Md Nayeem Hossain
Nginx Configuration for Production: Complete Guide
DevOps

Nginx Configuration for Production: Complete Guide

M

Md Nayeem Hossain

Author

Dec 5, 2024
11 min read

Nginx Configuration for Production

Nginx is the de facto reverse proxy for the web. It handles SSL termination, load balancing, and static files much better than Node.js can.

A Perfect Reverse Proxy Config

Here is a production-ready block for proxying a Node.js app.

nginx
server {
    listen 80;
    server_name example.com;
    
    # 1. Redirect HTTP to HTTPS
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    server_name example.com;

    # SSL Certificates (Let's Encrypt usually handles these paths)
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    # 2. Security Headers
    # Protect against clickjacking and XSS
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    location / {
        # 3. Proxy to Node.js
        proxy_pass http://localhost:3000;
        
        # 4. Forward Headers
        # Critical for your app to know the real IP of the user
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Performance Tuning: Gzip

Enable compression to make your site load faster. It trades a tiny bit of CPU for massive bandwidth savings.

nginx
gzip on;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
gzip_min_length 1000; # Don't compress tiny files

Handling Rate Limiting

Protect your API from abuse directly at the web server level.

nginx
# Define the zone (10 requests per second per IP)
limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;

server {
    location /api/ {
        # Apply the limit with a small "burst" allowance
        limit_req zone=mylimit burst=20 nodelay;
        
        proxy_pass http://localhost:3000;
    }
}

Nginx is the shield that protects your application server. Configuring it correctly is essential for security and performance.

Nginx
DevOps
Server
Configuration

Recent Posts

Building Scalable React Applications: Best Practices for 2024

Building Scalable React Applications: Best Practices for 2024

Dec 28
Next.js 14 App Router: The Complete Developer's Guide

Next.js 14 App Router: The Complete Developer's Guide

Dec 25
Node.js Backend Architecture: Patterns for Production

Node.js Backend Architecture: Patterns for Production

Dec 22
MongoDB Performance Optimization: Complete Guide

MongoDB Performance Optimization: Complete Guide

Dec 20
Docker Containerization: From Development to Production

Docker Containerization: From Development to Production

Dec 18

© 2026 Md Nayeem Hossain. All rights reserved.