You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+24-24Lines changed: 24 additions & 24 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,28 +2,28 @@
2
2
3
3
**.htaccess for nginx** enables the [nginx](https://nginx.org/en/) high performance webserver to deal with `.htaccess` files.
4
4
5
-
`.htaccess` files are mainly used for access control and URL rewrite instructions and are widely known across the web community. Originally designed for [Apache](https://www.apache.org/), there is no native implementation available for nginx. While there is a [legitimate reason for this](https://www.nginx.com/resources/wiki/start/topics/examples/likeapache-htaccess/), there would be huge practical benefit if nginx was able to support this.
5
+
`.htaccess` files are mainly used for access control and URL rewrite instructions and are widely known across the web community. Originally designed for [Apache](https://www.apache.org/), there is no native implementation available for nginx. While there is a [legitimate reason for this](https://www.nginx.com/resources/wiki/start/topics/examples/likeapache-htaccess/), there would be huge practical benefit if nginx was able to support this.
6
6
7
7
**.htaccess for nginx** is efficient and elegant, using micro caching and various performance tweaks right out of the box. It is effortless in its installation and usage. The plugin's deeply integrated approach is ideal for webhosters, who are looking for mixed technology solutions using only nginx and nothing else.
8
8
9
9
## Stop using Apache
10
10
11
-
*Apache is slow.
12
-
*Apache is wasting resources.
13
-
*Compared to nginx, Apache is poorly and inconsistently designed.
14
-
*Apache's monolithic design prevents it from scaling properly, while nginx is capable of handling tens of thousands of simultaneous connections with ease.
15
-
*Switching to nginx heavily improves performance, efficiency and security.
11
+
* Apache is slow.
12
+
* Apache is wasting resources.
13
+
* Compared to nginx, Apache is poorly and inconsistently designed.
14
+
* Apache's monolithic design prevents it from scaling properly, while nginx is capable of handling tens of thousands of simultaneous connections with ease.
15
+
* Switching to nginx heavily improves performance, efficiency and security.
16
16
17
17
## Reasons for .htaccess in nginx
18
18
19
19
When using nginx, there are many **legitimate reasons** to support `.htaccess` files.
20
20
21
-
***Mixed technology.** Imagine using NodeJS and PHP side by side, running on one stable nginx webserver. When dealing with customer webspace, using Apache and nginx together (one proxying the other) is possible, however this adds unnecessary layers of redundancy and heavily wastes valuable server resources.
22
-
***Ease of use.** Everybody knows how to use `.htaccess` files. As pf January 2020, [more than 24% of all active websites](https://web.archive.org/web/20200130141042/https://news.netcraft.com/archives/2020/01/21/january-2020-web-server-survey.html) are still run on Apache and thus capable of utilizing `.htaccess` files. If nginx had a way to support this feature, this number would be going down significantly, making the web faster.
23
-
***Legacy.** Just use your old code, without worrying if someone could access a protected directory inside any library you just forgot to handle in your nginx config.
24
-
***Plug and play.** No need to convert `.htaccess` files for nginx and fix all the errors, rant about unsupported or oddly mixed up auto-generated config goo coming from a random online converter.
25
-
***Justified.** Apache performs multiple file reads anyway, so .htaccess for nginx cannot make it worse than Apache, right? In fact, with our built-in micro caching mechanism both, CPU and I/O load are reduced drastically compared to Apache's implementation.
26
-
***For webhosters.** Today, webhosters still need to provide an interface for their customers to change certain aspects of their webserver's behaviour. The decades long and proven `.htaccess` file does just that.
21
+
***Mixed technology.** Imagine using NodeJS and PHP side by side, running on one stable nginx webserver. When dealing with customer webspace, using Apache and nginx together (one proxying the other) is possible, however this adds unnecessary layers of redundancy and heavily wastes valuable server resources.
22
+
***Ease of use.** Everybody knows how to use `.htaccess` files. As of January 2020, [more than 24% of all active websites](https://web.archive.org/web/20200130141042/https://news.netcraft.com/archives/2020/01/21/january-2020-web-server-survey.html) are still run on Apache and thus capable of utilizing `.htaccess` files. If nginx had a way to support this feature, this number would be going down significantly, making the web faster.
23
+
***Legacy.** Just use your old code, without worrying if someone could access a protected directory inside any library you just forgot to handle in your nginx config.
24
+
***Plug and play.** No need to convert `.htaccess` files for nginx and fix all the errors, rant about unsupported or oddly mixed up auto-generated config goo coming from a random online converter.
25
+
***Justified.** Apache performs multiple file reads anyway, so .htaccess for nginx cannot make it worse than Apache, right? In fact, with our built-in micro caching mechanism both, CPU and I/O load are reduced drastically compared to Apache's implementation.
26
+
***For webhosters.** Today, webhosters still need to provide an interface for their customers to change certain aspects of their webserver's behaviour. The decades long and proven `.htaccess` file does just that.
27
27
28
28
29
29
## Performance
@@ -35,23 +35,23 @@ Physical memory usage of this plugin is insanely low, under 10 KB for each nginx
35
35
36
36
## Requirements
37
37
38
-
*Debian or Fedora environment
39
-
*`nginx` v1.19+ with Lua module
40
-
*`curl` command-line tool
41
-
*Optional: `htpasswd` utility (`apache2-utils` package) for `.htpasswd` hashing functions (required for Basic HTTP Authentication)
42
-
*Optional: `getent` utility (`libc-bin` package) for hostname lookups (e.g. `Deny from _domainname.tld_`)
38
+
* Debian or Fedora environment
39
+
*`nginx` v1.19+ with Lua module
40
+
*`curl` command-line tool
41
+
* Optional: `htpasswd` utility (`apache2-utils` package) for `.htpasswd` hashing functions (required for Basic HTTP Authentication)
42
+
* Optional: `getent` utility (`libc-bin` package) for hostname lookups (e.g. `Deny from _domainname.tld_`)
43
43
44
44
45
45
## Installation
46
46
47
47
1. Install nginx (with the [Lua module](https://github.com/openresty/lua-nginx-module) if you don't already have it) and luajit.
48
48
1. Debian: `apt-get install nginx luajit`
49
-
1. Fedora: `yum install nginx luajit`
50
-
1. uild and install the plugin into an appropriate directory accessible by the nginx process, e.g.,
49
+
2. Fedora: `yum install nginx luajit`
50
+
2. Build and install the plugin into an appropriate directory accessible by the nginx process, e.g.,
1. Add the following configuration to the nginx `http {}` context:
54
+
3. Add the following configuration to the nginx `http {}` context:
55
55
```nginx
56
56
http {
57
57
...
@@ -60,7 +60,7 @@ Physical memory usage of this plugin is insanely low, under 10 KB for each nginx
60
60
}
61
61
```
62
62
This represents a caching system, used on a short-term per-request basis. `.htaccess` lines are usually cached as values forless than 100 milliseconds, but keptin memory as long as there are active connections. You can choose to assign any other memory amount to it, although 16 MB should be more than enough.
63
-
1. Configure the nginx `server {}` context(s) to use the plugin:
63
+
4. Configure the nginx `server {}` context(s) to use the plugin:
64
64
```nginx
65
65
server {
66
66
...
@@ -300,9 +300,9 @@ Variables not listed below are not supported.
300
300
301
301
## Tips
302
302
303
-
*This plugin tries to make things as secure as possible. **Wherever an unclear situation occurs, access will be denied** to prevent unintended access, e.g. if unsupported, security-critical directives are being used (HTTP 500 response). Unsupported, non-security-related directives will be ignored.
304
-
*Global configuration within your `http {}` context is technically possible. However, you are encouraged to use this plugin only in the `server {}` contexts that will need it.
305
-
*To make your life easier, you can create a config snippet and include it in the `server {}` config:
303
+
* This plugin tries to make things as secure as possible. **Wherever an unclear situation occurs, access will be denied** to prevent unintended access, e.g. if unsupported, security-critical directives are being used (HTTP 500 response). Unsupported, non-security-related directives will be ignored.
304
+
* Global configuration within your `http {}` context is technically possible. However, you are encouraged to use this plugin only in the `server {}` contexts that will need it.
305
+
* To make your life easier, you can create a config snippet and include it in the `server {}` config:
0 commit comments