ZenovayTools

Nginx Config Generator

Generate Nginx server configurations. Reverse proxy, SSL/TLS, redirects, caching, gzip, security headers, and rate limiting presets.

Domain

Features

nginx.conf
server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name www.example.com;
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    return 301 https://example.com$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name example.com;

    # SSL
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 1d;
    ssl_stapling on;
    ssl_stapling_verify on;

    # Security headers
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

    # Gzip compression
    gzip on;
    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_min_length 256;
    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;

    # Logging
    access_log /var/log/nginx/example.com.access.log;
    error_log /var/log/nginx/example.com.error.log;

    # Static file caching
    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2)$ {
        proxy_pass http://127.0.0.1:3000;
        expires 30d;
        add_header Cache-Control "public, immutable";
    }

    location / {
        proxy_pass http://127.0.0.1:3000;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Usage: Save as /etc/nginx/sites-available/example.com.conf, symlink to sites-enabled/, then run nginx -t && sudo systemctl reload nginx.

How to Use Nginx Config Generator

  1. 1Enter your domain name and server details.
  2. 2Select features: SSL, reverse proxy, caching, gzip.
  3. 3Customize security headers and rate limiting.
  4. 4Copy the generated Nginx configuration.
Zenovay

Privacy-first analytics for your website

Understand your visitors without invasive tracking. GDPR compliant, lightweight, and powerful.

Explore Zenovay

Related Tools

JSON Formatter & ValidatorFormat, validate, and beautify JSON data with syntax highlighting and error detection.
JWT DecoderDecode and inspect JWT tokens. View header, payload, and verify signatures.
Base64 Encode/DecodeEncode text to Base64 or decode Base64 back to text. Supports UTF-8 and binary data.
URL Encode/DecodeEncode or decode URL components. Handle special characters, query strings, and full URLs.

Frequently Asked Questions

What is Nginx?
Nginx (pronounced "engine-x") is the world's most popular web server, handling over 34% of all websites. Created by Igor Sysoev in 2004, it excels at serving static content, reverse proxying, load balancing, and SSL termination. Nginx uses an event-driven, asynchronous architecture that handles thousands of concurrent connections with minimal memory. It is used by Netflix, Dropbox, Airbnb, and WordPress.com.
Where do I put the Nginx configuration file?
Main config: /etc/nginx/nginx.conf. Site configs: /etc/nginx/sites-available/yourdomain.conf with a symlink in /etc/nginx/sites-enabled/. After editing: test with "nginx -t" and reload with "sudo systemctl reload nginx" (or "sudo nginx -s reload"). On Docker, mount configs to /etc/nginx/conf.d/. Include files are processed alphabetically by filename.
How do I set up SSL with Let's Encrypt?
Install Certbot: "sudo apt install certbot python3-certbot-nginx". Run: "sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com". Certbot auto-generates SSL config and sets up auto-renewal. Certificates renew every 90 days via systemd timer. For production: add HSTS header, set ssl_protocols to TLSv1.2 TLSv1.3 only, and use Mozilla's recommended cipher suites.
How do I use Nginx as a reverse proxy?
Add a location block with proxy_pass: "location / { proxy_pass http://localhost:3000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; }". This forwards all requests to a backend running on port 3000 while preserving client headers.
What is the difference between Nginx and Apache?
Nginx uses event-driven async I/O; Apache uses process/thread-per-connection by default. Nginx is faster for static files and reverse proxying. Apache has more built-in modules (.htaccess, mod_rewrite). Nginx config is centralized; Apache supports per-directory .htaccess. For most modern deployments, Nginx is preferred for performance and simplicity.
How do I enable gzip compression in Nginx?
Add to the http block: "gzip on; gzip_types text/plain text/css application/json application/javascript text/xml application/xml image/svg+xml; gzip_min_length 256; gzip_comp_level 6;". This compresses responses over 256 bytes for the listed MIME types. Level 6 is a good balance between compression ratio and CPU usage. Do not gzip already-compressed formats (images, videos).