BuyWhere
← Back to documentation

nginx-config

Nginx Configuration for US Launch

Overview

Nginx configuration for api.buywhere.ai with performance optimizations for US launch.

Key Configurations

Gzip Compression

gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_min_length 256;
gzip_types
    application/json
    application/javascript
    application/xml
    application/xml+rss
    text/css
    text/javascript
    text/plain
    text/xml;

Rate Limiting

limit_req_zone $binary_remote_addr zone=api_limit:10m rate=30r/s;

# Applied per location:
limit_req zone=api_limit burst=60 nodelay;

Security Headers

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;

HTTP/2

HTTP/2 is enabled on port 443: listen 443 ssl http2;

Verification

Test with:

curl -I https://api.buywhere.ai

Expected headers:

  • Content-Encoding: gzip (for compressed responses)
  • Strict-Transport-Security
  • X-Frame-Options, X-Content-Type-Options, X-XSS-Protection

Deployment

Configuration file: /home/paperclip/buywhere-api/nginx.conf

After deployment, validate: nginx -t Reload: nginx -s reload