Nginx Config Generator
Build nginx.conf server blocks interactively. Choose a template, toggle features, and copy the result. 100% client-side — nothing leaves your browser.
Core Settings
Generated Config
# Generated by RawOps.dev — Nginx Config Generator
# Mode: static
server {
listen 80;
listen [::]:80;
server_name example.com;
client_max_body_size 10M;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location / {
root /var/www/html;
index index.html index.htm;
try_files $uri $uri/ =404;
}
}Quick Recipes
Click a recipe to populate the form with a common nginx configuration.
Nginx Configuration Guide
Nginx is the world’s most popular web server and reverse proxy, powering over 30% of all websites. Configuration is done through text files (typically /etc/nginx/nginx.conf or per-site files in /etc/nginx/sites-available/) using a declarative block-based syntax.
Server Block Structure
Each nginx server block (also called a “virtual host”) defines how nginx handles requests for a specific domain and port. The basic structure is:
server {
listen 80;
server_name example.com;
location / {
root /var/www/html;
try_files $uri $uri/ =404;
}
}Common Directives
| Directive | Context | Description |
|---|---|---|
| listen | server | Port and optional SSL flag |
| server_name | server | Domain name(s) for this block |
| root | server, location | Document root directory |
| proxy_pass | location | Backend URL for reverse proxy |
| try_files | location | Fallback chain for file lookups |
| ssl_certificate | server | Path to SSL certificate chain |
| gzip | http, server | Enable gzip compression |
| limit_req_zone | http | Define rate limiting zone |
Reverse Proxy Setup
The most common use of nginx in modern architectures is as a reverse proxy in front of application servers (Node.js, Python, Go, etc.). Key headers to forward: X-Real-IP, X-Forwarded-For, and X-Forwarded-Proto. For WebSocket support, add proxy_http_version 1.1 and the Upgrade /Connection headers. For more advanced load balancing with health checks, sticky sessions, and stick-table rate limiting, see the HAProxy Config Generator.
SSL/TLS Best Practices
- Use TLS 1.2+ — disable SSLv3, TLS 1.0, and TLS 1.1
- Enable HSTS — force browsers to always use HTTPS
- OCSP stapling — improves SSL handshake performance
- Let’s Encrypt — free certificates with certbot auto-renewal
- HTTP/2 — enabled automatically with
http2 onin nginx 1.25.1+ - HTTP/3 (QUIC) — faster connections with 0-RTT handshakes, requires nginx 1.25.0+ built with
--with-http_v3_module - Inspect certificates — use our SSL Certificate Decoder to verify certificate chains, check expiry dates, and decode PEM/PFX files
Performance Tips
- Gzip compression — reduce transfer size by 60-80% for text content
- Static asset caching — set long
expiresfor JS/CSS/images with cache-busting filenames - client_max_body_size — increase for file uploads (default is only 1M)
- Rate limiting — protect APIs from abuse with
limit_req_zone
Privacy First
All configuration is generated entirely in your browser using JavaScript. Your server names, paths, IP addresses, and infrastructure details are never sent to any server. This tool has zero backend dependencies.