Nginx configuration example for NodeJS app


Nginx configuration example for NodeJS app

Here is a simple example of how you can setup an nginx file to run a nodejs app. The lines which have the coment # managed by Certbot in the end are added automatically by Certbot.

# save this file in /etc/nginx/conf.d/your_file.conf
limit_req_zone $binary_remote_addr zone=one:10m rate=50r/s;

map $request_method $limit {
    default         "";
    POST            $binary_remote_addr;
}
# Creates 10mb zone in memory for storing binary ips
# Use this zone to limit the login route only 1 request per minute
limit_req_zone $limit zone=login_zone:10m rate=1r/m;

server {
    server_name  YOUR_IP_OR_DNS;

    # Limit the payload size
    client_max_body_size 10M;

    location / {
        # proxi the public port (https - 443) to the local port of the app (in this case 8000, but use yours)
        proxy_pass http://127.0.0.1:8000;
        proxy_set_header Host      $host;
        # forward the real ip
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header  X-Forwarded-For $remote_addr;
        proxy_set_header  X-Forwarded-Host $remote_addr;
        # use the limit zone created previously to limit at maximum 50 requests per second (line 2)
        limit_req zone=one burst=10 nodelay;
    }

    location /auth/login {
        # Creates 10mb zone in memory for storing binary ips
        limit_req zone=login_zone;
        proxy_pass http://127.0.0.1:8000;
    }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/YOUR_IP_OR_DNS/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/YOUR_IP_OR_DNS/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    if ($host = YOUR_IP_OR_DNS) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen       80;
    listen       [::]:80;
    server_name  YOUR_IP_OR_DNS;
    return 404; # managed by Certbot
}

Newsletter


Related Posts

What I learned to never do in a presentation meeting

What I learned to never do in a presentation meeting. I had a very bad meeting experience with a gateway provider.

Startup graveyard is a series of killed projects that made millions in revenue per year

Startup graveyard is a series of killed projects that made millions in revenue per year. Just watch their graveyard and do it your own. What better validation do you expect.

How do you detect Credit card type based on the number?

How do you detect Credit card type based on the number using JavaScript? Simple solution using only code, no library required.

Download files in Javascript from Node.js server

How to download files in Javascript, either you use Vue.js, React, Angular, jQuery, or Vanilla JS. On the backend side, we run on Node.js using Express.js.

What books to read

The list of books I read. I decided one year ago to challenge myself and read as many books as I can this year. Take a look at this article and find all of them.

Startup tools for a better version

Are you a startup founder and are you looking for startup tools like invoice, planning or just making money with much automation? Check this article, from founder to founders.

How to use express validator?

How to use express validator through full examples. I found express validator very powerful, but having a poor documentation.

How to check DNS propagation

How to check DNS propagation? Did you changed the DNS records recently and now is not working? Stop crying and check the DNS propagation.

LibraPay library for Nodejs

LibraPay library for Nodejs - integrate Libra Bank online payment gateway using this library for NodeJs.

Opensource Object Storage with Minio

Opensource Object Storage with Minio using Docker. An alternative to AWS S3, Linode Storage, Google Storage, Azure Storage.