Basic Virtual Host Configuration
server {
listen 80;
server_name example.com www.example.com;
root /var/www/vhosts/example.com;
access_log /var/log/nginx/example.com-access.log main;
error_log /var/log/nginx/example.com-error.log warn;
index index.php index.html index.htm;
}
Notes
- To make a VirtualHost the default, append ‘default’ after the listen directive. ex: listen 80 default;
- Note that there is no ServerAlias directive. Aliased domains should be space separated in the
server_name directive. - This configuration is only for serving static content. For use with PHP, see PHP-FPM and APC with nginx
- You can test the Nginx configurations before restarting by running nginx -t
SSL Virtual Host
server {
listen 443 ssl;
server_name example.com www.example.com;
root /var/www/vhosts/example.com;
access_log /var/log/nginx/example.com-ssl-access.log main;
error_log /var/log/nginx/example.com-ssl-error.log warn;
ssl_certificate /etc/pki/tls/certs/YYYY_example.com.crt;
ssl_certificate_key /etc/pki/tls/private/YYYY_example.com.key;
ssl_session_timeout 5m;
# Use PCI compliant SSL protocols and ciphers
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!kEDH:!ADH:!EXPORT56;
ssl_prefer_server_ciphers on;
}
Notes
- There is no directive similar to SSLCertificateChainFile in Apache. The CA certificates should be appended to the certificate for the domain.
- As with Apache, the certificate and key can be in any directory. This configuration uses the RHEL/CentOS standard directories; the standard directories for Ubuntu are located at and /etc/ssl/certs /etc/ssl/private
Nginx/Apache comparisons
One way to think of Nginx vs. Apache configurations is like XML versus JSON. Apache’s syntax very closely resemble XML, and Nginx is practically fully compatible JSON. For instance, a VirtualHost block in Apache looks like this:
<VirtualHost *:80>
…
</VirtualHost>
Whereas Nginx looks like this:
server {
listen 80;
…
}
And here are some syntactical comparisons
