Nginx Config Generator
Generate production-ready Nginx configurations — static sites, SPAs, reverse proxies, and PHP apps
server {
listen 80;
server_name example.com;
client_max_body_size 10m;
root /var/www/html;
index index.html;
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml text/javascript image/svg+xml;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
location / {
try_files $uri $uri/ =404;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires 30d;
add_header Cache-Control "public, immutable";
}
location ~ /\. {
deny all;
}
}Nginx Config Generator
Generate production-ready Nginx configurations — static sites, SPAs, reverse proxies, and PHP apps
Features
- Static site, SPA, reverse proxy, or PHP server presets
- TLS / HTTPS redirect block with Let's Encrypt-friendly defaults
- Gzip compression + browser-cache headers for static assets
- Security headers (X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy)
- Optional rate limiting with `limit_req_zone` hint + per-location `limit_req`
How to use
- Select your server type (static, SPA, reverse proxy, or PHP).
- Enter your domain name and configure paths.
- Toggle features like SSL, gzip, caching, and security headers.
- Copy the generated config and save it to your server.
Tips & Best Practices
- `limit_req_zone` MUST live in the `http {}` block, not inside `server {}`. The generator emits a comment showing where to put it.
- Test the config with `nginx -t` before reloading. The output is template-grade; expect to tune for your specific environment.
- For Let's Encrypt, run certbot once to fetch certs; the paths in the generated config (`/etc/letsencrypt/live/<domain>/`) are the standard locations.
- Reverse-proxy mode forwards to `proxy_pass http://localhost:3000` — adjust the upstream URL for your backend.
- For multi-domain configs, generate per-domain server blocks and concatenate them in `/etc/nginx/sites-available/`.
FAQ
What is the difference between static and SPA mode?
Static mode returns 404 for unknown paths. SPA mode redirects all paths to index.html, enabling client-side routing (React, Angular, Vue).
Should I enable gzip?
Yes, gzip compression reduces file sizes by 60-80% and significantly improves page load times.
How do I set up SSL?
Enable SSL, provide your certificate and key paths, and the generator will create an HTTP-to-HTTPS redirect block automatically. The output includes modern TLS protocols and strong cipher suites suitable for an A or A+ rating on SSL Labs.
What is the difference between reverse proxy and PHP mode?
Reverse proxy mode forwards requests to an upstream HTTP server (Node.js, Python/Gunicorn, Java, etc.) using proxy_pass and preserves headers like X-Forwarded-For. PHP mode wires Nginx to PHP-FPM via a Unix socket or TCP port and sets up the fastcgi_params needed for WordPress, Laravel, and similar PHP applications.
Where should I save the generated Nginx config file?
On Debian/Ubuntu place it in /etc/nginx/sites-available/<yoursite> and symlink it into /etc/nginx/sites-enabled/. On RHEL/CentOS, drop it into /etc/nginx/conf.d/<yoursite>.conf. Always run nginx -t to test the configuration before reloading with sudo systemctl reload nginx.
Does the generator support HTTP/2 and HTTP/3?
When SSL is enabled, the generated server block adds the http2 listen directive so HTTP/2 is on by default. HTTP/3 (QUIC) requires Nginx 1.25+ built with the quic module — once you have that, you can add listen 443 quic reuseport and an alt-svc header to the generated config.
How do I configure WebSocket support?
Enable the WebSocket option in the generator and the proxy block will include the Upgrade and Connection headers required for ws:// and wss:// connections. This is required for real-time apps using Socket.IO, SignalR, or raw WebSocket APIs behind Nginx.
Is the generator client-side and free to use?
Yes, your domain names, paths, and configuration choices are processed entirely in your browser — nothing is sent to a backend. The tool is free with no signup, no usage limits, and no tracking, so you can use it freely for client and infrastructure work.