Mulualem Tsegay

05/06/20201
Content a. Rewrite (Redirects)
b. Try_files
1. About NGINX c. Logging
a. What is NGINX? d. Inheritance and Directive types
2. NGINX Design Architecture e. Buffers and timeouts
a. Code Structure 1. Performance
b. Worker Model a. Caching
c. Nginx Process Model b. Headers and expires
3. Apache vs NGINX c. Compressed response with gzip
a. Basic Architecture d. http2
b. Performance 2. Reverse proxy and Load balancing
c. Configuration a. Reverse Proxying
4. Installing NGINX b. Load balancing
a. Installing with a package manager 3. Nginx pitfalls
b. Building nginx from source a. Chmod 777
adding modules b. Root inside Location Block
5. Configuration c. Multiple Index Directives
d. Passing Uncontrolled Requests to PHP
a. Configuration terminology
05/06/2020 2
e. Rewrite missing http://
 1. About NGINX
• NGINX pronounced like “engine-X”
• First developed to solve the C10K problem
• The main focus was
• High performance
• High concurrency and
• Low memory usage
• The event-driven, asynchronous
architecture, made NGINX to handle high
number of concurrent connections gracefully.
requires efficient scheduling of connections.

05/06/2020 3
a. What is NGINX?

05/06/2020 4
 2. NGINX Architecture Design

• NGINX design was inspired by

• A modular
• Event-driven
• Asynchronous
• Single-threaded, and
• Non-blocking architecture
• The unique behavior of NGINX comes from
a. Code Structure
b. Workers Model
c. Nginx Process Roles

05/06/2020 5
 2. NGINX Architecture ….

• Code Structure
• Nginx worker code includes the core and the functional modules.
• Core of nginx is responsible for
• maintaining a tight run-loop
• executing appropriate sections of modules' code on each stage of request
processing.
• Core modules include event, http, mail, stream
• Functional Modules constitute most of the presentation and application layer
functionality.
• NGINX modules includes

05/06/2020 6
2. NGINX DESIGN…
• What Modules do?

05/06/2020 7
2. NGINX Architecture …
b. Workers Model
• NGINX doesn't generate a process or thread for every connection.
• Each worker process in Nginx is single threaded and runs independently.
• When the worker processes are launched,
• they are initialized with the configuration and
• The master process tells them to listen to the configured sockets.
• The worker threads do not get blocked on slow I/O. They are neither waiting on the slow I/O
from a back-end application server, nor they are waiting on a slow client!

05/06/2020 8
2. NGINX DESIGN …

05/06/2020 9
2. NGINX DESIGN …

C. Nginx Process Roles

• The master process is responsible for
• Reading and validating configuration
• Creating, binding and closing sockets
• Starting, terminating and maintaining the configured number of worker
processes
• Reconfiguring without service interruption
• Controlling non-stop binary upgrades
• Compiling embedded Perl scripts
• The worker processes are responsible for
• Accept, handle and process connections from clients,
• Provide reverse proxying
• Filtering functionality and
• Do almost everything else that nginx is capable of.
05/06/2020 10
2. NGINX DESIGN ARCHITECTURE

• The cache loader process is responsible for:

• Checking the on-disk cache items
• Cache expiration and invalidation
• Populating nginx's in-memory database with cache metadata.

05/06/2020 11
3. Apache vs NGINX

• The 3 criteria used to compare apache and nginx will be

1. Basic Architecture
2. Performance and
3. Configuration
1. Basic Architecture

05/06/2020 12
3. Apache vs NGINX

2. Performance
1. Deliver faster static resources
Nginx will serve static resources without the need to involve any server side languages. This
makes Nginx faster than Apache.

2. Handle higher concurrency

It should be noted that performance or being fast is in terms of how many
clients can be served under high load.
• Nginx can potentially receive thousands of requests on a single processing
thread and respond to them as fast as it can without turning down any of
those requests.
• Apache on the other hand will accept a request up to the preconfigured
number and then simply reject the rest.

05/06/2020 13
3. Apache vs NGINX
C. Configuration
• In Nginx that request requests are interpreted as uri locations.

• In Apache default to and highly favors to file system locations.

• The preference to directory location is also seen in the ht.access which causes
major performance degradation.

05/06/2020 14
4. Installing NGINX

• Nginx installation can be done in two different ways

1. Installing with a package manager
2. Building nginx from source adding modules
1. Installing with a package manager
• Official NGINX repo
• Mainline (recommended) -- Actively developed; new minor releases made every 4-6 weeks with
new features and enhancements.
• Stable -- Updated only when critical issues or security vulnerabilities need to be fixed.
• This installation method is quick and easy,
• limited options and
• it does not allow us to add extra modules or functionality to nginx.
• Steps:
1. cat /etc/lsb-release
2. Sudo apt-get update
3. Sudo apt-get install nginx
4. ps aux | grep nginx (making sure nginx is installed)

05/06/2020 15
4. Installing NGINX

2. Building nginx from source adding modules

• The main advantage of installing nginx from source is:
• The ability to add custom modules and
• Essentially extend the standard nginx functionality.
• Installation steps:
• Update your operating system’s packages.

• Install compiler tools. Such as Install build-essentiall.

• Download the mainline Nginx version & mandatory NGINX dependencies' source code And extract

05/06/2020 16
4. Installing NGINX

• Install optional NGINX dependencies:

• Enter the NGINX source directory:

• Configure, compile and install NGINX

05/06/2020 17
4. Installing NGINX

• Symlink /usr/lib/nginx/modules to /etc/nginx/modules directory

• Print the NGINX version, compiler version, and configure script parameters. To see the
installation summary.

05/06/2020
• Make sure nginx is running. 18
5. Configuration

• Nginx configuration files reside in /etc/nginx.

• Configuration terminology
• The two important terms are context and directives
a. Context
• Context is section with in the configuration file.
• like scope they are nested and inherit from their parent

b. Directive
05/06/2020 Directives are specific configuration options and consists of a name and a value 19
5. Configuration

05/06/2020 20
5. Configuration

• Enhancing Nginx’s performance requires editing the default configuration in the

main, event, and the http contexts.
• Main context
• The most general context or "global" context.
• It is the only context that is not contained within the typical context blocks.
• One main directive namely worker_processes.

• The Events Context

• Defines how Nginx handles connections at a general level.
• The worker_connection is the number of connection a single worker_process can handle.

05/06/2020 21
5. Configuration

• The HTTP Context

• Contain all of the directives and other contexts necessary to define how the
program will handle HTTP connections such as:
• proxy_cache_path
• mime.types
• charset utf-8
• access_log and error_log
• configure asynchronous I/O for file operations (sendfile)
• gzip and gzip_disable
• keepalive_disable, keepalive_requests, and keepalive_timeout

05/06/2020 22
5. Configuration

b. Creating virtual host

• Server context defines the virtual server.
• The main directives to set a virtual host are:
• Listen : defines the port the server will respond.
• Server_name: specifies hostname of virtual server using an IP or Domain name.
• Root: defines directory where files are stored.
• Index: defines the default file to be served.

05/06/2020 23
5. Configuration

• Location Context
• Points to the actual content on the web server.
• This is where the uri is defined and configured to handle a specific request.
• There are sever location modifiers for matching request uri.
1. The prefix match: 2. Exact match:

3. Regex match: 4. Regex match – case Insensitive:

5. Preferential:

05/06/2020 24
5. Configuration

C. Variables:
• Nginx variables exist in two forms.
1. Configuration variables
2. Nginx module variables.
1. Configuration variables:
$var ‘something’;
variables can be set in to simple string, integers or Boolean.

2. Nginx module variables: Nginx built in variable ($http, $uri, $args)

05/06/2020 25
5. Configuration

d. Rewrite (Redirects):
• Nginx uses rewrite and return directives for redirecting requests.
1. Return:
• The return statement takes a status code and a response data or a string.

• In cases when the response code is of the variant 300

• A redirect simply tells the client performing the request where to go.

05/06/2020 26
5. Configuration

2. Rewrite:
• mutates the uri internally.
• When nginx process a rewrite, it starts re-evaluating the rewrite request starting from the
server block.

e. Try_files:
• Used in the server context to all incoming requests or inside location for a specific uri.

05/06/2020 27
5. Configuration

f. Logging
• Nginx provides two log types. Namely access_log and error_log.
• For better organization of the log file it is a good practice to create custom log or
• disable logging all together for a given context by means of access_log and error_log.

g. Inheritance and Directive types:

• Inheritance is dependent on the type of directive being inherited.
1. Array directives:
2. Standard directives
3. Action directives
05/06/2020 28
5. Configuration

1. Array directives:
• Can be specified multiple times without overriding previous one and
• Gets inherited by a child context. But child contexts can override inheritance by re-
declaring directives.

2. Standard directives:
• Most common directives type and can only be declared once.
• A second declaration overrides the first one.
• Child context can override inheritance by re-declaring directive.
• E.g root and try_files directives
3. Action directives
• invoke some action in the configuration such as the redirect by the return directive.
• Inheritance simply does not apply to action directives. As they stop the normal flow of the
configuration.
• E.g return and rewrite directives

05/06/2020 29
5. Configuration

• Buffers and timeouts:

• Buffering is when an nginx worker process reads data in to memory before
writing it in to its next destination.

• Timeouts: stops a client from sending an endless stream of data and

eventually breaking the server

05/06/2020 30
6. Performance

a. Caching:
• A content cache sits between a client and an “origin server” and saves copies
of all the content it sees.

05/06/2020 31
6. Performance

05/06/2020 32
 6. Performance

• Caching parameters:
• proxy_cache_path: local disk directory for the cache.
• Levels: sets up a two-level directory hierarchy.
• keys_zone: sets up a shared memory zone for storing the cache keys and metadata.
• max_size: sets the upper limit of the size of the cache .
• Inactive: specifies how long an item can remain in the cache without being accessed.
• proxy_cache_revalidate: instructs NGINX to use conditional GET requests when
refreshing content from the origin servers.
• proxy_cache_min_uses: sets the number of times an item must be requested by
clients before NGINX caches it.
• proxy_cache_use_stale: directive instructs NGINX to deliver stale content.
• proxy_cache_lock: enabled, if multiple clients request a file that is not current in the
cache (a MISS), only the first of those requests is allowed through to the origin
server.

05/06/2020 33
6. Performance

• Content caching process

05/06/2020 34
6. Performance

• Cache-Headers
• These headers tell client the content is cacheable and the requesting client has
to honor the cacheability options.
Headers How it influences caching
Cache-Control Caching mechanisms in both, requests and responses.
Vary Accept-Encoding Header Vary means the content of this response can vary with the value
of Accept-Encoding.
Expires A standard nginx duration when a cached content will expire.
Last-Modified The date and time at which the origin server believes the resource was
last modified.
ETag An identifier (or fingerprint) for a specific version of a resource

05/06/2020 35
6. Performance

• Compressed response with gzip:

• Compression level:

05/06/2020 36
6. Performance

• Http2
• This module improves the performance of nginx webservers.
1. Binary protocol: http2 is a binary protocol where as http1 is a textual protocol.

2. Compressed response headers: http2 compressed response headers which reduces the
transfer time.
3. Persistent connection: of using a single TCP connection to send and receive multiple
HTTP requests/responses.
4. Multiplex streaming:

5. Server push: This means the client can be informed of assets such as scripts, images or
style sheets in advance along with the initial request.
05/06/2020 37
7. Reverse proxy and Load balancing

A. Reverse Proxying used to

• distribute the load among several servers,
• pass requests to upstream servers seamlessly, or
• pass requests for processing to application servers.
1. Common uses for a reverse proxy server include:
a. Load balancing:
b. Web acceleration:
c. Security and anonymity: 
2. Setting up Nginx as a reverse proxy

05/06/2020 38
7. Reverse proxy …
3. Setting the backend the right way

4. Adding transparency

05/06/2020 39
7. Reverse proxy …

b. Load balancing: technique used for

• Optimizing resource utilization,
• Maximizing throughput,
• Reducing latency, and ensuring fault tolerant configurations
• a load balancer is to achieve two main goals:
1. Distributed resource:
2. Provide redundancy:

05/06/2020 40
7. Reverse proxy …

Load-Balancing Methods:
Method Directive Application
Round robin: ---- distributes requests in the order of the list of servers in the
upstream pool.
Least connections: Least_conn The upstream server with the least connection is favored.
IP hash Ip_hash which is extremely helpful when the session state is of concern.
Generic hash hash $request_uri very useful when more control is need over where requests are sent

05/06/2020 41
8. Nginx pitfalls

a. Chmod 777
Never use Chmod 777 in nginx directories.

b. Root inside Location Block

05/06/2020 42
8. Nginx pitfalls

c. Multiple Index Directives

d. Passing Uncontrolled Requests to PHP

05/06/2020 43
8. Nginx pitfalls

e. Rewrite missing http://

05/06/2020 44
Reference

1. http://nginx.org/en/docs/
2. https://docs.nginx.com/
3. Udemy - Nginx - Beginner to Advanced by Zeal Vora
4. stackacademy.tv - Nginx-fundamentals (video)
5. Apress Nginx From Beginner to Pro
6. Nginx Essentials (2015)

05/06/2020 45
 The end

05/06/2020 46