configuring-nginx

Original：🇺🇸 English

Translated

Configure nginx for static sites, reverse proxying, load balancing, SSL/TLS termination, caching, and performance tuning. When setting up web servers, application proxies, or load balancers, this skill provides production-ready patterns with modern security best practices for TLS 1.3, rate limiting, and security headers.

1installs

Sourceancoleman/ai-design-components

Added on2026-02-09

NPX Install

npx skill4agent add ancoleman/ai-design-components configuring-nginx

SKILL.md Content

View Translation Comparison →

Configuring nginx

Purpose

Guide engineers through configuring nginx for common web infrastructure needs: static file serving, reverse proxying backend applications, load balancing across multiple servers, SSL/TLS termination, caching, and performance optimization. Provides production-ready configurations with security best practices.

When to Use This Skill

Use when working with:

Setting up web server for static sites or single-page applications
Configuring reverse proxy for Node.js, Python, Ruby, or Go applications
Implementing load balancing across multiple backend servers
Terminating SSL/TLS for HTTPS traffic
Adding caching layer for performance improvement
Building API gateway functionality
Protecting against DDoS with rate limiting
Proxying WebSocket connections

Trigger phrases: "configure nginx", "nginx reverse proxy", "nginx load balancer", "enable SSL in nginx", "nginx performance tuning", "nginx caching", "nginx rate limiting"

Installation

Ubuntu/Debian:

bash

sudo apt update && sudo apt install nginx -y
sudo systemctl enable nginx
sudo systemctl start nginx

RHEL/CentOS/Rocky:

bash

sudo dnf install nginx -y
sudo systemctl enable nginx
sudo systemctl start nginx

Docker:

bash

docker run -d -p 80:80 -v /path/to/config:/etc/nginx/conf.d nginx:alpine

Quick Start Examples

Static Website

Serve HTML/CSS/JS files from a directory:

nginx

server {
    listen 80;
    server_name example.com www.example.com;
    root /var/www/example.com/html;
    index index.html;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~* \.(jpg|jpeg|png|gif|ico|css|js|woff2)$ {
        expires 1y;
        add_header Cache-Control "public, immutable";
    }
}

Enable site:

bash

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
sudo nginx -t && sudo systemctl reload nginx

See

references/static-sites.md

for SPA configurations and advanced patterns.

Reverse Proxy

Proxy requests to a backend application server:

nginx

upstream app_backend {
    server 127.0.0.1:3000;
    keepalive 32;
}

server {
    listen 80;
    server_name app.example.com;

    location / {
        proxy_pass http://app_backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
    }
}

See

references/reverse-proxy.md

for WebSocket proxying and API gateway patterns.

SSL/TLS Configuration

Enable HTTPS with modern TLS configuration:

nginx

server {
    listen 443 ssl http2;
    server_name example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    ssl_protocols TLSv1.3 TLSv1.2;
    ssl_prefer_server_ciphers off;
    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 1d;

    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

    location / {
        try_files $uri $uri/ =404;
    }
}

server {
    listen 80;
    server_name example.com;
    return 301 https://$server_name$request_uri;
}

See

references/ssl-tls-config.md

for complete TLS configuration and certificate setup.

Core Concepts

Configuration Structure

nginx uses hierarchical configuration contexts:

nginx.conf (global settings)
├── events { } (connection processing)
└── http { } (HTTP-level settings)
    └── server { } (virtual host)
        └── location { } (URL routing)

File locations:

```
/etc/nginx/nginx.conf
```
- Main configuration
```
/etc/nginx/sites-available/
```
- Available site configs
```
/etc/nginx/sites-enabled/
```
- Enabled sites (symlinks)
```
/etc/nginx/conf.d/*.conf
```
- Additional configs
```
/etc/nginx/snippets/
```
- Reusable config snippets

See

references/configuration-structure.md

for detailed anatomy.

Location Matching Priority

nginx evaluates location blocks in this order:

```
location = /exact
```
- Exact match (highest priority)
```
location ^~ /prefix
```
- Prefix match, stop searching
```
location ~ \.php$
```
- Regex, case-sensitive
```
location ~* \.(jpg|png)$
```
- Regex, case-insensitive
```
location /
```
- Prefix match (lowest priority)

Example:

nginx

location = /api/status {
    return 200 "OK\n";
}

location ^~ /static/ {
    root /var/www;
}

location ~ \.php$ {
    fastcgi_pass unix:/var/run/php/php-fpm.sock;
}

location / {
    proxy_pass http://backend;
}

Essential Proxy Headers

When proxying to backends, preserve client information:

nginx

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

Create reusable snippet at

/etc/nginx/snippets/proxy-params.conf

and include with:

nginx

include snippets/proxy-params.conf;

Common Patterns

Load Balancing

Distribute traffic across multiple backend servers:

Round Robin (default):

nginx

upstream backend {
    server backend1.example.com:8080;
    server backend2.example.com:8080;
    server backend3.example.com:8080;
    keepalive 32;
}

server {
    listen 80;
    location / {
        proxy_pass http://backend;
        include snippets/proxy-params.conf;
    }
}

Least Connections:

nginx

upstream backend {
    least_conn;
    server backend1.example.com:8080;
    server backend2.example.com:8080;
}

IP Hash (sticky sessions):

nginx

upstream backend {
    ip_hash;
    server backend1.example.com:8080;
    server backend2.example.com:8080;
}

Health Checks:

nginx

upstream backend {
    server backend1.example.com:8080 max_fails=3 fail_timeout=30s;
    server backend2.example.com:8080 max_fails=3 fail_timeout=30s;
    server backup.example.com:8080 backup;
}

See

references/load-balancing.md

for weighted load balancing and advanced patterns.

WebSocket Proxying

Enable WebSocket connections by upgrading HTTP protocol:

nginx

upstream websocket_backend {
    server 127.0.0.1:3000;
}

server {
    listen 80;
    server_name ws.example.com;

    location / {
        proxy_pass http://websocket_backend;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;

        # Long timeouts for persistent connections
        proxy_connect_timeout 7d;
        proxy_send_timeout 7d;
        proxy_read_timeout 7d;
    }
}

Rate Limiting

Protect against abuse and DDoS attacks:

nginx

# In http context
http {
    limit_req_zone $binary_remote_addr zone=api_limit:10m rate=5r/s;
    limit_conn_zone $binary_remote_addr zone=conn_limit:10m;
}

# In server context
server {
    listen 80;

    limit_req zone=api_limit burst=10 nodelay;
    limit_conn conn_limit 10;

    location /api/ {
        proxy_pass http://backend;
    }
}

See

references/security-hardening.md

for complete security configuration.

Performance Optimization

Worker Configuration:

nginx

# In main context
user www-data;
worker_processes auto;  # 1 per CPU core
worker_rlimit_nofile 65535;

events {
    worker_connections 4096;
    use epoll;
    multi_accept on;
}

Gzip Compression:

nginx

# In http context
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_comp_level 6;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml;

Proxy Caching:

nginx

# Define cache zone
proxy_cache_path /var/cache/nginx/proxy
                 levels=1:2
                 keys_zone=app_cache:100m
                 max_size=1g
                 inactive=60m;

# Use in location
location / {
    proxy_cache app_cache;
    proxy_cache_valid 200 60m;
    proxy_cache_use_stale error timeout updating;
    add_header X-Cache-Status $upstream_cache_status;
    proxy_pass http://backend;
}

See

references/performance-tuning.md

for detailed optimization strategies.

Security Headers

Add essential security headers to protect against common vulnerabilities:

nginx

# Create /etc/nginx/snippets/security-headers.conf
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';" always;

Include in server blocks:

nginx

server {
    include snippets/security-headers.conf;
    # ... rest of config
}

Access Control

Restrict access by IP address:

nginx

server {
    listen 80;
    server_name admin.example.com;

    # Allow specific IPs
    allow 10.0.0.0/8;
    allow 203.0.113.0/24;

    # Deny all others
    deny all;

    location / {
        proxy_pass http://admin_backend;
    }
}

Decision Framework

Choose nginx for: Performance-critical workloads (10K+ connections), reverse proxy, load balancing, static file serving, modern application stacks.

Choose alternatives for: Apache (

.htaccess

, mod_php, legacy apps), Caddy (auto-HTTPS, simpler config), Traefik (dynamic containers), Envoy (service mesh).

Safety Checklist

Before deploying nginx configurations:

Test configuration syntax:
```
sudo nginx -t
```
Use reload, not restart:
```
sudo systemctl reload nginx
```
(zero downtime)
Check error logs:
```
sudo tail -f /var/log/nginx/error.log
```

Verify SSL/TLS:

openssl s_client -connect domain:443 -servername domain

Test externally:
```
curl -I https://domain.com
```
Monitor worker processes:
```
ps aux | grep nginx
```
Check open connections:
```
netstat -an | grep :80 | wc -l
```
Verify backend health:
```
curl -I http://localhost:8080
```

Troubleshooting

Quick fixes: Test config (

sudo nginx -t

), check logs (

/var/log/nginx/error.log

), verify backend (

curl http://127.0.0.1:3000

Common errors: 502 (backend down), 504 (timeout - increase

proxy_read_timeout

), 413 (upload size - set

client_max_body_size

See

references/troubleshooting.md

for complete debugging guide.

Integration Points

Related Skills:

implementing-tls - Certificate generation and automation (Let's Encrypt, cert-manager)
load-balancing-patterns - Advanced load balancing architecture and decision frameworks
deploying-applications - Application deployment strategies with nginx integration
security-hardening - Complete server security beyond nginx-specific configuration
configuring-firewalls - Firewall rules for HTTP/HTTPS access
dns-management - DNS configuration for nginx virtual hosts
kubernetes-operations - nginx Ingress Controller for Kubernetes

Additional Resources

Progressive Disclosure:

```
references/installation-guide.md
```
- Detailed installation for all platforms
```
references/configuration-structure.md
```
- Complete nginx.conf anatomy
```
references/static-sites.md
```
- Static hosting patterns (basic, SPA, PHP)
```
references/reverse-proxy.md
```
- Advanced proxy scenarios and API gateway patterns
```
references/load-balancing.md
```
- All algorithms, health checks, sticky sessions
```
references/ssl-tls-config.md
```
- Complete TLS configuration and certificate setup
```
references/performance-tuning.md
```
- Workers, caching, compression, buffers
```
references/security-hardening.md
```
- Rate limiting, headers, access control
```
references/troubleshooting.md
```
- Common errors and debugging techniques

Working Examples:

```
examples/static-site/
```
- Static website and SPA configurations
```
examples/reverse-proxy/
```
- Node.js, WebSocket, API gateway examples
```
examples/load-balancing/
```
- All load balancing algorithms
```
examples/ssl-tls/
```
- Modern TLS and mTLS configurations
```
examples/performance/
```
- High-traffic optimization and caching
```
examples/security/
```
- Rate limiting and security hardening

Reusable Snippets:

```
snippets/ssl-modern.conf
```
- Modern TLS configuration
```
snippets/proxy-params.conf
```
- Standard proxy headers
```
snippets/security-headers.conf
```
- OWASP security headers
```
snippets/cache-static.conf
```
- Static asset caching

Configuring nginx

Purpose

When to Use This Skill

Use when working with:

Setting up web server for static sites or single-page applications
Configuring reverse proxy for Node.js, Python, Ruby, or Go applications
Implementing load balancing across multiple backend servers
Terminating SSL/TLS for HTTPS traffic
Adding caching layer for performance improvement
Building API gateway functionality
Protecting against DDoS with rate limiting
Proxying WebSocket connections

Trigger phrases: "configure nginx", "nginx reverse proxy", "nginx load balancer", "enable SSL in nginx", "nginx performance tuning", "nginx caching", "nginx rate limiting"

Installation

Ubuntu/Debian:

bash

sudo apt update && sudo apt install nginx -y
sudo systemctl enable nginx
sudo systemctl start nginx

RHEL/CentOS/Rocky:

bash

sudo dnf install nginx -y
sudo systemctl enable nginx
sudo systemctl start nginx

Docker:

bash

docker run -d -p 80:80 -v /path/to/config:/etc/nginx/conf.d nginx:alpine

Quick Start Examples

Static Website

Serve HTML/CSS/JS files from a directory:

nginx

server {
    listen 80;
    server_name example.com www.example.com;
    root /var/www/example.com/html;
    index index.html;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~* \.(jpg|jpeg|png|gif|ico|css|js|woff2)$ {
        expires 1y;
        add_header Cache-Control "public, immutable";
    }
}

Enable site:

bash

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
sudo nginx -t && sudo systemctl reload nginx

See

references/static-sites.md

for SPA configurations and advanced patterns.

Reverse Proxy

Proxy requests to a backend application server:

nginx

upstream app_backend {
    server 127.0.0.1:3000;
    keepalive 32;
}

server {
    listen 80;
    server_name app.example.com;

    location / {
        proxy_pass http://app_backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
    }
}

See

references/reverse-proxy.md

for WebSocket proxying and API gateway patterns.

SSL/TLS Configuration

Enable HTTPS with modern TLS configuration:

nginx

server {
    listen 443 ssl http2;
    server_name example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    ssl_protocols TLSv1.3 TLSv1.2;
    ssl_prefer_server_ciphers off;
    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 1d;

    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

    location / {
        try_files $uri $uri/ =404;
    }
}

server {
    listen 80;
    server_name example.com;
    return 301 https://$server_name$request_uri;
}

See

references/ssl-tls-config.md

for complete TLS configuration and certificate setup.

Core Concepts

Configuration Structure

nginx uses hierarchical configuration contexts:

nginx.conf (global settings)
├── events { } (connection processing)
└── http { } (HTTP-level settings)
    └── server { } (virtual host)
        └── location { } (URL routing)

File locations:

```
/etc/nginx/nginx.conf
```
- Main configuration
```
/etc/nginx/sites-available/
```
- Available site configs
```
/etc/nginx/sites-enabled/
```
- Enabled sites (symlinks)
```
/etc/nginx/conf.d/*.conf
```
- Additional configs
```
/etc/nginx/snippets/
```
- Reusable config snippets

See

references/configuration-structure.md

for detailed anatomy.

Location Matching Priority

nginx evaluates location blocks in this order:

```
location = /exact
```
- Exact match (highest priority)
```
location ^~ /prefix
```
- Prefix match, stop searching
```
location ~ \.php$
```
- Regex, case-sensitive
```
location ~* \.(jpg|png)$
```
- Regex, case-insensitive
```
location /
```
- Prefix match (lowest priority)

Example:

nginx

location = /api/status {
    return 200 "OK\n";
}

location ^~ /static/ {
    root /var/www;
}

location ~ \.php$ {
    fastcgi_pass unix:/var/run/php/php-fpm.sock;
}

location / {
    proxy_pass http://backend;
}

Essential Proxy Headers

When proxying to backends, preserve client information:

nginx

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

Create reusable snippet at

/etc/nginx/snippets/proxy-params.conf

and include with:

nginx

include snippets/proxy-params.conf;

Common Patterns

Load Balancing

Distribute traffic across multiple backend servers:

Round Robin (default):

nginx

upstream backend {
    server backend1.example.com:8080;
    server backend2.example.com:8080;
    server backend3.example.com:8080;
    keepalive 32;
}

server {
    listen 80;
    location / {
        proxy_pass http://backend;
        include snippets/proxy-params.conf;
    }
}

Least Connections:

nginx

upstream backend {
    least_conn;
    server backend1.example.com:8080;
    server backend2.example.com:8080;
}

IP Hash (sticky sessions):

nginx

upstream backend {
    ip_hash;
    server backend1.example.com:8080;
    server backend2.example.com:8080;
}

Health Checks:

nginx

upstream backend {
    server backend1.example.com:8080 max_fails=3 fail_timeout=30s;
    server backend2.example.com:8080 max_fails=3 fail_timeout=30s;
    server backup.example.com:8080 backup;
}

See

references/load-balancing.md

for weighted load balancing and advanced patterns.

WebSocket Proxying

Enable WebSocket connections by upgrading HTTP protocol:

nginx

upstream websocket_backend {
    server 127.0.0.1:3000;
}

server {
    listen 80;
    server_name ws.example.com;

    location / {
        proxy_pass http://websocket_backend;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;

        # Long timeouts for persistent connections
        proxy_connect_timeout 7d;
        proxy_send_timeout 7d;
        proxy_read_timeout 7d;
    }
}

Rate Limiting

Protect against abuse and DDoS attacks:

nginx

# In http context
http {
    limit_req_zone $binary_remote_addr zone=api_limit:10m rate=5r/s;
    limit_conn_zone $binary_remote_addr zone=conn_limit:10m;
}

# In server context
server {
    listen 80;

    limit_req zone=api_limit burst=10 nodelay;
    limit_conn conn_limit 10;

    location /api/ {
        proxy_pass http://backend;
    }
}

See

references/security-hardening.md

for complete security configuration.

Performance Optimization

Worker Configuration:

nginx

# In main context
user www-data;
worker_processes auto;  # 1 per CPU core
worker_rlimit_nofile 65535;

events {
    worker_connections 4096;
    use epoll;
    multi_accept on;
}

Gzip Compression:

nginx

# In http context
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_comp_level 6;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml;

Proxy Caching:

nginx

# Define cache zone
proxy_cache_path /var/cache/nginx/proxy
                 levels=1:2
                 keys_zone=app_cache:100m
                 max_size=1g
                 inactive=60m;

# Use in location
location / {
    proxy_cache app_cache;
    proxy_cache_valid 200 60m;
    proxy_cache_use_stale error timeout updating;
    add_header X-Cache-Status $upstream_cache_status;
    proxy_pass http://backend;
}

See

references/performance-tuning.md

for detailed optimization strategies.

Security Headers

Add essential security headers to protect against common vulnerabilities:

nginx

# Create /etc/nginx/snippets/security-headers.conf
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';" always;

Include in server blocks:

nginx

server {
    include snippets/security-headers.conf;
    # ... rest of config
}

Access Control

Restrict access by IP address:

nginx

server {
    listen 80;
    server_name admin.example.com;

    # Allow specific IPs
    allow 10.0.0.0/8;
    allow 203.0.113.0/24;

    # Deny all others
    deny all;

    location / {
        proxy_pass http://admin_backend;
    }
}

Decision Framework

Choose nginx for: Performance-critical workloads (10K+ connections), reverse proxy, load balancing, static file serving, modern application stacks.

Choose alternatives for: Apache (

.htaccess

, mod_php, legacy apps), Caddy (auto-HTTPS, simpler config), Traefik (dynamic containers), Envoy (service mesh).

Safety Checklist

Before deploying nginx configurations:

Test configuration syntax:
```
sudo nginx -t
```
Use reload, not restart:
```
sudo systemctl reload nginx
```
(zero downtime)
Check error logs:
```
sudo tail -f /var/log/nginx/error.log
```

Verify SSL/TLS:

openssl s_client -connect domain:443 -servername domain

Test externally:
```
curl -I https://domain.com
```
Monitor worker processes:
```
ps aux | grep nginx
```
Check open connections:
```
netstat -an | grep :80 | wc -l
```
Verify backend health:
```
curl -I http://localhost:8080
```

Troubleshooting

Quick fixes: Test config (

sudo nginx -t

), check logs (

/var/log/nginx/error.log

), verify backend (

curl http://127.0.0.1:3000

Common errors: 502 (backend down), 504 (timeout - increase

proxy_read_timeout

), 413 (upload size - set

client_max_body_size

See

references/troubleshooting.md

for complete debugging guide.

Integration Points

Related Skills:

implementing-tls - Certificate generation and automation (Let's Encrypt, cert-manager)
load-balancing-patterns - Advanced load balancing architecture and decision frameworks
deploying-applications - Application deployment strategies with nginx integration
security-hardening - Complete server security beyond nginx-specific configuration
configuring-firewalls - Firewall rules for HTTP/HTTPS access
dns-management - DNS configuration for nginx virtual hosts
kubernetes-operations - nginx Ingress Controller for Kubernetes

Additional Resources

Progressive Disclosure:

```
references/installation-guide.md
```
- Detailed installation for all platforms
```
references/configuration-structure.md
```
- Complete nginx.conf anatomy
```
references/static-sites.md
```
- Static hosting patterns (basic, SPA, PHP)
```
references/reverse-proxy.md
```
- Advanced proxy scenarios and API gateway patterns
```
references/load-balancing.md
```
- All algorithms, health checks, sticky sessions
```
references/ssl-tls-config.md
```
- Complete TLS configuration and certificate setup
```
references/performance-tuning.md
```
- Workers, caching, compression, buffers
```
references/security-hardening.md
```
- Rate limiting, headers, access control
```
references/troubleshooting.md
```
- Common errors and debugging techniques

Working Examples:

```
examples/static-site/
```
- Static website and SPA configurations
```
examples/reverse-proxy/
```
- Node.js, WebSocket, API gateway examples
```
examples/load-balancing/
```
- All load balancing algorithms
```
examples/ssl-tls/
```
- Modern TLS and mTLS configurations
```
examples/performance/
```
- High-traffic optimization and caching
```
examples/security/
```
- Rate limiting and security hardening

Reusable Snippets:

```
snippets/ssl-modern.conf
```
- Modern TLS configuration
```
snippets/proxy-params.conf
```
- Standard proxy headers
```
snippets/security-headers.conf
```
- OWASP security headers
```
snippets/cache-static.conf
```
- Static asset caching

configuring-nginx

NPX Install

Tags

SKILL.md Content

Configuring nginx

Purpose

When to Use This Skill

Installation

Quick Start Examples

Static Website

Reverse Proxy

SSL/TLS Configuration

Core Concepts

Configuration Structure

Location Matching Priority

Essential Proxy Headers

Common Patterns

Load Balancing

WebSocket Proxying

Rate Limiting

Performance Optimization

Security Headers

Access Control

Decision Framework

Safety Checklist

Troubleshooting

Integration Points

Additional Resources

configuring-nginx

NPX Install

Tags

SKILL.md Content

Configuring nginx

Purpose

When to Use This Skill

Installation

Quick Start Examples

Static Website

Reverse Proxy

SSL/TLS Configuration

Core Concepts

Configuration Structure

Location Matching Priority

Essential Proxy Headers

Common Patterns

Load Balancing

WebSocket Proxying

Rate Limiting

Performance Optimization

Security Headers

Access Control

Decision Framework

Safety Checklist

Troubleshooting

Integration Points

Additional Resources