← Back to Dev Tools

Nginx Config Wizard

Reverse proxy · Redirects · Load balancer · SSL · Headers — zero syntax errors, production ready.

Placement: Add inside your server { } block, before location /. Run nginx -t to test, then systemctl reload nginx.
File: Place the upstream block outside the server { } block, inside http { }. Place proxy_pass inside your location / { }.
Let's Encrypt: Run certbot --nginx -d yourdomain.com to auto-obtain and configure. Or paste this config and certbot will patch the cert paths automatically.
Tip: Save to a file like security-headers.conf and include in your server block: include /etc/nginx/snippets/security-headers.conf;

Common Nginx Pitfalls

Most Nginx errors come from a small set of recurring mistakes. The wizard handles these automatically — here's what it avoids for you.

Missing proxy_set_header Host

Without forwarding the Host header, your backend sees Nginx's internal address instead of the real domain — breaking virtual hosting and apps that use $_SERVER['HTTP_HOST'].

Redirect Loops

Happens when your HTTP→HTTPS redirect is inside the same server block listening on 443, or when proxy and redirect rules overlap. The wizard separates these into distinct blocks.

WebSocket 101 Errors

Nginx won't upgrade WebSocket connections unless you explicitly set Upgrade and Connection headers. Enable the WebSocket option to get these automatically.

Upstream Block Placement

The upstream block must be inside http { } but outside server { }. Placing it inside a server block causes a cryptic parse error.

SSL Certificate Paths

Let's Encrypt paths follow the pattern /etc/letsencrypt/live/domain/fullchain.pem. Using cert.pem instead of fullchain.pem breaks chain validation for some clients.

Test Before Reload

Always run nginx -t before systemctl reload nginx. A bad config on reload can take your site down; the test flag catches errors without applying them.