Skip to content

Author: tex

Build options to improve the performance and security of Nginx

Without any optimization option, the compiler’s goal is to reduce the cost of compilation and to make debugging produce the expected results. Statements are independent: if you stop the program with a breakpoint between statements, you can then assign a new value to any variable or change the program counter to any other statement in…

ACME Challenge support on all HTTP virtual hosts

To enable ACME Challenge support on all HTTP virtual hosts and avoid errors due to configuration/rewrite on generation or renewing SSL certificates from Let’s Encrypt you must configure a location alias. For Apache: Alias /.well-known/acme-challenge/ /var/www/default/.well-known/acme-challenge/ <Directory “/var/www/default/.well-known/acme-challenge/”> Options None AllowOverride None ForceType text/plain RedirectMatch 404 “^(?!/\.well-known/acme-challenge/[\w-]{43}$)” </Directory> For Nginx: location “/.well-known/acme-challenge” { allow all;…

Proxy image server with nginx

You can quickly use Nginx as a proxy image server. For your server security, you can use ‘nginx-accesskey’ module. Configuration example: server { listen a.b.c.d:443 rcvbuf=64000 sndbuf=120000 backlog=4096 ssl http2; server_name mydomain.tld www.mydomain.tld; keepalive_timeout 60; ssl on; ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1; ssl_ciphers ‘ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS:!RC4’; ssl_prefer_server_ciphers on; ssl_session_cache shared:TLSSL:30m; ssl_session_timeout 60m; ssl_buffer_size 4k; ssl_certificate /etc/letsencrypt/live/mydomain.tld/fullchain.pem; ssl_certificate_key…

HTTP/2 support in Apache

The HTTP/2 protocol: HTTP/2 is the evolution of the world’s most successful application layer protocol, HTTP. It focuses on making more efficient use of network resources. It does not change the fundamentals of HTTP, the semantics. There are still request and responses and headers and all that. So, if you already know HTTP/1, you know…

Nginx unit – dynamic web application server

NGINX Unit is a dynamic web application server, designed to run applications in multiple languages. Unit is lightweight, polyglot, and dynamically configured via API. The design of the server allows reconfiguration of specific application parameters as needed by the engineering or operations. NGINX Unit is currently available as a beta. As such, it is suitable…

© 2021 - Marian Amza. All rights reserved.
Powered by Wordpress & Debian