Skip to main content

nginx Reference

Browse nginx directives with syntax, defaults, context badges, and configuration examples.

Context:mainhttpserverlocation

40 directives found

worker_processesmain

Sets the number of worker processes. 'auto' detects CPU cores.

Syntax

worker_processes <number> | auto

Default

1

Example

worker_processes auto;
worker_connectionsevents

Maximum number of simultaneous connections per worker process.

Syntax

worker_connections <number>

Default

512

Example

worker_connections 1024;
keepalive_timeouthttpserverlocation

Timeout for keep-alive connections with the client.

Syntax

keepalive_timeout <timeout>

Default

75s

Example

keepalive_timeout 65;
client_max_body_sizehttpserverlocation

Maximum allowed size of the client request body. 0 disables the check.

Syntax

client_max_body_size <size>

Default

1m

Example

client_max_body_size 10m;
sendfilehttpserverlocation

Enables the use of sendfile() for serving static files efficiently.

Syntax

sendfile on | off

Default

off

Example

sendfile on;
tcp_nopushhttpserverlocation

Enables TCP_CORK socket option to send headers and the beginning of a file in one packet.

Syntax

tcp_nopush on | off

Default

off

Example

tcp_nopush on;
gziphttpserverlocation

Enable gzip compression for responses.

Syntax

gzip on | off

Default

off

Example

gzip on;
gzip_typeshttpserverlocation

MIME types to compress (text/html is always compressed).

Syntax

gzip_types <mime-type> ...

Default

text/html

Example

gzip_types text/plain text/css application/json application/javascript;
listenserver

Sets the address and port for IP or the path for UNIX-domain socket.

Syntax

listen <address>[:<port>] [ssl] [http2]

Default

80 | 8000

Example

listen 443 ssl http2;
server_nameserver

Sets names of a virtual server. Supports wildcards and regex.

Syntax

server_name <name> ...

Default

""

Example

server_name example.com www.example.com;
roothttpserverlocation

Sets the root directory for requests.

Syntax

root <path>

Default

html

Example

root /var/www/html;
indexhttpserverlocation

Defines files that will be used as an index.

Syntax

index <file> ...

Default

index.html

Example

index index.html index.php;
try_filesserverlocation

Checks the existence of files in the specified order. Last parameter is a fallback.

Syntax

try_files <file> ... <uri> | =<code>

Example

try_files $uri $uri/ /index.html;
returnserverlocation

Stops processing and returns the specified code to a client.

Syntax

return <code> [<url>]

Example

return 301 https://$host$request_uri;
rewriteserverlocation

Rewrites the URI using regex. Flags: last, break, redirect, permanent.

Syntax

rewrite <regex> <replacement> [flag]

Example

rewrite ^/old-path/(.*)$ /new-path/$1 permanent;
error_pagehttpserverlocation

Defines a URI for custom error pages.

Syntax

error_page <code> ... <uri>

Example

error_page 404 /404.html;
error_page 500 502 /50x.html;
locationserverlocation

Sets configuration for a URI. Modifiers: = (exact), ~ (regex), ~* (regex case-insensitive), ^~ (prefix, no regex).

Syntax

location [= | ~ | ~* | ^~] <uri> { ... }

Example

location /api/ { proxy_pass http://backend; }
proxy_passlocation

Sets the protocol and address of a proxied server.

Syntax

proxy_pass <URL>

Example

proxy_pass http://localhost:3000;
proxy_set_headerhttpserverlocation

Redefines or appends fields to the request header passed to the proxied server.

Syntax

proxy_set_header <field> <value>

Example

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_versionhttpserverlocation

Sets the HTTP protocol version for proxying. Use 1.1 for keepalive upstream connections.

Syntax

proxy_http_version 1.0 | 1.1

Default

1.0

Example

proxy_http_version 1.1;
proxy_read_timeouthttpserverlocation

Timeout for reading a response from the proxied server between two successive read operations.

Syntax

proxy_read_timeout <time>

Default

60s

Example

proxy_read_timeout 120s;
proxy_connect_timeouthttpserverlocation

Timeout for establishing a connection to the proxied server.

Syntax

proxy_connect_timeout <time>

Default

60s

Example

proxy_connect_timeout 10s;
proxy_bufferinghttpserverlocation

Enables or disables buffering of responses from the proxied server.

Syntax

proxy_buffering on | off

Default

on

Example

proxy_buffering off; # for SSE/streaming
upstreamhttp

Defines a group of servers for load balancing.

Syntax

upstream <name> { server <address>; ... }

Example

upstream backend {
  server 10.0.0.1:3000;
  server 10.0.0.2:3000;
}
ssl_certificateserver

Specifies a file with the certificate in PEM format.

Syntax

ssl_certificate <file>

Example

ssl_certificate /etc/ssl/certs/example.crt;
ssl_certificate_keyserver

Specifies a file with the secret key in PEM format.

Syntax

ssl_certificate_key <file>

Example

ssl_certificate_key /etc/ssl/private/example.key;
ssl_protocolshttpserver

Enables the specified protocols. Disable TLSv1 and TLSv1.1 for security.

Syntax

ssl_protocols [TLSv1] [TLSv1.1] [TLSv1.2] [TLSv1.3]

Default

TLSv1 TLSv1.1 TLSv1.2 TLSv1.3

Example

ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphershttpserver

Specifies the enabled ciphers. Use modern cipher suites.

Syntax

ssl_ciphers <ciphers>

Default

HIGH:!aNULL:!MD5

Example

ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
ssl_session_cachehttpserver

Sets the types and sizes of caches that store session parameters.

Syntax

ssl_session_cache off | none | <type:size>

Default

none

Example

ssl_session_cache shared:SSL:10m;
ssl_staplinghttpserver

Enables stapling of OCSP responses by the server.

Syntax

ssl_stapling on | off

Default

off

Example

ssl_stapling on;
ssl_stapling_verify on;
denyhttpserverlocation

Denies access for the specified network or address.

Syntax

deny <address> | CIDR | all

Example

deny 192.168.0.0/16;
deny all;
allowhttpserverlocation

Allows access for the specified network or address.

Syntax

allow <address> | CIDR | all

Example

allow 10.0.0.0/8;
allow 127.0.0.1;
deny all;
limit_reqhttpserverlocation

Limits the rate of requests for a zone defined by limit_req_zone.

Syntax

limit_req zone=<name> [burst=<n>] [nodelay]

Example

limit_req zone=api burst=20 nodelay;
limit_req_zonehttp

Sets parameters for a shared memory zone used for limiting the request rate.

Syntax

limit_req_zone <key> zone=<name>:<size> rate=<rate>

Example

limit_req_zone $binary_remote_addr zone=api:10m rate=10r/s;
add_headerhttpserverlocation

Adds the specified field to a response header. 'always' adds even for error responses.

Syntax

add_header <name> <value> [always]

Example

add_header X-Frame-Options "SAMEORIGIN" always;
add_header Strict-Transport-Security "max-age=31536000" always;
expireshttpserverlocation

Enables or disables adding or modifying the Expires and Cache-Control response headers.

Syntax

expires [modified] <time> | epoch | max | off

Default

off

Example

expires 30d;  # static assets
expires -1;   # no cache
more_set_headershttpserverlocation

Sets output header fields. Part of ngx_headers_more module (not built-in).

Syntax

more_set_headers '<name>: <value>'

Example

more_set_headers "Server: myserver";
access_loghttpserverlocation

Sets the path, format, and configuration for request logging.

Syntax

access_log <path> [<format>] | off

Default

logs/access.log combined

Example

access_log /var/log/nginx/access.log combined;
access_log off;
error_logmainhttpserverlocation

Configures logging. Levels: debug, info, notice, warn, error, crit, alert, emerg.

Syntax

error_log <file> [<level>]

Default

logs/error.log error

Example

error_log /var/log/nginx/error.log warn;
log_formathttp

Specifies a log format. Variables like $remote_addr, $request, $status are available.

Syntax

log_format <name> <string> ...

Example

log_format main '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent';