Nginx

How to install and configure Nginx

Install Nginx on Ubuntu

echo -e \
"deb [arch=amd64] http://nginx.org/packages/ubuntu/ $(lsb_release -cs) nginx\n\
#deb-src [arch=amd64] http://nginx.org/packages/ubuntu/ $(lsb_release -cs) nginx" | \
sudo tee /etc/apt/sources.list.d/nginx.list

wget -q "http://nginx.org/packages/keys/nginx_signing.key" -O-| sudo apt-key add -

sudo apt update && sudo apt install nginx -y

Compile External Module

Check Nginx version

nginx -v

sudo apt update && sudo apt install libpcre3 libpcre3-dev git gcc

wget http://nginx.org/download/nginx-1.18.0.tar.gz

tar xf nginx-1.18.0.tar.gz

git clone https://github.com/google/ngx_brotli
cd ngx_brotli
git submodule update --init

cd ../nginx-1.18.0
./configure  --add-dynamic-module=../ngx_brotli $(nginx -V) --with-compat
make

sudo cp objs/ngx_http_brotli_filter_module.so /usr/lib/nginx/modules/
sudo cp objs/ngx_http_brotli_static_module.so /usr/lib/nginx/modules/

echo -e "load_module modules/ngx_http_brotli_filter_module.so;\nload_module modules/ngx_http_brotli_static_module.so;" | \
sudo tee /etc/nginx/modules-enabled/50-brotli.conf

Security Header

Add on /etc/nginx/nginx.conf

# Headers security
server_tokens    off;
add_header Expect-CT "max-age=500, enforce";
add_header Cache-Control "public";
add_header X-Content-Type-Options nosniff;
add_header Content-Security-Policy "frame-ancestors 'self'; upgrade-insecure-requests; frame-src 'self' *.youtube.com *.facebook.com *.google.com";
add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

References

Cara Memasang Modul Brotli Compression di Nginx

PreviousAbout NextPHP

Last updated 1 year ago