Tag: Nginx

9 steps to optimize your nginx web server

Google uses it’s Page speed ranking algorithm to rank website listings. A fast website is always important if you want your users to visit  your website again. In this post, I am going to discuss on 9 steps to optimize your nginx web server

STEP1: Keep the number of worker processes to be same as number of processor cores on the server.

The worker_processes directive tells VM as to how many workers should be launched when nginx starts up.
A recommened setting is to keep this number to be same as number of CPU cores on the VM.

You can calculate the number of CPU cores on your server using below command
grep processor /proc/cpuinfo | wc -l

We should also configure worker_connections directive properly, This value determines how many clients can be served by nginx simultaneously.
The default value is 768. The capacity of your nginx server can be determined by multiplying worker_processes with worker_connections.

vi /etc/nginx/nginx.conf

worker_processes 2;
worker_connections 1024;

 

For a 2-core processor with above configuration, Nginx can server 2048 concurrent connections.

STEP2: Optimize gzip compression for static contents

Gzip compression is the most common optimization parameter. This parameter can save your server’s network bandwidth utilization & speed up response time.
When gzip compression is enabled for static resources, Nginx will compress them & transfers. The client browser then decompresses them & renders the resource.

Following is the basic gzip compression configuration from nginx.conf

gzip on;
gzip_comp_level 2;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain application/x-javascript text/xml text/css application/xml;

STEP3: Leverage browser caching to reduce unnecessary server load

Another important parameter which greatly contributes to the performance of your website.
If your static assets like css, images & js files don’t change frequently, it’s possible to cache them in client’s browser.
This will save the bandwidh & increase performance.

Following setting can be placed in your “server” block of your virtual host

location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
}

 

STEP4: Integrate with Pagespeed module for better performance

An open source module for nginx/apache ships with latest Web optimization features.
For installing latest version of this module, nginx needs to be compiled with it’s latest package.
Click here to learn How to Build ngx_pagespeed from source.

STEP5: Enable keep-alive connections

We should configure keepalive_timeouts value to be a minimum. The recommended value is between 10 to 15.
This value determines how long the worker connection is kept alive on the client browser so that all the new client requests with be served through this connection.

Modify nginx.conf & put this value inside “http” block

keepalive_timeout 15;

STEP6: Enable shared session cache when on HTTPS

When nginx is on HTTPS, SSL Handshake is the most CPU-Intensive operation.
There are two ways to minimize the number of these operations per client:

  • By enabling keepalive connections to send several requests via one connection
  • Reuse SSL session parameters to avoid SSL handshakes for parallel and subsequent connections

To enable this, following configuration needs to be placed in “http” block inside nginx.conf

ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;

Refer this guide for more details http://nginx.org/en/docs/http/configuring_https_servers.html

STEP7: Implement tmpfs file system for Cache directory.
A RAM directory/folder is always much faster than a directory based on normal hard disk, but it can lost all data when you reboot the server,
so the ideal is always to use this RAM directory to store cache files, that can easily re-created after the reboot.

Follow the below steps to enable tmpfs file system.
In this example, i have configured a WordPress plugin to cache the website files under /var/www/html/wp-content/cache

1. Configure a tmpfs partition on a new Directory.

mount -t tmpfs -o size=2G tmpfs /var/www/html/wp-content/cache

2. To make this partition survive after reboot, Add following entry to /etc/fstab file

tmpfs /var/www/nginxtips.com/wp-content/cache tmpfs defaults,size=2G 0 0

Now test your website & you should see faster response times after a few hits.

STEP8: Have a CDN to cache static assets

Cloudflare has a very intelligent caching system & CDN. I would recommend this if your website has users worldwide.
Cloudflare also has threat protection system for your website, which can be enabled on a single click from their control panel.
Click here  to learn more about Cloudflare.

STEP9: Serve static assets using seperate domain
Having static assets on a seperate subdomain will help in increasing the load time of your site.

Thoughts or Suggestions?.

Installing nginx-1.9.5 from source with HTTP/2 support

With the release of 1.9.5, nginx has added support for the awaited HTTP/2 protocol & it’s known that HTTP/2 has lots of performance enhancements to offer. Starting with nginx 1.9.5, SPDY module will be replaced by HTTP/2

It’s also important to know that 1.9.5 is currently an experimental version. Feel free to post if you are seeing any issues with this version.

Today i will show you the detailed steps on Installing nginx-1.9.5 from source with HTTP/2 support on a Linux server.
You need to login as root user to execute these steps.

STEP1: Install Dependencies

Since we are compiling nginx from source, we need to

yum -y install gcc pcre pcre-devel openssl openssl-devel

NOTE: Nginx http/2 module requires openssl 1.0.2 or latest version if you want to run website over HTTPS.

STEP2: Downlod the latest version of nginx & extract the archive.

cd /tmp/
wget http://nginx.org/download/nginx-1.9.5.tar.gz
tar -xzf nginx-1.9.5.tar.gz
cd nginx-1.9.5/

nginx-195

STEP3: Compile & install nginx from source.

As stated earlier, nginx will fail to compile if you try to enable SPDY module. You can see the following error.

 

spdy-disabled

Now let’s compile nginx from source.

./configure --with-http_v2_module --with-http_ssl_module
make
make install

Make sure to fix if you get any errors during compilation.

STEP4: Verify the Installation

After successful compilation & installation, check the directory /usr/local/nginx/ which will have all the installed files.

nginx-startup

Once nginx is installed successfully, you can run it using the below command

/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf

To test the scenario, Create a virtual host & add the directive to listen statement as shown below

server {
listen 80 http2;
......
}

or

server {
listen 443 http2;
......
}

Lastly, Test your web server for HTTP/2 support at https://www.h2check.org/

NOTE: Currently no browser supports HTTP/2 without HTTPS. This means that you are required to setup HTTP/2 over https only. Please refer this FAQ to know more

Optimized SSL paramaters for Nginx utilizing SPDY

You can use the following Nginx SSL configuration for optimal performance on your SSL based sites running Nginx web server.

 

listen 443 spdy;
server_name domain.com www.domain.com;
ssl on;
ssl_certificate           /etc/nginx/ssl/SSL.crt;
ssl_certificate_key       /etc/nginx/ssl/SSL.key;

ssl_session_cache  builtin:1000  shared:SSL:10m;
ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;