Nginx
Features
- Admin site
- Object-relational mapper
- Authentication
- Caching
HTTP : Hypertext Transfer Protocol
Why Use Nginx with Django?
- Reverse Proxy: Nginx can serve as a reverse proxy, forwarding client requests to a Django application server and serving responses back to the client.
- Static and Media File Handling: Nginx can serve static and media files more efficiently than Django’s built-in server.
- Load Balancing: Nginx can distribute incoming traffic across multiple instances of your Django application.
- Security and Performance: Nginx can handle SSL/TLS termination, provide rate limiting, and improve overall performance through caching and compression.
Installation
sudo apt update
sudo apt install nginxStart
sudo systemctl start nginxStatus
sudo systemctl status nginxStop
sudo systemctl stop nginxReload
sudo nginx -s reloadDefault html file in
cd /var/www/html Nginx
cd /etc/nginx/sites-enablesCreate a new configuration file for your Django project in /etc/nginx/sites-available/
sudo nano /etc/nginx/sites-available/myprojectAdd the following basic configuration
server {
listen 80;
server_name example.com www.example.com; # Replace with your domain
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /path/to/your/static/files; # Replace with your static files path
}
location /media/ {
root /path/to/your/media/files; # Replace with your media files path
}
location / {
include proxy_params;
proxy_pass http://unix:/path/to/your/project.sock; # Replace with your socket file path
}
}
server_name: Replace with your domain name.root: Set the paths to your static and media files.proxy_pass: This should point to your application server (e.g., Gunicorn) using a Unix socket or an IP address and port.
Allow http port to device
Oracle
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80 -j ACCEPTLink the Configuration and Test Nginx
Link your configuration file to the sites-enabled directory
sudo ln -s /etc/nginx/sites-available/<myproject> /etc/nginx/sites-enabledTest the Nginx configuration for syntax errors
sudo nginx -tIf the test is successful, reload Nginx
sudo systemctl reload nginxServing Static and Media Files
For production, Django doesn’t serve static files; Nginx handles them. Set up Django to collect all static files into a single directory
In settings.py
STATIC_URL = '/static/'
STATIC_ROOT = '/path/to/your/static/files'
MEDIA_URL = '/media/'
MEDIA_ROOT = '/path/to/your/media/files'Run the command to collect static files
python manage.py collectstaticDjango: Using Gunicorn with Nginx
Gunicorn is a WSGI HTTP server for Python applications. To use Gunicorn with Nginx
Securing Your Django Project with Nginx
SSL/TLS: Use Let’s Encrypt to obtain a free SSL/TLS certificate and configure Nginx to use HTTPS.
Security Headers: Add security headers like Content-Security-Policy, X-Content-Type-Options, X-Frame-Options, and X-XSS-Protection to enhance security.
Rate Limiting: Implement rate limiting to protect your site from brute force attacks.
Optimizing Performance
- Caching: Use Nginx to cache static files and other resources.
- Compression: Enable gzip compression in Nginx to reduce the size of responses.
Monitoring and Logging
Nginx provides extensive logging capabilities. Configure access and error logs for monitoring
access_log /var/log/nginx/myproject_access.log;
error_log /var/log/nginx/myproject_error.log;
Using Nginx with Django can significantly improve your project’s performance, scalability, and security. Make sure to test your configuration thoroughly before deploying it to production.
Serving Static and Media Files
Gunicorn does not serve static or media files in production. Use a web server like Nginx to handle static files and reverse proxy requests to Gunicorn
Example Nginx configuration in
/etc/nginx/sites-available/todo
server {
listen 80;
server_name your_domain_or_IP;
location / {
proxy_pass http://unix:/path/to/your/project/gunicorn.sock;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /static/ {
alias /path/to/your/project/static/;
}
location /media/ {
alias /path/to/your/project/media/;
}
}
Example Django Project
server {
listen 80;
server_name 172.22.251.200;
location /static/ {
alias /home/ben-24/Example_project/django_todo_postgres/static/;
}
location / {
# include proxy_params;
proxy_pass http://unix:/home/ben-24/Example_project/django_todo_postgres/gunicorn.sock;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Link the site
sudo ln -s /etc/nginx/sites-available/todo /etc/nginx/sites-enabledAllow http port to device
Oracle
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80 -j ACCEPTEdit nginx.conf
in `/etc/nginx/nginx.conf
user root;
worker_processes auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log;
include /etc/nginx/modules-enabled/*.conf;## main
worker_processes auto;
error_log /path/to/error error;
http {
server {
listen 80;
server_name mydomain.com ww.mydomain.com;
location / {
root /path/to/folder;
index index.html
}
}
}```nginx http { server { listen 443 ssl; server_name mydomain.com www.mydomain.com;
location / {
root /path/to/folder;
index index.html
}
ssl_sertification /path/to/certificate;
ssl_certification_key /path/to/key;
server {
listen 80;
server_name mydomain.com www.mydomain.com;
return 301 https://$server_name$request_uri;
}}
```nginx ## main worker_processes auto;
error_log /path/to/error error;
http { server { listen 443 ssl; server_name mydomain.com www.mydomain.com;
location /static {
alias /path/to/root;
}
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
ssl_sertification /path/to/certificate;
ssl_certification_key /path/to/key;
server {
listen 80;
server_name mydomain.com www.mydomain.com;
return 301 https://$server_name$request_uri;
}}