How to redirect IP address request to the proper domain name using Nginx

For SEO purposes, it is good practice to redirect permanently traffic directed to the IP address of a particular website to be re-written to the actual domain name.

This is very easy to do using Nginx web server. Simply add this server configuration block.

In this example I am using IP address 123.234.123.234 to be 301 redirected to domain name yourdomainname.com.

# -----------------------------------------------------

server {
listen 80;
server_name 123.234.123.234;
return 301 $scheme://www.yourdomainname.com$request_uri;
}

Add simple HTTP Basic Authentication using Nginx

Protecting your website from public using Nginx using Basic HTTP Authentication is easy.

This example uses Nginx + FPM and PHP5

This is useful when you just need to have simple protection for the following purposes:

1. During development.
2. Private website.
3. Temporary protection for certain directories.

Where to implement Basic HTTP Authentication in Nginx?

Inside your virtual host / default host configuration file.
In this example I am using Ubuntu and default configuration, so my default host configuration file is located at:

/etc/nginx/sites-available/default

Add the following lines inside the location ~ \.php$ { .... } block.

auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;

My entire location block looks like this:

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

#

location ~ \.php$ {

auth_basic "Restricted";

auth_basic_user_file /etc/nginx/.htpasswd;

fastcgi_buffer_size 128k;

fastcgi_buffers 4 256k;

fastcgi_busy_buffers_size 256k;

fastcgi_split_path_info ^(.+\.php)(/.+)$;

# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

# With php5-cgi alone:

fastcgi_pass 127.0.0.1:9000;

# With php5-fpm:

# fastcgi_pass unix:/var/run/php5-fpm.sock;

fastcgi_index index.php;

include fastcgi_params;

}

How to protect SSL (HTTPS) also with Basic HTTP Authentication in Nginx?

Just repeat the above steps while editing the HTTPS version of the configuration file.

In this example I edited:

/etc/nginx/sites-available/default-ssl

Create the .htpasswd (HTTP Password) file

DO NOT place this file inside your document root. I actually place mine in the Nginx configuration directory in:

/etc/nginx

I simply named the file:  .htpasswd

it is a . (dot) file because incase you accidentally place it inside your document root, typical web servers will not serve dot files.

Use online HTTP Password generators, just google 'http password generator'.

Here is the content of my .htpasswd file:

username:$apr1$YHsIoLBd$Ut5NoTL7bIIp9ysyLcczn.

the above line will allow username=username with password=password to be authenticated. 

Restart Nginx to apply your configuration

service nginx restart

Sample PHP5 FPM Pool configuration for high volume trafic

PHP5 FPM configuration for high throughput / trafic

I have a web project that required a lot of request per page load. I did not measure it exactly how many request, but it is probably around 50 - 100 requests. And I saw a few request timed-out especially when I cleared my browser cache or during a hard refresh.

So I tweaked my FPM pool configuration to the following setting to allow for more throughput:


[yourdotcom]

listen = /var/run/php5-fpm/yourdotcom.socket
listen.backlog = -1
listen.owner = www-data
listen.group = www-data
listen.mode=0660

; Unix user/group of processes
user = www-data
group = www-data

; Choose how the process manager will control the number of child processes.
pm = dynamic
pm.max_children = 80
pm.start_servers = 20
pm.min_spare_servers = 10
pm.max_spare_servers = 40
pm.max_requests = 1000

; Pass environment variables
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

; host-specific php ini settings here
; php_admin_value[open_basedir] = /var/www/yourdotcom/htdocs:/tmp