Web Servers: Configuration, Security, and Performance

Web servers are the front door to every internet-facing application. Getting the configuration right -- from TLS termination to reverse proxying to database connectivity -- is essential for security, reliability, and speed.

This hub collects production-ready guides for the two dominant web servers, their supporting infrastructure, and the databases that back them.

Web Server Configuration

Topic Description Guide
Nginx Server blocks, proxy_pass, SSL, gzip, and tuning Nginx Guide
Apache VirtualHosts, mod_rewrite, MPMs, and .htaccess Apache Guide

TLS and Encryption

Topic Description Guide
SSL/TLS Setup Certbot, cipher suites, HSTS, OCSP stapling SSL/TLS Setup

Traffic Management

Topic Description Guide
Reverse Proxy and Load Balancing Upstream blocks, algorithms, health checks, WebSocket Reverse Proxy & Load Balancing

Optimization and Hardening

Topic Description Guide
Performance Tuning Workers, compression, caching, CDN, benchmarking Performance Tuning
Web Security Security headers, rate limiting, WAF, fail2ban Web Security

Data Tier

Topic Description Guide
Database Administration MySQL and PostgreSQL install, backups, basic tuning Database Admin

Choosing Between Nginx and Apache

Criteria Nginx Apache
Architecture Event-driven, async Process/thread-based (MPM)
Static file serving Extremely fast Fast with sendfile
.htaccess support No (by design) Yes
Dynamic modules Limited (load at compile or since 1.9.11) Extensive, loaded at runtime
Reverse proxy First-class Via mod_proxy
Memory usage Lower under high concurrency Higher per connection

Both are production-grade. Nginx is typically preferred for reverse proxying and high-concurrency workloads; Apache for legacy applications that depend on .htaccess or specific modules.

Prerequisites

Guides assume a Debian/Ubuntu or RHEL-family system. Commands for both package managers are provided where they differ. A registered domain name and DNS access are needed for the SSL/TLS guide.

Navigate back to the cb.vu home page or pick a guide above to get started.

Explore Web Servers

Nginx Configuration: From Zero to Production

Nginx guide: installation, server blocks, location directives, SSL, proxy_pass, caching, and production hardening.

Apache HTTP Server: Configuration and Virtual Hosts

Apache guide: installation, virtual hosts, .htaccess, mod_rewrite, SSL, MPM tuning, and security configuration.

SSL/TLS for Web Servers: HTTPS Configuration and Optimization

Web server SSL/TLS guide: certificate installation, HTTPS configuration, HSTS, OCSP stapling, and TLS optimization.

Reverse Proxy and Load Balancing with Nginx

Nginx reverse proxy and load balancing: upstream configuration, health checks, SSL termination, and WebSocket proxying.

Web Server Performance Tuning and Caching

Web server performance guide: connection tuning, gzip, Brotli, browser caching, CDN integration, and benchmarking.

Web Server Security: Headers, Rate Limiting, and WAF

Web server security: HTTP security headers, rate limiting, ModSecurity WAF, DDoS mitigation, and access control.

Linux Database Administration: MySQL and PostgreSQL Basics

Database administration guide: MySQL and PostgreSQL installation, user management, backups, replication, and performance tuning.