NGINX
- NGINX Server Configuration
This article provides a comprehensive guide to configuring NGINX as a reverse proxy and web server for your MediaWiki installation. NGINX is a popular choice due to its high performance, stability, and rich feature set. This guide assumes you have a basic understanding of Linux server administration and networking concepts. We will focus on a typical setup, with considerations for security and performance optimization.
== Understanding the Role of NGINX
NGINX acts as an intermediary between clients (web browsers) and your MediaWiki server. It offers several benefits:
- **Load Balancing:** Distributes traffic across multiple MediaWiki servers for increased capacity and redundancy. See Load balancing for more information.
- **Reverse Proxy:** Hides the internal structure of your server network, enhancing security.
- **Static Content Serving:** Efficiently serves static files (images, CSS, JavaScript) reducing load on the MediaWiki application server.
- **SSL/TLS Termination:** Handles encryption/decryption, freeing up resources on the MediaWiki server. See Secure MediaWiki for SSL configurations.
- **Caching:** Caches frequently accessed content, improving response times.
== Prerequisites
Before beginning, ensure you have:
- A Linux server (e.g., Ubuntu, Debian, CentOS) with root access.
- NGINX installed. Use your distribution’s package manager (e.g., `apt-get install nginx` or `yum install nginx`).
- A working MediaWiki installation. Refer to the Installation guide for details.
- A registered domain name pointing to your server’s IP address. This is crucial for proper operation. See Domain names for more information.
== Basic NGINX Configuration
The main NGINX configuration file is typically located at `/etc/nginx/nginx.conf`. However, it’s best practice to create a separate configuration file for your MediaWiki site within the `/etc/nginx/sites-available/` directory and then symlink it to `/etc/nginx/sites-enabled/`.
Here's a basic configuration example for ` /etc/nginx/sites-available/mediawiki`:
```nginx server {
listen 80; server_name yourdomain.com www.yourdomain.com; # Replace with your domain
root /var/www/mediawiki; # Replace with your MediaWiki installation directory
index index.php;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock; # Adjust PHP version if needed. See PHP Configuration.
}
location ~ /\.ht {
deny all;
}
} ```
Remember to replace `yourdomain.com` with your actual domain name and `/var/www/mediawiki` with the correct path to your MediaWiki installation. The PHP-FPM socket path may also need adjustment based on your PHP version.
== Advanced Configuration and Optimization
Several options can be used to optimize NGINX for MediaWiki.
Caching
NGINX caching can significantly improve performance. Here's an example of configuring caching for static assets:
```nginx location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 30d; add_header Cache-Control "public, max-age=2592000";
} ```
This configuration caches static files for 30 days. Adjust the `expires` value and `Cache-Control` header as needed. See Caching strategies for more details.
SSL/TLS Configuration
To enable HTTPS, you need an SSL certificate. Let's Encrypt provides free certificates. Once you have a certificate, configure NGINX to use it:
```nginx server {
listen 443 ssl; server_name yourdomain.com www.yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; # Replace with your certificate path ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # Replace with your key path
root /var/www/mediawiki; index index.php;
# ... (rest of the configuration as before) ...
}
server {
listen 80; server_name yourdomain.com www.yourdomain.com; return 301 https://$host$request_uri; # Redirect HTTP to HTTPS
} ```
Performance Tuning
The following table outlines some key NGINX performance tuning parameters:
| Parameter | Description | Default Value | Recommended Value |
|---|---|---|---|
| `worker_processes` | Number of worker processes. | 1 | Number of CPU cores |
| `worker_connections` | Maximum number of connections per worker process. | 512 | 1024 (or higher, depending on server resources) |
| `keepalive_timeout` | Timeout for keep-alive connections. | 60s | 75s |
| `client_max_body_size` | Maximum allowed size for client request body. | 1m | 10m (or higher, if you allow large file uploads) |
Adjust these parameters based on your server’s hardware and traffic patterns. See NGINX performance tuning for a more in-depth discussion.
== Security Considerations
- **Firewall:** Configure a firewall (e.g., `ufw`, `firewalld`) to only allow traffic on ports 80 (HTTP) and 443 (HTTPS). See Firewall configuration.
- **Regular Updates:** Keep NGINX and your operating system up-to-date with the latest security patches.
- **Disable Server Signature:** Hide the NGINX version number in error pages by adding `server_tokens off;` to your NGINX configuration.
- **Limit Access to Sensitive Files:** Restrict access to configuration files and log files.
== Troubleshooting
| Problem | Possible Solution |
|---|---|
| 502 Bad Gateway | PHP-FPM is not running or is misconfigured. Check PHP-FPM logs. Ensure the `fastcgi_pass` directive points to the correct socket. |
| 504 Gateway Timeout | NGINX is timing out while waiting for a response from MediaWiki. Increase `proxy_read_timeout` and `proxy_connect_timeout` in your NGINX configuration. |
| MediaWiki files not loading | Incorrect `root` directive in your NGINX configuration. Verify the path to your MediaWiki installation directory. |
If you encounter issues, examine the NGINX error logs (typically located at `/var/log/nginx/error.log`) for clues. Also, check the PHP-FPM logs for PHP-related errors. Consult the Debugging guide for advanced troubleshooting techniques.
== Important Links
- MediaWiki
- Installation guide
- PHP Configuration
- Secure MediaWiki
- Load balancing
- Caching strategies
- NGINX performance tuning
- Firewall configuration
- Debugging guide
- Domain names
- Server Hardware
- Reverse Proxy
- SSL Certificates
- NGINX documentation
- PHP-FPM documentation
Intel-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Core i7-6700K/7700 Server | 64 GB DDR4, NVMe SSD 2 x 512 GB | CPU Benchmark: 8046 |
| Core i7-8700 Server | 64 GB DDR4, NVMe SSD 2x1 TB | CPU Benchmark: 13124 |
| Core i9-9900K Server | 128 GB DDR4, NVMe SSD 2 x 1 TB | CPU Benchmark: 49969 |
| Core i9-13900 Server (64GB) | 64 GB RAM, 2x2 TB NVMe SSD | |
| Core i9-13900 Server (128GB) | 128 GB RAM, 2x2 TB NVMe SSD | |
| Core i5-13500 Server (64GB) | 64 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Server (128GB) | 128 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Workstation | 64 GB DDR5 RAM, 2 NVMe SSD, NVIDIA RTX 4000 |
AMD-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Ryzen 5 3600 Server | 64 GB RAM, 2x480 GB NVMe | CPU Benchmark: 17849 |
| Ryzen 7 7700 Server | 64 GB DDR5 RAM, 2x1 TB NVMe | CPU Benchmark: 35224 |
| Ryzen 9 5950X Server | 128 GB RAM, 2x4 TB NVMe | CPU Benchmark: 46045 |
| Ryzen 9 7950X Server | 128 GB DDR5 ECC, 2x2 TB NVMe | CPU Benchmark: 63561 |
| EPYC 7502P Server (128GB/1TB) | 128 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/2TB) | 128 GB RAM, 2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/4TB) | 128 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/1TB) | 256 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/4TB) | 256 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 9454P Server | 256 GB RAM, 2x2 TB NVMe |
Order Your Dedicated Server
Configure and order your ideal server configuration
Need Assistance?
- Telegram: @powervps Servers at a discounted price
⚠️ *Note: All benchmark scores are approximate and may vary based on configuration. Server availability subject to stock.* ⚠️