[TriLUG] Help with proxy setup

[Igor Partola]

Ron,

The only thing I see that I wouldn't do here i the "server_name _" part. I
think you can just omit that, or actually specify the hostnames that this
will serve. Otherwise, looks good to me.

Also, you can certainly do some optimization here if you care to:

1. Tune the number of nginx worker processes and connections per worker
(and the open file limits) to match your processing power
2. Add cache headers bases on request type. For example, you could probably
automatically add something like 30 days expiration on certain static
resources, though obviously be careful not to have users cache stuff that
is bound to change.
3. Enable proxy_cache. This stuff is wonderful. It can be the difference
between 10 and 1000 concurrent users, assuming you can cache the content
you are serving. This is easily the biggest optimization you can add.
4. Add custom error pages.
5. Add HTTPS/TLS, and ditch HTTP. If you are accessing /wp-admin/ over
HTTP, your password is in cleartext on the internet.
6. Add a maintenance page: when a specific HTML file exists on disk, serve
that and a 503 status code. This lets you take sites down for maintenance
nicely.
7. Add some way to normalize/filter the $host variable. This can probably
be done on the backends as well. For example, you might want to add or
remove the "www." prefix.
8. Add gzip compression for textual responses (careful with HTML + gzip +
SSL. There is a recent vulnerability in SSL that can be exploited through
this.)

No problem. Glad I got someone else to use of of my favorite pieces of
software.

Igor