Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
- HTTP/1.x protocol
- Structure of requests and responses
- Analyzing HTTP traffic using tcpdump and Wireshark
- Examining HTTP headers within a web browser
- Executing requests with CURL
- Overview of common headers
- Request pipelining
- Understanding content length and chunked encoding
- MIME types
- Installing Nginx
- Installing nginx via Debian packages
- Available nginx variants in Debian and Ubuntu
- Compiling and installing nginx from source
- Starting the nginx service
- Upgrading nginx
- Utilizing Nginx as a Static File Server
- General configuration file structure
- Setting up virtual hosts
- Configuring location blocks
- Understanding location lookup precedence
- Configuring custom error pages
- Setting up redirects
- Implementing URL rewriting
- Serving a transparent GIF image
- Using internal and named locations
- Overriding default MIME types
- Optimizing Client-Side Performance
- Enabling client-side caching of resources
- The role of the Vary: header
- Reducing the number of HTTP requests
- Utilizing keep-alive connections
- Handling resource updates effectively
- How web frameworks manage static files
- Post-Processing Content
- Gzip compression
- Image resizing
- Access Control
- Restricting file access by IP address
- Geographical restrictions
- Securing VCS directories and private files
- Implementing basic authentication
- Exploring other authentication methods
- Combining multiple restrictions
- Generating secure links
- Applying Limits
- Traffic shaping
- Grouping requests for limitation purposes
- Rate-limiting requests
- Restricting simultaneous connections
- Configuring Nginx as a Reverse Proxy
- Supported upstream protocols
- Handling self-signed SSL certificates from upstream
- Passing parameters to FastCGI and uWSGI backends
- Proxying WebSocket connections
- Using X-Accel-* headers
- Modifying headers received from and sent to upstream
- Language-Specific Reverse Proxy Setups
- PHP
- Python
- Ruby
- Nginx as an SSL Terminator
- Generating self-signed SSL certificates
- Obtaining certificates from Let's Encrypt
- Restricting available cipher suites
- Managing session tickets
- OCSP stapling
- Verifying SSL configuration
- Accepting client-side certificates
- HTTP/2 considerations
- Load Balancing with Nginx
- Defining upstream groups
- Implementing sticky sessions using ip_hash
- Advanced features of Nginx Plus for load balancing
- Alternatives to Nginx and Nginx Plus
- Nesting Nginx instances behind a load balancer
- Placing Nginx behind HAProxy or an AWS load balancer
- Configuring Nginx as a Cache
- Instructing nginx to cache pages
- How nginx interprets standard caching headers
- Adjustable cache parameters
- Nginx cache vs. application-level cache
- Clearing the cache
- Deploying Popular Web Applications with Nginx
- The list of applications to be discussed is determined by the trainer
- Logging
- Access and error log files
- Defining custom log formats
- Tracking slow requests
- Optimizing logging performance
- Log rotation
- External log analysis programs
- Monitoring Nginx
- Nginx stub status page
- Nginx Plus extended live status page
- Key metrics monitored and alerted on by typical monitoring systems
- [Optional] High Availability with Nginx¹
- Deploying identical static content to multiple servers
- Sharing configurations
- Failover using an elastic/virtual IP address
- Setting up VRRP with Keepalived
- Other high-availability solutions
- Nginx Plus integration with Keepalived
- Common Mistakes and Security Issues in Nginx Configuration
- Common Performance Issues
¹ The High Availability section involves a network setup that may trigger intrusion detection systems or requires setting up multiple virtual machines per participant (a requirement not needed for other topics). Therefore, it is not provided by default.
Requirements
Participants should be comfortable with the Linux command line and possess a working knowledge of TCP/IP.
21 Hours
Testimonials (1)
The trainer was very knowledgeable and was able to answer most questions that were somewhat outside of the scope of what we needed to cover. He was dynamic, funny and polite.
