NGINX Minimal Configuration
A secure server is one that allows only as much as what is needed. Ideally, we would build a server based on a minimal system by enabling additional features individually. Doing with a minimal configuration is also helpful in debugging. If the error is not available in the minimal system, features are added individually and the search for the error goes on.
Here is the minimal configuration needed to run nginx:
Root, location and try_files directives
The root directive is used to set the root directory for requests, allowing nginx to map the incoming request onto the file system.
It allows nginx to return server content according to the request:
The location directive is used to set the configuration depending on the requested URI (Uniform Resource Identifier).
The syntax is:
When no modifier is given, the path is treated as a prefix, after which anything can follow. The above example will match:
We can also use multiple location directives in a given context:
Nginx also provides a few modifiers which can be used in conjunction with the location directive.
Modifier has assigned precedence:
First of all, nginx will check for any exact matches. If it does not exist, it will look for preferential ones. If this match also fails, regex matches will be tested in the order of their appearance. If everything else fails, the last prefix match will be used.
This directive tries different paths and will return whichever is found.
So /foo.html will try to return files in the following order:
If we define try_files in a server context, and then define a location that finds all requests, our try_files will not be executed. This happens because try_files in the server context defines its pseudo-location, which is the least specific location possible. Hence, defining location / will be more specific than our pseudo-location.
Thus, we should avoid try_files in a server context: