documentation, download Nginx from the website, and compile it yourself.
The best way to start is to immerse yourself in the official module
documentation at http://nginx.org/en/docs/.
To configure an enabled module, whether a default module or an optional
one, start at the same documentation, find the module you want to configure
in the list, and click its entry to learn about the various options. Even the Core
module configured in the nginx.conf example has a ton of extra options.
You may not need any of them, but you may find something useful.
HTTPS
Nginx comes with the ability to encrypt communications using openssl.
What this means is that your website can be accessed using https:// instead of
just http://, and all communications to and from the site will be encrypted.
For HTTPS to work, a certificate and a key are required. You should either
generate a self-signed certificate and key (which is adequate for internal use
or for personal sites) or buy a certificate from a certified CA authority (which
is necessary if you want anyone to trust your site for commercial ventures).
To generate a key for the certificate, use this command:
Click here to view code image
matthew@seymour:~$ openssl genrsa -des3 -out server.key 2048
This generates a basic key using Triple DES and 2,048-bit encryption. See the
man page for openssl for more information about possible settings.
To generate a certificate signing request (CSR), use this command:
Click here to view code image
matthew@seymour:~$ openssl req -new -key server.key -out server.csr
You are then asked for some information to complete the request.
To generate a self-signed certificate, use this command:
Click here to view code image
matthew@seymour:~$ openssl x509 -req -days 365 -in server.csr -
signkey server.key -out server.crt
This creates a certificate that is valid for 365 days. Certificates, even from
vendors, have expiration dates. Certificates should be renewed regularly to
reassure your site visitors that they are dealing with who they think they are
dealing with.
To copy the certificate to its proper location, use this command: