Glossary

nginx

nginx (pronounced 'engine-x') is a high-performance open-source web server, reverse proxy, and load balancer widely used as the front door to production web applications.

Explanation

nginx was designed to solve the C10K problem (10,000 concurrent connections) using an event-driven, non-blocking architecture. Unlike Apache's thread-per-connection model, nginx uses a small number of worker processes (one per CPU core) each handling thousands of connections with non-blocking I/O. This makes nginx extremely efficient for high concurrency with low memory. In most production setups, nginx sits in front of your application server as a reverse proxy: it terminates TLS (handles HTTPS), serves static files directly from disk, and forwards dynamic requests to the application server. This separation lets each component do what it does best. Key nginx capabilities: static file serving (blazingly fast from disk), reverse proxying (proxy_pass to upstream apps), load balancing (distribute across server pool), TLS termination (decrypt HTTPS, forward HTTP internally), compression (gzip reduces response size 60-80%), caching (cache upstream responses), rate limiting (limit_req_zone per IP), and virtual hosting (multiple domains from one server via server blocks). nginx configuration uses declarative blocks: http (global HTTP settings), server (virtual hosts — one per domain), and location (URL pattern rules). The syntax is powerful but strict — a missing semicolon prevents nginx from starting.

Code Example

bash 
# Complete nginx production config
server {
    listen 80;
    server_name myapp.com www.myapp.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    server_name myapp.com www.myapp.com;

    ssl_certificate     /etc/letsencrypt/live/myapp.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/myapp.com/privkey.pem;
    ssl_protocols       TLSv1.2 TLSv1.3;

    gzip on;
    gzip_types text/plain text/css application/javascript application/json;

    # Static files served directly (no app server)
    location /static/ {
        root /var/www/myapp;
        expires 1y;
        add_header Cache-Control "public, immutable";
    }

    # Reverse proxy to Node.js on port 3000
    location / {
        proxy_pass         http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection 'upgrade';
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }
}

# Test before reloading: sudo nginx -t && sudo nginx -s reload

Why It Matters for Engineers

nginx powers over a third of the world's busiest websites. Almost every production deployment involves nginx — whether you know it or not (Vercel, Netlify, and CloudFront all use nginx internally). Knowing how to configure it means you can deploy and debug production apps without depending entirely on platform abstractions. nginx bugs cause some of the most confusing production issues: 502 Bad Gateway (app server is down), incorrect req.ip values (missing X-Forwarded-For), cookie Secure attribute not respected (missing X-Forwarded-Proto), and static files not serving (wrong root path). Understanding nginx makes these immediately diagnosable.

Related Terms

Web Server · Load Balancer · HTTPS · Docker

Learn This In Practice

Go deeper with the full module on Beyond Vibe Code.

DevOps Fundamentals → →