Nabeel Javed nabeeljaved

Let's Encrypt

SSH as root into the server

ssh root@SERVER_IP_ADDRESS

Install Certbot

wget https://dl.eff.org/certbot-auto

Moved to git repository: https://github.com/denji/nginx-tuning

NGINX Tuning For Best Performance

For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.

Generally, properly configured nginx can handle up to 400K to 500K requests per second (clustered), most what i saw is 50K to 80K (non-clustered) requests per second and 30% CPU load, course, this was 2 x Intel Xeon with HyperThreading enabled, but it can work without problem on slower machines.

You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.

	This page collects hints how to improve the security of nginx web servers running on Linux or UNIX-like operating systems.

	Default Config Files and Nginx Port

	/usr/local/nginx/conf/ or /etc/nginx/– The nginx server configuration directory and /usr/local/nginx/conf/nginx.conf is main configuration file.
	/usr/local/nginx/html/ or /var/www/html– The default document location.
	/usr/local/nginx/logs/ or /var/log/nginx – The default log file location.
	Nginx HTTP default port : TCP 80
	Nginx HTTPS default port : TCP 443
	You can test nginx configuration changes as follows:

	FROM golang:1.7

	# Set go bin which doesn't appear to be set already.
	ENV GOBIN /go/bin

	# build directories
	RUN mkdir /app
	RUN mkdir /go/src/app
	ADD . /go/src/app
	WORKDIR /go/src/app



	Add your database connection settings to protected/config/console.php.

	Run yiic migrate create initial to create the stub code for the migration.

	Copy contents of this gist to protected/commands/InitialDbMigrationCommand.php.

	Run yiic initialdbmigration 'name_of_your_database' > initial_migration.php to generate up() and down() methods for initial database migration.

	#!/usr/bin/env bash
	#
	# Nginx - new server block

	# Functions
	ok() { echo -e '\e[32m'$1'\e[m'; } # Green
	die() { echo -e '\e[1;31m'$1'\e[m'; exit 1; }

	# Variables
	NGINX_AVAILABLE_VHOSTS='/etc/nginx/sites-available'

	sudo -i


	apt-get update
	apt-get install \
	apache2-dev \
	autoconf \
	automake \
	build-essential \
	bzip2 \

	# post_loc.txt contains the json you want to post
	# -p means to POST it
	# -H adds an Auth header (could be Basic or Token)
	# -T sets the Content-Type
	# -c is concurrent clients
	# -n is the number of requests to run in the test
	# add -l key to accept dynamic response length (see this). Otherwise there were lots of failed requests.
	# copied from https://gist.github.com/kelvinn/6a1c51b8976acf25bd78

	ab -p post_loc.txt -T application/json -H 'Authorization: Token abcd1234' -l -c 10 -n 2000 http://example.com/api/v1/locations/

	#!/bin/sh

	set -e
	set -x

	for package in $(npm -g outdated --parseable --depth=0 \| cut -d: -f3)
	do
	npm -g install "$package"
	done