|
| 1 | +.htaccess for nginx |
| 2 | +=================== |
| 3 | + |
| 4 | +**.htaccess for nginx** enables [nginx](https://nginx.org/en/) high performance webserver to deal with `.htaccess` files. |
| 5 | + |
| 6 | +`.htaccess` files are mainly used for access control and URL rewrite instructions and are widely known across the web community. Originally designed for [Apache](https://www.apache.org/), there is no native implementation available for nginx. |
| 7 | + |
| 8 | +**.htaccess for nginx** is efficient and elegant, using micro caching and various performance tweaks right out of the box. It is effortless in its installation and usage. The plugin's deeply integrated approach is ideal for webhosters, who are looking for mixed technology solutions using only nginx and nothing else. |
| 9 | + |
| 10 | +Stop Using Apache |
| 11 | +----------------- |
| 12 | + |
| 13 | +* Apache is slow. |
| 14 | +* Apache is wasting resources. |
| 15 | +* Compared to nginx, Apache is poorly and inconsistently designed. |
| 16 | +* Apache's monolithic design prevents it from scaling properly, while nginx is capable of handling tens of thousands of simultaneous connections with ease. |
| 17 | +* Switching to nginx heavily improves performance, efficiency and security. |
| 18 | + |
| 19 | +* * * |
| 20 | + |
| 21 | +Reasons for .htaccess in nginx |
| 22 | +------------------------------ |
| 23 | + |
| 24 | +When using nginx, there are many **legitimate reasons** to support `.htaccess` files. |
| 25 | + |
| 26 | +* **Mixed technology.** Imagine using NodeJS and PHP side by side, running on one stable nginx webserver. When dealing with customer webspace, using Apache and nginx together (one proxying the other) is possible, however this adds unnecessary layers of redundancy and heavily wastes valuable server resources. |
| 27 | +* **Ease of use.** Everybody knows how to use `.htaccess` files. [January 2020, more than 24% of all active websites out there are still run by Apache's webserver](https://web.archive.org/web/20200130141042/https://news.netcraft.com/archives/2020/01/21/january-2020-web-server-survey.html), capable of utilizing `.htaccess` files. If nginx had a way to support this feature, this number would be going down significantly, making the web faster. |
| 28 | +* **Legacy.** Just use your old code, without worrying if someone could access a protected directory inside any library you just forgot to handle in your nginx config. |
| 29 | +* **Plug'n'play.** No need to convert `.htaccess` files for nginx and fix all the errors, rant about unsupported or oddly mixed up auto-generated config goo coming from a random online converter. |
| 30 | +* **Justified.** Apache performs multiple file reads anyway, so .htaccess for nginx cannot make it worse than Apache, right? In fact, with our built-in micro caching mechanism both, CPU and I/O load are reduced drastically compared to Apache's implementation. |
| 31 | +* **For webhosters.** Today, webhosters still need to provide an interface for their customers to change certain aspects of their webserver's behaviour. The decades long and proven `.htaccess` file does just that. |
| 32 | + |
| 33 | +* * * |
| 34 | + |
| 35 | +Performance |
| 36 | +----------- |
| 37 | + |
| 38 | +**.htaccess for nginx is incredibly lightweight and fast!** It is writting from ground up with performance optimizations in mind. Even with low-end hardware it **adds less than 1 millisecond to your response time**, also for quite complex rewrite structures with server variables. |
| 39 | + |
| 40 | +Physical **memory usage** of this plugin is insanely low, just **less than 10 KB** for each nginx worker process, and it doesn't increase with more requests. |
| 41 | + |
| 42 | +* * * |
| 43 | + |
| 44 | +Requirements |
| 45 | +------------ |
| 46 | + |
| 47 | +* Unix environment |
| 48 | +* `nginx` with Lua module |
| 49 | +* `curl` command-line tool |
| 50 | + |
| 51 | +### Optional Dependencies |
| 52 | + |
| 53 | +* `htpasswd` utility (`apache2-utils` package) for .htpasswd hashing functions (required for Basic HTTP Authentication) |
| 54 | +* `getent` utility (`libc-bin` package) for hostname lookups (e.g. `Deny from _domainname.tld_`) |
| 55 | + |
| 56 | +* * * |
| 57 | + |
| 58 | +Installation |
| 59 | +------------ |
| 60 | + |
| 61 | +* Install nginx **with Lua module**: `apt-get install nginx` |
| 62 | +* Install [Lua](https://www.lua.org/download.html): `apt-get install lua5.2` |
| 63 | +* Save this plugin directory into `/etc/nginx/`, so that you can access `/etc/nginx/htaccess-for-nginx/htaccess.lua` |
| 64 | +* Add the following configuration to your `http {}` context: `lua_shared_dict htaccess 16m;` |
| 65 | +* Configure your hosts (within the `server {}` context): `rewrite_by_lua_file /etc/nginx/htaccess-for-nginx/htaccess.lua;` |
| 66 | + |
| 67 | +### Hints and Common Practice |
| 68 | + |
| 69 | +* Depending on your operating system, the installation process may vary. |
| 70 | +* Make sure to have **Lua version 5.2** installed on your system. |
| 71 | +* You can clone this repository to any directory of your choice. Just make sure to adjust the paths accordingly. |
| 72 | +* If you don't set the `lua_shared_dict` setting in `http {}`, this plugin will refuse to work. It represents a caching system, used on a short-term per-request basis. Values (`.htaccess` lines) are usually cached less than 100 milliseconds, but kept in memory as long as there are active connections. You can choose to assign any other memory amount to it, although 16 MB should be more than enough. |
| 73 | +* ⚠️ Note that global configuration within your `http {}` context is technically possible. However, if you want to keep the good nginx performance for your new, non-legacy projects, you are **highly encouraged** to use this plugin in `server {}` context only. |
| 74 | +* To make your life easier, just create a config snipped and write e.g. `include snippets/htaccess.conf` in the `server {}` config. |
| 75 | + |
| 76 | +* * * |
| 77 | + |
| 78 | +Usage — Testing it |
| 79 | +------------------ |
| 80 | + |
| 81 | +Create an `.htaccess` file in a directory of your host with the following content: |
| 82 | + |
| 83 | +`Order deny,allow |
| 84 | +Deny from all` |
| 85 | + |
| 86 | +When trying to access a file inside this directory through your browser, access should be denied by receiving an `HTTP 403` response. |
| 87 | + |
| 88 | +* * * |
| 89 | + |
| 90 | +Supported Features |
| 91 | +------------------ |
| 92 | + |
| 93 | +**We compiled a [complete list of implemented `.htaccess` directives and variables](https://htaccess-for-nginx.com/features).** |
| 94 | + |
| 95 | +This plugin tries to make things as secure as possible. **Wherever an unclear situation occurs, access will be denied** to prevent unintended access, e.g. if unsupported, security-critical directives are being used (HTTP 500 response). Unsupported, non-security-related directives will be ignored. |
| 96 | + |
| 97 | +* * * |
| 98 | + |
| 99 | +_Roadfamily LLC |
| 100 | +412 N Main St 100 |
| 101 | +Buffalo, WY 82834 |
| 102 | +USA_ |
| 103 | + |
| 104 | +[**📱 24/7 Support** via WhatsApp: +60-13-8675656](https://wa.me/60138675656) |
0 commit comments