Nginx Explained: How to Set Up a Web Server from Scratch

Table of Contents

1. What Is Nginx and How Does It Work?
2. Why Learning Nginx Matters for Developers and System Administrators
3. How to Set Up Nginx as a Web Server: Step-by-Step
4. Common Questions — Nginx Web Server
5. Conclusion: Nginx Mastery Opens Infrastructure Doors

Nginx powers over 34% of all websites on the internet — more than any other web server software. It serves static files at blistering speed, acts as a reverse proxy in front of application servers, terminates SSL/TLS connections, and handles load balancing across multiple backend servers. Originally created to solve the C10K problem (handling 10,000 simultaneous connections), Nginx has become the backbone of modern web infrastructure. Whether you are hosting a personal website, a self-hosted application, or building production infrastructure, understanding Nginx is a foundational skill. This guide takes you from zero to a fully functioning, secure web server configuration.

What Is Nginx and How Does It Work?

Nginx (pronounced “engine-x”) is a high-performance, open-source web server and reverse proxy. Unlike Apache’s process-per-connection model, Nginx uses an event-driven, asynchronous architecture. A small number of worker processes handle thousands of connections simultaneously through non-blocking I/O — this is why Nginx consumes minimal memory even under heavy load.

Nginx serves multiple roles depending on deployment context. As a web server, it serves static content (HTML, CSS, JavaScript, images) directly from disk. As a reverse proxy, it sits in front of application servers (Node.js, Python/Django, PHP-FPM, Java) and forwards requests to them, hiding the backend complexity from clients. As a load balancer, it distributes incoming requests across multiple backend servers for horizontal scaling. Most production deployments use Nginx in multiple roles simultaneously.

Nginx vs. Apache: Which Should You Use?

Apache and Nginx are both excellent, but they have different strengths. Apache uses a thread-per-connection model with a rich module ecosystem and supports .htaccess per-directory configuration. Nginx’s event-driven architecture makes it more efficient under high concurrency and consumes less memory. For serving static files or as a reverse proxy at scale, Nginx is generally faster. For shared hosting environments where per-directory configuration is needed, Apache’s .htaccess support is convenient. Many production setups use both: Nginx in front as a reverse proxy, Apache behind handling PHP applications.

Why Learning Nginx Matters for Developers and System Administrators

• Universal Deployment Target: Whether you deploy to AWS, DigitalOcean, your own VPS, or a home server, Nginx is the near-universal choice for web serving and proxying. Understanding it makes you effective across virtually all infrastructure environments.
• SSL/TLS Termination: Nginx handles HTTPS encryption efficiently, allowing backend application servers to run plain HTTP internally — simplifying application code and centralizing certificate management.
• Performance at Scale: A single Nginx instance on modest hardware can handle tens of thousands of concurrent connections. Knowing how to tune it properly is a high-value operations skill.
• Security Layer: Nginx can enforce rate limiting, IP allowlisting/denylisting, authentication, and request filtering before traffic ever reaches your application — reducing attack surface significantly.

Nginx is central to many of the server setups covered in our How-To section — explore it for related practical tutorials.

How to Set Up Nginx as a Web Server: Step-by-Step

Step 1 — Install Nginx

On Ubuntu/Debian, install Nginx with apt. On CentOS/RHEL, use dnf. After installation, start Nginx, enable it to start at boot, then verify by visiting your server’s IP address in a browser — you should see the Nginx welcome page.

sudo apt update && sudo apt install nginx -y

sudo systemctl start nginx

sudo systemctl enable nginx

On CentOS/RHEL, use:

sudo dnf install nginx -y

Step 2 — Understand the Configuration Structure

Nginx configuration lives in /etc/nginx/. The main file is nginx.conf, which includes server blocks from /etc/nginx/sites-available/. The pattern is: create a configuration file in sites-available, then symlink it to sites-enabled to activate it. This allows you to enable and disable sites without deleting their configurations.

Step 3 — Create a Server Block for Your Site

Create a new file at /etc/nginx/sites-available/yourdomain.com. A basic static site configuration defines a server block listening on port 80, sets server_name yourdomain.com www.yourdomain.com, sets root /var/www/yourdomain.com/html to point to your site files, and defines index index.html. Enable it with the symlink command below.

sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/

Step 4 — Set Up as a Reverse Proxy

To proxy traffic to a backend application running on port 3000, add a location / block with proxy_pass http://localhost:3000. Include standard proxy headers: proxy_set_header Host $host, proxy_set_header X-Real-IP $remote_addr, and proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for. This passes the real client IP to your application rather than the proxy’s local address.

Step 5 — Configure HTTPS with Let’s Encrypt

Install Certbot with the Nginx plugin, then run it to obtain a free SSL certificate and automatically configure HTTPS. Certbot will also redirect HTTP traffic and install a cron job for automatic certificate renewal.

sudo apt install certbot python3-certbot-nginx -y

sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

Step 6 — Test and Reload Configuration

Always test your Nginx configuration before reloading. If it reports “syntax is ok” and “test is successful,” apply the changes with reload. Reload (not restart) applies configuration changes without dropping existing connections — critical for production servers.

sudo nginx -t

sudo systemctl reload nginx

Step 7 — Configure Rate Limiting and Basic Security

Add rate limiting to protect against brute-force attacks and DDoS. Define a limit zone in the http block, then apply it in your location blocks. Also set server_tokens off to hide the Nginx version number from HTTP response headers.

In the http block of nginx.conf, add:

limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;

Then in your location blocks, apply the limit:

limit_req zone=mylimit burst=20 nodelay;

The official Nginx documentation is the authoritative reference for all configuration directives and is exceptionally well-organized for both beginners and advanced users.

Common Questions — Nginx Web Server

What is a reverse proxy and why would I use Nginx as one?

A reverse proxy sits between clients and your backend servers, forwarding client requests to the appropriate backend and returning the response. Using Nginx as a reverse proxy centralizes SSL termination, enables load balancing, hides backend server details from clients, allows URL rewriting, and lets you run multiple web applications on different paths or subdomains behind a single IP address and port 443. It is the standard architecture for production web deployments.

How do I host multiple websites on one Nginx server?

Create separate server block configuration files for each website in /etc/nginx/sites-available/, each with its own server_name directive specifying its domain. Nginx uses the Host header in incoming requests to route traffic to the correct server block. Enable each site by symlinking it to sites-enabled. This is called virtual hosting and is how a single server can handle dozens of different domains simultaneously.

How do I troubleshoot Nginx when it is not working?

Start by checking for configuration syntax errors:

sudo nginx -t

Check the error log at /var/log/nginx/error.log for detailed error messages. Run the commands below to inspect the service status and recent systemd journal entries, then verify firewall rules are not blocking ports 80 and 443.

sudo systemctl status nginx

sudo journalctl -u nginx -n 50

sudo ufw status

What is the difference between Nginx Open Source and Nginx Plus?

Nginx Open Source is the free, open-source version that covers virtually all use cases for individuals and most organizations. Nginx Plus is a commercial version from F5 (which acquired Nginx) that adds real-time monitoring dashboards, advanced load balancing algorithms, dynamic configuration without reloads, and commercial support. For personal projects and typical business deployments, Nginx Open Source is entirely sufficient.

Conclusion: Nginx Mastery Opens Infrastructure Doors

Three essential takeaways from this Nginx guide:

• Always test configuration changes with nginx -t before applying them — a syntax error in production causes immediate downtime.
• Use Certbot with Let’s Encrypt to enable HTTPS automatically and for free — there is no reason to run any public web server without SSL in 2026.
• The reverse proxy pattern — Nginx in front, your application behind — is the foundation of scalable, secure web architecture and worth understanding deeply.

Nginx is a deep tool with extensive configuration possibilities. Continue your learning with our How-To tutorials for specific Nginx use cases, and explore Deep Dive articles covering performance tuning, security hardening, and advanced load balancing configurations.

---

See also: DevOps and IT Operations: Complete Guide for Developers in 2026 — browse all Dev / IT Ops articles on Hubkub.

Related Articles

• Git Automation: How to Set Up CI/CD Pipelines for Personal Projects
• Platform Engineering 2026: Why 80% of Teams Are Adopting It
• Why Internal Developer Portals Are Dominating DevOps in 2026

Last Updated: April 13, 2026