Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
- HTTP/1.x Protocol
- Understanding request and response formats
- Analyzing HTTP conversations using tcpdump and Wireshark
- Examining HTTP headers within a web browser
- Sending requests via CURL
- Overview of common headers
- Concepts of request pipelining
- Content length and chunked encoding
- Understanding MIME types
- Nginx Installation
- Installing Nginx from Debian packages
- Exploring Nginx variants available in Debian and Ubuntu
- Compiling and installing Nginx from source
- Starting the Nginx service
- Upgrading Nginx installations
- Using Nginx as a Static File Server
- Structure of the Nginx configuration file
- Setting up virtual hosts
- Configuring location blocks
- Understanding location lookup order
- Configuring custom error pages
- Implementing redirects
- Various forms of URL rewriting
- Serving a transparent GIF image
- Utilizing internal and named locations
- Overriding default MIME types
- Client-Side Performance Optimization
- Enabling client-side resource caching
- Understanding the Vary: header
- Strategies to minimize request volume
- Implementing keep-alive connections
- Handling dynamic resource changes
- How web frameworks manage static files
- Content Post-Processing
- Gzip compression techniques
- Image scaling strategies
- Access Control
- Restricting file access by IP address
- Implementing geographical restrictions
- Hiding VCS directories and private files
- Setting up basic authentication
- Exploring other authentication methods
- Combining multiple access restrictions
- Creating secure links
- Applying Limits
- Traffic shaping techniques
- Grouping requests for limit purposes
- Rate-limiting incoming requests
- Restricting simultaneous connections
- Configuring Nginx as a Reverse Proxy
- Supported upstream protocols
- Handling self-signed upstream SSL certificates
- Passing parameters to FastCGI and uWSGI backends
- Proxying WebSocket connections
- Utilizing X-Accel-* headers
- Modifying headers received from and sent to upstream servers
- Language-Specific Reverse Proxy Setups
- PHP configurations
- Python configurations
- Ruby configurations
- Nginx as an SSL Terminator
- Generating self-signed SSL certificates
- Obtaining certificates from Let's Encrypt
- Restricting available cipher suites
- Working with SSL session tickets
- Enabling OCSP stapling
- Verifying SSL configuration
- Accepting client-side certificates
- Considerations for HTTP/2
- Load Balancing with Nginx
- Defining upstream groups
- Implementing sticky sessions via ip_hash
- Additional features of Nginx Plus as a load balancer
- Alternatives to Nginx and Nginx Plus
- Placing another Nginx instance behind a load balancer
- Deploying Nginx behind HAProxy or AWS load balancers
- Nginx as a Cache
- Configuring Nginx to cache pages
- Understanding how Nginx interprets standard caching headers
- Tunable cache parameters
- Nginx cache vs. application-level cache
- Methods for clearing the cache
- Deploying Popular Web Applications with Nginx
- The selection of applications is determined by the trainer
- Logging
- Access log and error log file management
- Defining custom log formats
- Tracking slow requests
- Optimizing logging performance
- Implementing log rotation
- Analyzing logs with external programs
- Monitoring Nginx
- Using the Nginx stub status page
- Utilizing the Nginx Plus extended live status page
- Standard metrics plotted and alerted on by monitoring systems
- [Optional] High Availability with Nginx¹
- Deploying identical static content across multiple servers
- Configuration sharing strategies
- Fail-over mechanisms using an elastic/virtual IP address
- Setting up VRRP with Keepalived
- Exploring other high-availability stacks
- Nginx Plus integration with Keepalived
- Common Mistakes and Security Issues Related to Nginx Configuration
- Common Performance Issues
¹ The High Availability section involves a network setup that may trigger intrusion detection systems or requires setting up multiple virtual machines per participant (a requirement not present in other topics). Therefore, it is not provided by default.
Requirements
Participants must be comfortable with the Linux command line and possess a working knowledge of TCP/IP.
21 Hours
Testimonials (1)
The trainer was very knowledgeable and was able to answer most questions that were somewhat outside of the scope of what we needed to cover. He was dynamic, funny and polite.
