.  
336.  
337.  
338.  
339. }