nginx

15 commands

15 shown

Test configuration Validate nginx.conf without reloading nginx -t #nginx Reload without downtime Gracefully reload config — zero connection drop nginx -s reload #nginx Show compiled modules List all built-in and dynamic modules in the binary nginx -V 2>&1 | tr ' ' '\n' | grep module #nginx#debug Tail access log with fields Stream IP, path, status code, and response size tail -f /var/log/nginx/access.log | awk '{print $1, $7, $9, $10}' #nginx#logs#monitoring Count requests by status code Frequency of each HTTP status code in access log awk '{print $9}' /var/log/nginx/access.log | sort | uniq -c | sort -rn #nginx#monitoring Top 10 requested URLs Most popular request paths from access log awk '{print $7}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | head -10 #nginx#monitoring Top IPs by request count Top 10 client IPs hitting the server awk '{print $1}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | head -10 #nginx#monitoring#security Rate limiting config block Limit to 10 req/s per IP with burst of 20 (add to http/server block) limit_req_zone $binary_remote_addr zone=api:10m rate=10r/s; limit_req zone=api burst=20 nodelay; #nginx#security Upstream health proxy pass Round-robin upstream with backup and keepalive connections upstream backend { server 10.0.0.1:8080; server 10.0.0.2:8080 backup; keepalive 32; } #nginx#network Enable gzip compression Compress text responses ≥1KB at level 6 gzip on; gzip_types text/plain text/css application/json application/javascript; gzip_min_length 1024; gzip_comp_level 6; #nginx#performance Return JSON error response Custom JSON body for rate-limit or error responses error_page 429 /429.json; location = /429.json { default_type application/json; return 429 '{"error":"rate_limited"}'; } #nginx Force HTTPS redirect Permanent redirect all HTTP traffic to HTTPS server { listen 80; return 301 https://$host$request_uri; } #nginx#security Show active connections Built-in nginx status page: active, reading, writing, waiting curl -s http://localhost/stub_status #nginx#monitoring Block IP range Block a subnet and specific IP in nginx location/server block deny 192.168.1.0/24; deny 10.0.0.1; allow all; #nginx#security Proxy WebSocket WebSocket proxy with required Upgrade headers location /ws/ { proxy_pass http://backend; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; } #nginx#network
no commands match