Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Locate the server configuration block, which will look like this:##
- # You should look at the following URL's in order to grasp a solid
- # understanding of Nginx configuration files in order to fully unleash
- # the power of Nginx. http://wiki.nginx.org/Pitfalls
- # http://wiki.nginx.org/QuickStart http://wiki.nginx.org/Configuration
- /etc/nginx/sites-available/default# server {# Generally, you will want
- to move this file somewhere, and start with a clean
- listen 80 default_server;# file but keep this around for reference.
- Or just disable in sites-enabled.
- listen [::]:80 default_server;#
- . . .# Please see /usr/share/doc/nginx-doc/examples/ for more
- detailed examples.
- }##
- # Default server configuration
- Let's add a series of snippets to configure compression.# server {
- location = /favicon.ico { log_not_found off; access_log off; }
- First, enable Gzip compression and set the compression level:
- location = /robots.txt { log_not_found off; access_log off; allow
- all; } /etc/nginx/sites-available/default location ~*
- \.(css|gif|ico|jpeg|jpg|js|png)$ { server { expires max;
- listen 80 default_server;
- listen [::]:80 default_server;
- gzip on;
- gzip_comp_level 5;
- You can choose a number between 1 and 9 for this value. 5 is a perfect compromise between size and CPU usage, offering about a 75% reduction for most ASCII files (almost identical to level 9).
- Next, tell Nginx not to compress anything that's already small and unlikely to shrink much further. The default is 20 bytes, which is bad as it usually leads to larger files after compression. Set it to 256 instead:
- /etc/nginx/sites-available/default
- ...
- gzip_comp_level 5;
- gzip_min_length 256;
- Next, tell Nginx to compress data even for clients that are connecting to us via proxies like CloudFront:
- /etc/nginx/sites-available/default
- ...
- gzip_min_length 256;
- gzip_proxied any;
- Then tell these proxies to cache both the compressed and regular version of a resource whenever the client's Accept-Encoding capabilities header varies. This avoids the issue where a non-Gzip capable client, which is extremely rare today, would display gibberish if their proxy gave them the compressed version.
- ...
- gzip_proxied any;
- gzip_vary on;
- Lastly, specify the MIME-types for the output you want to compress. We'll compress images, JSON data, fonts, and other common file types:
- /etc/nginx/sites-available/default
- ...
- gzip_vary on;
- gzip_types
- application/atom+xml
- application/javascript
- application/json
- application/ld+json
- application/manifest+json
- application/rss+xml
- application/vnd.geo+json
- application/vnd.ms-fontobject
- application/x-font-ttf
- application/x-web-app-manifest+json
- application/xhtml+xml
- application/xml
- font/opentype
- image/bmp
- image/svg+xml
- image/x-icon
- text/cache-manifest
- text/css
- text/plain
- text/vcard
- text/vnd.rim.location.xloc
- text/vtt
- text/x-component
- text/x-cross-domain-policy;
- # text/html is always compressed by gzip module
- When you're done, the entire section should look like the following example:
- /etc/nginx/sites-available/default
- server {
- listen 80 default_server;
- listen [::]:80 default_server;
- gzip on;
- gzip_comp_level 5;
- gzip_min_length 256;
- gzip_proxied any;
- gzip_vary on;
- gzip_types
- application/atom+xml
- application/javascript
- application/json
- application/ld+json
- application/manifest+json
- application/rss+xml
- application/vnd.geo+json
- application/vnd.ms-fontobject
- application/x-font-ttf
- application/x-web-app-manifest+json
- application/xhtml+xml
- application/xml
- font/opentype
- image/bmp
- image/svg+xml
- image/x-icon
- text/cache-manifest
- text/css
- text/plain
- text/vcard
- text/vnd.rim.location.xloc
- text/vtt
- text/x-component
- text/x-cross-domain-policy;
- # text/html is always compressed by gzip module
- }
- Save and close the file.
- You've added many lines to the configuration file, and there is always the chance that there's a missing character or semicolon that could break things. To make sure your file has no errors at this point, test the Nginx configuration:
- sudo nginx -t
- If you've made the changes exactly as stated in this tutorial, you'll see no error messages.
- This change will provide the biggest acceleration in your site speed, but you can also configure Nginx to leverage browser caching, which will squeeze additional performance out of the server.
- Step 3 — Configuring Browser Caching
- The first time you visit a domain, these files are downloaded and stored in the browser's cache. On subsequent visits, the browser can serve the local versions instead of downloading the files again. This enables the web page to load much faster as it only needs to retrieve the data that has changed since the last visit. It offers a much better experience for users and is the reason Google’s PageSpeed Insights recommends that it be implemented.
- Once again, open the default Nginx configuration file in your editor:
- sudo nano /etc/nginx/sites-available/default
- You will add a small piece of code that will tell browsers to store CSS, JavaScript, images, and PDF files in their cache for a period of seven days.
- Insert the following snippet inside the server block directly after the previous code for Gzip compression:
- /etc/nginx/sites-available/default
- ...
- # text/html is always compressed by gzip module
- location ~* \.(jpg|jpeg|png|gif|ico|css|js|pdf)$ {
- expires 7d;
- }
- Note: This is a configuration for content that change frequently. If you are running a simple blog for which the there is minimal development activity, there is no point in forcing new downloads every week. Instead, you can tell browsers to cache assets for a longer period of time, like 30 days or more.
- The final Nginx configuration file should look like this:
- /etc/nginx/sites-available/default
- server {
- listen 80 default_server;
- listen [::]:80 default_server;
- gzip on;
- gzip_comp_level 5;
- gzip_min_length 256;
- gzip_proxied any;
- gzip_vary on;
- gzip_types
- application/atom+xml
- application/javascript
- application/json
- application/ld+json
- application/manifest+json
- application/rss+xml
- application/vnd.geo+json
- application/vnd.ms-fontobject
- application/x-font-ttf
- application/x-web-app-manifest+json
- application/xhtml+xml
- application/xml
- font/opentype
- image/bmp
- image/svg+xml
- image/x-icon
- text/cache-manifest
- text/css
- text/plain
- text/vcard
- text/vnd.rim.location.xloc
- text/vtt
- text/x-component
- text/x-cross-domain-policy;
- # text/html is always compressed by gzip module
- location ~* \.(jpg|jpeg|png|gif|ico|css|js|pdf)$ {
- expires 7d;
- }
- }
- Save and close the file to exit. Ensure the configuration has no errors:
- sudo nginx -t log_not_found off;
- }
- # SSL configuration
- #
- # listen 443 ssl default_server;
- # listen [::]:443 ssl default_server;
- #
- # Note: You should disable gzip for SSL traffic.
- # See: https://bugs.debian.org/773332
- #
- # Read up on ssl_ciphers to ensure a secure configuration.
- # See: https://bugs.debian.org/765782
- #
- # Self signed certs generated by the ssl-cert package
- # Don't use them in a production server!
- #
- # include snippets/snakeoil.conf;
- root /var/www/html;
- # Add index.php to the list if you are using PHP
- index index.php index.html index.htm index.nginx-debian.html;
- server_name site.com www.site.com;
- location / {
- # First attempt to serve request as file, then
- # as directory, then fall back to displaying a 404.
- #try_files $uri $uri/ =404;
- try_files $uri $uri/ /index.php$is_args$args;
- }
- location ~ \.php$ {
- include snippets/fastcgi-php.conf;
- fastcgi_pass unix:/run/php/php7.0-fpm.sock;
- }
- location ~ /\.ht {
- deny all;
- }
- # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
- #
- #location ~ \.php$ {
- # include snippets/fastcgi-php.conf;
- #
- # # With php7.0-cgi alone:
- # fastcgi_pass 127.0.0.1:9000;
- # # With php7.0-fpm:
- # fastcgi_pass unix:/run/php/php7.0-fpm.sock;
- #}
- # deny access to .htaccess files, if Apache's document root
- # concurs with nginx's one
- #
- #location ~ /\.ht {
- # deny all;
- #}
- listen [::]:443 ssl ipv6only=on; # managed by Certbot
- listen 443 ssl; # managed by Certbot
- ssl_certificate /etc/letsencrypt/live/site.com/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/sitet.com/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
- }
- # Virtual Host configuration for example.com
- #
- # You can move that to a different file under sites-available/ and symlink that
- # to sites-enabled/ to enable it.
- #
- #server {
- # listen 80;
- # listen [::]:80;
- #
- # server_name example.com;
- #
- # root /var/www/example.com;
- # index index.html;
- #
- # location / {
- # try_files $uri $uri/ =404;
- # }
- #}
- server {
- if ($host = www.site.com) {
- return 301 https://$host$request_uri;
- } # managed by Certbot
- if ($host = site.com) {
- return 301 https://$host$request_uri;
- } # managed by Certbot
- listen 80 default_server;
- listen [::]:80 default_server;
- gzip on;
- gzip_comp_level 5;
- gzip_min_length 256;
- gzip_proxied any;
- gzip_vary on;
- gzip_types
- application/atom+xml
- application/javascript
- application/json
- application/ld+json
- application/manifest+json
- application/rss+xml
- application/vnd.geo+json
- application/vnd.ms-fontobject
- application/x-font-ttf
- application/x-web-app-manifest+json
- application/xhtml+xml
- application/xml
- font/opentype
- image/bmp
- image/svg+xml
- image/x-icon
- text/cache-manifest
- text/css
- text/plain
- text/vcard
- text/vnd.rim.location.xloc
- text/vtt
- text/x-component
- text/x-cross-domain-policy;
- location ~* \.(jpg|jpeg|png|gif|ico|css|js|pdf)$ {
- expires 7d;
- }
- server_name site.com www.site.com;
- return 404; # managed by Certbot
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement