Nginx is one of the most popular and powerful web servers in the world. Many websites and web applications use Nginx, and customize it with their own configurations to optimize performance, security, and functionality.
However, creating and managing custom Nginx configs can be challenging and time-consuming, especially if you have to log into the Linux terminal and edit files manually.
That’s why we are excited to introduce easy custom Nginx configuration in RunCloud for you. You can now create custom Nginx configs directly from the RunCloud dashboard, without having to touch the command line.
You can also test and debug your custom Nginx configs from the RunCloud dashboard before you apply them, so you can avoid breaking your website. This will save you a lot of time and hassle, and let you focus on your web development.
What is Nginx Config?
Nginx, pronounced like “engine-ex”, is the open source web server that powers more than 400 million websites. It’s now also used for reverse proxying, caching, load balancing, media streaming, and more.
In this post, we’ll focus on Nginx as a web server. From Nginx success stories, we can see that Nginx open source web server has been used by many big companies, including Adobe, Cloudflare, WordPress.com, ZenDesk, Groupon, etc.
Nginx is a high performance web server that is great for handling many concurrent connections and serving static content. All RunCloud servers are powered by Nginx web servers.
In RunCloud, Nginx web server can be configured from Nginx configuration files that are located in the /etc/nginx-rc/
directory, with the primary configuration file found in /etc/nginx-rc/nginx.conf
.
Each web application in RunCloud has their own Nginx configs that are located in the /etc/nginx-rc/conf.d/
directory. Users can create custom Nginx configs that are located in the /etc/nginx-rc/extra.d/
directory.
RunCloud Stacks
RunCloud offers different stacks for your web hosting needs. Each stack has its own advantages and limitations. You can choose the stack that suits your website best.
NGINX + Apache2 Hybrid Stack
This stack combines the power of NGINX and Apache2. NGINX serves as a reverse proxy for Apache2, but only for PHP files. For static files (eg: CSS, JS, images, fonts), NGINX serves them directly. This way, you can enjoy the speed and efficiency of NGINX for static content, and the compatibility and flexibility of Apache2 for PHP content.
This stack is ideal for average users who use .htaccess
file to configure their website. However, if you need to do something that .htaccess
file cannot do, you will need to use a custom Nginx config.
Native NGINX Stack
This stack uses only NGINX to handle your website. For PHP files, NGINX passes them to FastCGI to communicate with PHP-FPM. This stack is faster and more secure than the hybrid stack, but it doesn’t support .htaccess
file.
This stack requires you to use custom Nginx config if you want to rewrite or extend Nginx by including your own config.
Native NGINX + Custom Config Stack
This stack also uses only NGINX to handle your website, but it doesn’t serve your PHP file. This stack is suitable if you want to run other web applications or frameworks such as Node.js / Python / Golang / WebSocket / Ruby on Rails / etc., using RunCloud.
This stack relies on custom Nginx configs to fully configure this stack. You can use custom Nginx configs to set up the proxy settings, headers, caching, and more for your web application.
Create a Custom Nginx Config
With the new “Nginx config” feature, you can do this directly from the RunCloud dashboard easily. Please log in to your RunCloud Dashboard, choose your server, go to Web Applications menu and click one of your web applications – you will then see the “Nginx Config” menu.
Click the “Add a New Config” button to start creating your custom Nginx config for the current web application.
If you are familiar with Nginx config, you can choose “I want to write my own config” and start adding your config.
You can also start with a predefined Nginx config that we have provided. You can use it directly without customizing it.
For config “Type”, you can start with location.main
(default) and location.main-before
. You can start using other types when you are familiar with the Nginx config structure in RunCloud.
Run and Debug Custom Nginx Config
Editing Nginx config directly using Linux terminal could be dangerous, and could take your website down if you don’t have enough skill to debug your Nginx config issue.
RunCloud provides a “Run and Debug” feature that you can use to check if your custom Nginx config is okay or not.
If your custom Nginx config looks good, clicking “Run and Debug” will give you a green message.
If your custom Nginx config has some errors, clicking “Run and Debug” will give you red error message with the error details.
Even if you don’t use the “Run and Debug” feature, and try to click the “Save config” button directly, RunCloud will debug your custom Nginx config automatically, and will stop if it encounters errors. Because of this, there’s no need to be afraid of whether your custom Nginx config could break your website.
Predefined Nginx configs
We also provide some predefined Nginx configurations that you can use without customizing them, since they’re tailored according to your web application.
I want to write my own config
If you want to customize your Nginx server settings, you can do so by selecting the “I want to write my own config” option from the dropdown menu in the Web Application Settings page. This will allow you to add your own Nginx directives in the Custom Config box. You can write anything you like, as long as it is valid Nginx syntax.
Apple Pay verification
If you want to use Apple Pay on your website, you need to verify your domain with Apple. This requires adding a specific file to your server and configuring your Nginx to serve it. To make this process easier, RunCloud provides a ready-made config template for Apple Pay verification. You can find it in the Config Templates page under the Nginx tab.
All you need to do is select the template and apply it to your web application. This will automatically create the file and add the necessary Nginx directives for you. This way, you can save time and reduce the chances of error when setting up Apple Pay on your website.
Cloudflare – Restore Visitor IP
Cloudflare acts as a proxy to your RunCloud server, which means that all visitors will appear to be coming from Cloudflare IP addresses. This is a hindrance to visitor tracking or identifying attackers.
In order to restore a visitor’s IP address, we need to retrieve the visitor’s originating IP address in the HTTP header from all Cloudflare’s IP addresses.
You can use this predefined Nginx config to restore your visitor IP address, if needed.
Header – Opt-out of Google’s FLoC Network
This template allows you to prevent your website from participating in Google’s new tracking method called Federated Learning of Cohorts (FLoC). FLoC is a feature that lets browsers collect, profile, and store usage patterns based on a user’s browsing habits over time. This data is then used by Google and its advertising partners for targeting and personalizing ads.
Some people may have privacy concerns about FLoC and may want to opt out of this network. By applying this template to your web application, you can add a header to your Nginx server that tells Chrome not to include your website in its FLoC calculations. This way, you can respect the privacy of your visitors and avoid being part of Google’s tracking system.
Redirect – from non-www to www
This simple Nginx config is useful if you want to redirect the non-www version of your website to www version.
Note: Please use this Nginx config if only you have added both non-www and www versions of your domain to your web application’s Domain Name menu, and you have set up DNS Records for both non-www and www.
Redirect – from www to non-www
This simple Nginx config is useful if you want to redirect the www version of your website to non-www version.
Note: Please use this Nginx config if only you have added both non-www and www versions of your domain to your web application’s Domain Name menu, and you have se tup DNS Records for both non-www and www.
WordPress – 6G Firewall
The 6G Firewall is a powerful, well-optimized blacklist that checks all URI requests against a set of carefully constructed .htaccess directives, developed by Jeff Star from Perishable Press. This happens quietly behind the scenes at the server level, which is optimal for performance and resource conservation.
This predefined Nginx config brings 6G Firewall to Nginx web server in RunCloud servers.
WordPress – 7G Firewall
The 7G Firewall is the latest nG Firewall from Perishable Press. This predefined Nginx config brings 7G Firewall to Nginx web server in RunCloud servers.
Both 6G & 7G firewalls are easy-to-use, cost-effective ways to secure your site against malicious HTTP activity. They help to protect against evil exploits, ill requests, and other nefarious garbage, such as XSS attacks, code injections, cache poisoning, response splitting, dual-header exploits, and more.
The 6G & 7G firewalls are good alternatives of our Web App Firewall (ModSecurity & OWASP CRS). You can try either 6G or 7G firewall if ModSecurity WAF doesn’t fit with your web application.
WordPress – Block direct PHP file execution
This config template is a security measure that prevents hackers from running malicious PHP files on your website. By default, WordPress allows PHP execution in certain directories, such as the /wp-includes/ and /wp-content/uploads/ folders. This means that anyone who can upload files to these folders can also run PHP code on your server.
Hackers can exploit this vulnerability by uploading backdoor access files or malware that can compromise your website. By applying this template to your web application, you can add a rule to your Nginx server that denies access to any PHP files in these directories. This way, you can protect your website from unauthorized PHP execution and improve its security.
WordPress – Block wp-trackback.php
This template prevents spammers from sending fake trackbacks and pings to your WordPress posts. Trackbacks and pings are notifications that another blog has linked to your content, but they can also be abused by spammers who want to create backlinks to their own websites. By applying this template to your web application, you can add a rule to your Nginx server that denies access to the wp-trackback.php file, which is responsible for handling trackbacks and pings.
WordPress – Block xmlrpc.php
The WordPress – Block xmlrpc.php config template is another security measure that prevents attackers from exploiting the xmlrpc.php file in WordPress, which is used for remote communication with your site. The xmlrpc.php file allows you to do things like posting to your site from your mobile device, receiving trackbacks and pingbacks from other sites, and using some features of the Jetpack plugin. However, it can also be abused by hackers who want to launch brute force attacks, DDoS attacks, or spam comments on your site.
By applying this template to your web application, you can add a rule to your Nginx server that denies access to the xmlrpc.php file. This way, you can protect your website from xmlrpc.php attacks.
WordPress – FlyingPress Plugin
This config is a set of rules for Nginx server that are related to the FlyingPress plugin. The FlyingPress plugin is a speed optimization plugin for WordPress that boosts your website’s Core Web Vitals and performance. It has features such as critical CSS, lazy loading, bloat removal, font optimization, link preloading, and more.
This config is for FlyingPress users who want to serve FlyingPress caches directly from Nginx, without touching PHP, especially when you use Native Nginx stack in RunCloud. You can use this config with either FlyingPress standalone only, or combine it with RunCloud Hub. You need to install the FlyingPress WordPress plugin first before using this config.
The purpose of this config is to serve cached HTML files from the FlyingPress directory if they exist, and if none of the conditions that disable the cache are met. This can improve the speed and performance of your WordPress site by reducing the load on your server and delivering faster responses to your visitors.
WordPress – Multisite Subdirectory
The WordPress – Multisite Subdirectory config template is for WordPress sites that use the multisite feature in a subdirectory structure. By applying this template to your web application, you can add some rules to your Nginx server that enable the multisite functionality in a subdirectory mode.
Note that this template is only needed when using WordPress inside a docker instance on RunCloud. If you’re using a regular WordPress installation on RunCloud, you don’t need this template.
Developer Tips – RunCloud Nginx Config Structure
If you’re a developer and want to explore the Nginx config structure in RunCloud, this information could be useful for you.
When creating a custom Nginx config, we recommend you use location.main
or location.main-before
type. It works for common cases, your Nginx config will be loaded in the main location block
of your web application.
Configuration options in Nginx are called directives, and are organized into groups known as blocks
.
You can learn more about blocks in Nginx configuration here.
Location.http
The http block
contains directives for handling web traffic. You can create custom Nginx configs that will be loaded in the http block, right before the server block
of your web application.
Headers
You can use the headers config to add HTTP headers to your website. For example, you can add security headers, caching headers, or custom headers.
Location blocks
The location block lets you configure how Nginx will respond to requests for resources within the server. You can use different location configs to load custom Nginx configs in specific location blocks.
- location.main-before: This config will be loaded before the main location blocks in your web application. You can use this to add rules that apply either to all requests, or to specific requests based on prefixes or regular expressions.
- location.root: This config will be loaded inside the root location block that serves the document root of your website. You can use this to add rules that apply to the root directory.
- location.static: This config will be loaded inside the static location block that serves static assets (css / js / images / fonts / etc) of your website. You can use this to add rules that optimize the delivery and caching of static files.
- location.html: This config will be loaded inside the html location block that serves HTML pages in your website. You can use this to add rules that enhance the performance and security of HTML pages.
- location.favicon: This config will be loaded inside the favicon location block that serves the favicon.ico file in your website. You can use this to add rules that improve the caching and accessibility of the favicon file.
- location.main: This config will be loaded after the main location blocks in your web application. You can use this to add rules that override or complement the previous location blocks.
- location.proxy: This config will be loaded inside the proxy location block that passes requests to a backend server or service. You can use this to add rules that modify the proxy settings or headers.
Runcloud-hub
The runcloud-hub config is a necessary component when you use the RunCloud Hub plugin for WordPress. The runcloud-hub config enables the communication between the plugin and the Nginx server, and handles the caching rules and headers for your site. Without the runcloud-hub config, the plugin will not work properly and you will not be able to enjoy the benefits of RunCloud Hub features.
After Action Report
RunCloud is the ultimate solution for developers who want to host and manage their websites with ease and speed. You don’t need to be a Linux expert to use RunCloud. You can create and deploy your web applications, configure your server settings, and monitor your performance from a simple and intuitive dashboard.
One of the features that makes RunCloud stand out is the ability to create custom Nginx configs directly from the dashboard. This gives you more flexibility and control over your web server without having to edit files manually. You can use this feature to optimize your website performance, security, and functionality.
This feature is available for all paid plan users (Basic, Pro, Business). If you are already a RunCloud user, you can start using this feature right away. If you are not a RunCloud user yet, what are you waiting for? Join RunCloud today and see how easy and fast it is to host and manage your websites with RunCloud.
We are committed to making RunCloud the best web hosting solution for you. We always welcome your suggestions for new features that can improve your RunCloud experience.