Without www — www redirect will be added automatically
Your Nginx config will appear here
Fill in the fields and click Generate// build nginx server blocks without the guesswork
Generate production-ready Nginx server blocks for static sites, reverse proxies, and PHP-FPM setups. Free, browser-based, no sign-up required.
Your Nginx config will appear here
Fill in the fields and click GenerateSelect Static Site, Reverse Proxy, PHP-FPM, or WordPress preset.
Enter your domain, document root or proxy URL, and PHP socket if needed.
Enable SSL, gzip, security headers, and caching as needed, then click Generate.
Copy the config to clipboard or download as a file, then drop it into /etc/nginx/sites-available/.
This tool generates production-ready Nginx server block configuration files. Instead of memorising every directive, fill in a form and get a complete, commented config you can deploy immediately.
Generated configs follow community best practices — proper SSL settings, security headers, gzip tuning, and static file caching rules.
Save it to /etc/nginx/sites-available/example.com, then enable it with sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/ and reload Nginx with sudo nginx -t && sudo systemctl reload nginx.
Yes. When SSL is enabled, the generated config uses the standard Let's Encrypt certificate paths (/etc/letsencrypt/live/yourdomain/). Run certbot --nginx -d yourdomain.com first to obtain the certificates before activating the config.
For PHP 8.2 on Ubuntu/Debian, the default is /run/php/php8.2-fpm.sock. For PHP 8.1 use php8.1-fpm.sock. Alternatively, some setups use TCP: 127.0.0.1:9000.
Absolutely. Enter your Node.js server URL (e.g. http://127.0.0.1:3000) in the Proxy Pass field. The config includes proper proxy_set_header directives so your app receives the real client IP and protocol.
When "Security Headers" is enabled, the config adds: X-Frame-Options SAMEORIGIN, X-Content-Type-Options nosniff, X-XSS-Protection, Referrer-Policy strict-origin-when-cross-origin, and Permissions-Policy.
A separate server block is generated that listens for www.yourdomain.com and issues a 301 permanent redirect to the non-www version. This consolidates link equity and avoids duplicate content.
Yes. The generated config is standard Nginx and works on any Linux distribution. The only distro-specific detail is the PHP-FPM socket path — adjust this to match your PHP version and OS if needed.
The configs follow common best practices, but always review before deploying. Run sudo nginx -t to validate syntax. For high-traffic or sensitive environments, consider additional tuning of worker processes, buffer sizes, and timeouts.
An Nginx Config Generator is a tool that builds ready-to-use Nginx server block configuration files from a simple form. Instead of writing directives by hand — and hunting through documentation for the right syntax — you fill in your domain, select a preset, and get a complete, commented configuration file in seconds.
Nginx is the world's most popular web server and reverse proxy, powering over 30% of all websites. Its configuration language is powerful but can be unforgiving: a single misplaced semicolon or an incorrect location block can break your site. This generator eliminates that friction for the most common setups.
💡 Looking for web development assets? MonsterONE offers unlimited downloads of server panel UI kits, admin templates, and DevOps dashboards — worth checking out.
A static site server block is the simplest Nginx setup. It serves HTML, CSS, JavaScript, and image files directly from a directory on disk without executing any application code. This is the fastest possible configuration — Nginx reads a file and sends it, with no database queries, no PHP execution, and no application overhead.
Static sites built with generators like Hugo, Gatsby, Next.js (exported), Eleventy, or Jekyll all benefit from this configuration. The generated block includes proper try_files directives for clean URLs, MIME type detection, and optionally aggressive browser caching for versioned assets.
A reverse proxy configuration sits in front of an application server — Node.js, Python (Gunicorn/uWSGI), Ruby (Puma), Go, or any process that listens on a port — and forwards HTTP requests to it. Nginx handles SSL termination, compression, and rate limiting, while your application focuses on business logic.
This pattern is used by virtually every production deployment of modern web apps. Nginx adds the X-Real-IP, X-Forwarded-For, and X-Forwarded-Proto headers so your application knows the client's real IP and protocol. WebSocket upgrades are also included for real-time apps.
PHP-FPM (FastCGI Process Manager) is the standard way to run PHP with Nginx. Unlike Apache's mod_php, PHP-FPM is a separate process that communicates with Nginx via a Unix socket or TCP connection. This separation gives you independent process management, better performance, and the ability to run multiple PHP versions on the same server.
The generated config includes the correct fastcgi_pass directive pointing to your PHP-FPM socket, proper SCRIPT_FILENAME and SCRIPT_NAME FastCGI parameters, and fastcgi_index index.php for clean URL handling. Common security practices like blocking access to .htaccess files are included by default.
WordPress requires a specific Nginx configuration to handle its permalink structure. By default, all requests that don't match a file on disk should be passed to index.php — this is how WordPress's routing works. The generated config includes the famous try_files $uri $uri/ /index.php?$args; pattern, plus rules to block access to sensitive files like wp-config.php and XML-RPC.
The WordPress preset also includes separate handling for the /wp-admin/ area and static asset caching for wp-content/uploads, striking the right balance between performance and correctness.
When SSL is enabled, the generator outputs a configuration that uses TLS 1.2 and 1.3 only, dropping insecure older protocols. The cipher suite list prioritises ECDHE key exchange for forward secrecy. The ssl_session_cache and ssl_session_timeout directives reduce handshake overhead for repeat visitors.
Certificate paths follow the Let's Encrypt / Certbot convention: /etc/letsencrypt/live/yourdomain.com/fullchain.pem and privkey.pem. Run certbot --nginx -d yourdomain.com to obtain free certificates before deploying the SSL configuration.
Gzip compression reduces the size of HTTP responses sent to browsers, typically achieving 60–80% reduction for text-based content. The generated config enables gzip for HTML, CSS, JavaScript, JSON, XML, SVG, and font files, while correctly skipping binary formats like images and videos that are already compressed.
The gzip_min_length 1000 directive avoids compressing very small responses where the overhead outweighs the savings. gzip_vary on adds the Vary: Accept-Encoding header so CDNs and proxies cache both compressed and uncompressed versions correctly.
HTTP security headers are a low-cost, high-impact way to protect your users. The generator adds:
Static assets like images, fonts, CSS, and JavaScript files rarely change. By setting aggressive Cache-Control and Expires headers, you instruct browsers and CDNs to cache these files locally. The generated config sets a 365-day expiry for common static types, and adds the immutable directive for versioned assets where appropriate.
Combined with a CDN or a build pipeline that fingerprints filenames (like Webpack or Vite), this approach delivers near-instant repeat page loads for returning visitors.
After generating your config:
/etc/nginx/sites-available/yourdomain.comsudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/sudo nginx -tsudo systemctl reload nginxOn CentOS/RHEL systems, drop the file into /etc/nginx/conf.d/ directly instead of using the sites-available convention.