nginx
15 commands
15 shown
Test configuration
Validate nginx.conf without reloading
nginx -t
Reload without downtime
Gracefully reload config — zero connection drop
nginx -s reload
Show compiled modules
List all built-in and dynamic modules in the binary
nginx -V 2>&1 | tr ' ' '\n' | grep module
Tail access log with fields
Stream IP, path, status code, and response size
tail -f /var/log/nginx/access.log | awk '{print $1, $7, $9, $10}'
Count requests by status code
Frequency of each HTTP status code in access log
awk '{print $9}' /var/log/nginx/access.log | sort | uniq -c | sort -rn
Top 10 requested URLs
Most popular request paths from access log
awk '{print $7}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | head -10
Top IPs by request count
Top 10 client IPs hitting the server
awk '{print $1}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | head -10
Rate limiting config block
Limit to 10 req/s per IP with burst of 20 (add to http/server block)
limit_req_zone $binary_remote_addr zone=api:10m rate=10r/s;
limit_req zone=api burst=20 nodelay;
Upstream health proxy pass
Round-robin upstream with backup and keepalive connections
upstream backend {
server 10.0.0.1:8080;
server 10.0.0.2:8080 backup;
keepalive 32;
}
Enable gzip compression
Compress text responses ≥1KB at level 6
gzip on;
gzip_types text/plain text/css application/json application/javascript;
gzip_min_length 1024;
gzip_comp_level 6;
Return JSON error response
Custom JSON body for rate-limit or error responses
error_page 429 /429.json;
location = /429.json {
default_type application/json;
return 429 '{"error":"rate_limited"}';
}
Force HTTPS redirect
Permanent redirect all HTTP traffic to HTTPS
server {
listen 80;
return 301 https://$host$request_uri;
}
Show active connections
Built-in nginx status page: active, reading, writing, waiting
curl -s http://localhost/stub_status
Block IP range
Block a subnet and specific IP in nginx location/server block
deny 192.168.1.0/24;
deny 10.0.0.1;
allow all;
Proxy WebSocket
WebSocket proxy with required Upgrade headers
location /ws/ {
proxy_pass http://backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
}
no commands match