Using WHM, NGINX and Varnish on your E-Commerce Platform
Anthony Bakewell-Smith
General Manager at Challenge Power Transmission (Ningbo)
Overview and Background
WHM/CPanel is convenient graphical interface software used to simplify the security and management of web-based servers.?It is a system I have grown up using for over 20 years and it simplifies the daily/weekly and monthly management tasks that I perform to keep web services running.
Although it saves a lot of time with its simplification of common configuration tasks, one major issue I have faced with modern web applications is the need to use some of the unique NGINX engine features.?CPanel/WHM by default runs on APACHE and CENTOS and it is only recently that WHM has added NGINX support through its BETA/Experimental system, which is still not a stable release.
On a recent project I had the requirement of running our front-end system using VARNISH caching.?VARNISH is an excellent fast caching system that is now used in several frameworks.?It does suffer from one major drawback however which is its inability to decrypt SSL traffic (i.e. https).??
VARNISH is a cache system that sits between the website that a user views and the server’s website engine, in WHM’s case this is APACHE.?VARNISH can manage traffic that is not encrypted i.e. http through port 80, but encrypted traffic over https (port 443) is missed or causes an error.?This basically renders VARNISH useless on WHM unless you leave the user website unencrypted and leave the warnings for the user to see in the browser.?This greatly diminishes the users trust and experience.
This is where you can turn to some of the unique features contained within NGINX.?NGINX can operate as an internal proxy, decrypting and encrypting the HTTPS/SSL traffic and passing this date internally on the server and then back to the users web browser.?Using NGINX at the front of a WHM/APACHE server that uses VARNISH would give this traffic flow;
As we can see, by using NGINX we can perform our required data flow, but it is not supported on WHM so what can you do?
Thankfully a small team has developed FREE software called ENGINTRON (https://engintron.com) that brings NGINX to WHM in a stable release, but more admirably, it also includes an excellent system for managing NGINX along with a fast micro caching system to combat heavy traffic loads.
On paper this looks like the perfect solution, but after some research I found a comment from the developers which said that they do not support using VARNISH with ENGINTRON;
“Engintron does not work with Varnish out of the box, it requires changes to the default ports used and configured automatically. So it's out of the scope of the support I can provide for you, sorry”
The point of this article…
Undeterred by the developers answer to my requirements, I worked through the ENGINTRON config and found a simple configuration that allows NGINX to pass its unencrypted data to VARNISH.?Here is the simple solution.
1) Edit default.conf
Change the listening port from 80 to an unused port number i.e. 8081. WARNING; make sure to block this port on the server’s firewall otherwise you leave an open proxy.
2) Edit proxy_params_common
At the top of this config file add the code;
if ($PROXY_DOMAIN_OR_IP ~ mydomainoripetc.com) {
领英推荐
set $PROXY_SCHEME http;
set $PROXY_TO_PORT 80;
}
Note; you can also use subdomains i.e. sub.mydomainoripetc.com
3) Setup all your IP’S or Domains
Repeat step 2 for all the domains, sub domains and IP's that you would like to VARNISH
4) Configure your ports
This is the configuration for the ports that I personally use;
NGINX
http – 8081 (Listen) -> 8080 – Block port 8081 on the server firewall
https - 443 (Listen) -> 80 (via the code I show in proxy_params_common) otherwise,
https – 443 (Listen) -> 8443
VARNISH
http 80 (Listen) -> 8080
APACHE
http – 8080 (Listen)
https – 8443 (Listen)
Conclusion
With the rise in demand of e-commerce platforms and a strain on company budgets, I hope this article shows how simple it is to set up your server requirements for an e-commerce solution.?The platform we chose to use was Magento (which is FREE) and already has a configuration built in for using VARNISH.?Once caching was introduced, we saw our page load time drop from 10 seconds down to 2 seconds, which is a significant improvement for our end user experience and google page rankings.
VARNISH isn't the only technology/software that we use and I may mention these in future articles.
NOTE; Whenever you upgrade ENGINTRON it will reset back to its default values and needs to be quickly re-configured again, as per the above guide.
eCommerce Consultant. Magento Expert. Guaranteed success in your digital business.
1 年well, as of today whm already offers nginx
--
1 年Hello, Is there a more detailed instruction for Magento. All path information is missing. Where can I find the proxy_params_common ? Where do the ports have to be configured, which file?
Director at Distinctive
3 年Hey, great article and trying to follow the last step in WHM, wheres best to "Configure your ports"? Thanks!