nginx Server Block Builder

Stop copy-pasting nginx configs from old projects. Fill in domain, root, ports, and proxy target; this builder outputs a clean server block with the right directives — TLS configured, gzip enabled, security headers, sane defaults.

Generated config

How to use the nginx Server Block Builder

Pick a preset and customize the form. The generated config goes in /etc/nginx/sites-available/yourdomain.conf, then symlink to sites-enabled and sudo nginx -t && sudo systemctl reload nginx.

Building an nginx server block by hand

Reusing an nginx server block from an old project is how subtle misconfigurations spread — an HSTS header you did not mean to set, HTTP/2 left off, a listen port that does not match your setup. Building one from explicit fields, rather than copy-pasting, makes every directive a deliberate choice and keeps the result clean and predictable.

This builds a server block from a preset (static, reverse proxy, or PHP-FPM) while exposing the knobs that are easy to get wrong one by one: the listen port, HTTPS, HTTP/2, HSTS, and gzip. It overlaps with the nginx config generator — that one is the faster preset-only path, while this gives per-directive control. For rate limiting and request-matching, which sit outside a basic block, see the nginx rate limiter and the nginx rewrite tester.

Common use cases

  • Precise control — set the listen port, HTTP/2, and HSTS explicitly rather than by default.
  • Reverse proxy — forward to a backend with the correct proxy headers in place.
  • TLS termination — terminate HTTPS at nginx with HSTS and HTTP/2 enabled.
  • Static hosting — serve a directory with gzip and sane defaults.
  • Config review — generate a clean baseline to compare an existing block against.

Frequently asked questions

How is this different from the nginx config generator?

Same output type; the nginx config generator is preset-only and quicker, while this exposes the listen port, HTTP/2, and HSTS individually.

How do I enable the block?

Save it in sites-available, symlink into sites-enabled, run nginx -t, then reload nginx.

Does it handle rate limiting?

No — that's a separate concern; use the nginx rate limiter for limit_req zones.

Will it set up the certificate?

No — enable HTTPS here and obtain the certificate separately, typically with certbot.
Embed this tool on your site

Free to embed, no attribution required (but appreciated). Paste this where you want the tool to appear: