Visiolist Nginx Proxy Server Setup Debian 8


Active Member
License Active
So after hours and more hours of testing i got it to work!

I will try to tell you what i did, i am sorry for my Bad english but i would like to share it with you. Maybe a bigger site like to use it :) I will just show wich conf i did created and using right now maybe i will update this post with more details why i did what.

Right now i am using 3 small VPS (SSD) servers to run my Visiolist setup, first one is the Proxy server, the second is the webserver and last but not least the database server.

What are doing the Serves:

Proxy-Server: accepting the user connection, handles out the SSL connection, and cache all static files (wich he got gzipped form webserver)

Web-Server: Running the Visiolist installation with php5-fpm, gzip all outgoing static files

DB-Server: Only for the Database :p

Yes of course the database server is not needed as extra server, but i use this server already for other webservers so why not ^^

Proxy Server:

Create new vhost:


and adding this:
proxy_cache_path /tmp/nginx/my_zone levels=1:2 keys_zone=my_zone:10m inactive=60m;

server {

    listen 80;


    access_log /var/log/nginx/example-access.log;
    error_log /var/log/nginx/example-error.log;

    #Let's Encrypt
    include certbot/certbot.conf;

    location / {
        return 301$request_uri;

server {
    listen      443 ssl http2;


if ($host = '' ) {
          rewrite  ^/(.*)$$1  permanent;

    access_log /var/log/nginx/example-access.log;
    error_log /var/log/nginx/example-error.log;

    include certbot/tls.conf;
    #ssl_certificate    /etc/letsencrypt/live/;
    #ssl_certificate_key /etc/letsencrypt/live/;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;

        proxy_set_header Host;

        ### Cache Static Files
        proxy_cache my_zone;
        add_header X-Proxy-Cache $upstream_cache_status;

Link the new Vhost:
ln -s /etc/nginx/sites-available/ /etc/nginx/sites-enabled/
Do NOT reload the Nginx it will fail because of a missing file!

Creating Cert:
Frist we need the Certbot from

apt-get install certbot -t jessie-backports
Now we need a new file for nginx /etc/nginx/certbot/certbot.conf and adding this:
location ~ /.well-known {
    allow all;
    root /var/www;
Create new dir for the Cache:
mkdir /tmp/nginx/my_zone

Now we can reload our nginx

service nginx reload
Next step is to create our SSL cert for our Domain:
certbot certonly --webroot -w /var/www -d
After creating we are deleting the '#' before ssl_certificate and ssl_certificate in /etc/nginx/sites-available/

Please reload your the your Nginx

service nginx reload

We are done with our Proxy Server =)

Web Server:

Please create new User example for our PHP .socket

Create new php5-FPM instanz



listen = /var/run/php5-fpm/
listen.backlog = -1
listen.owner = www-data = www-data

; Unix user/group of processes
user = example
group = www-data

; Choose how the process manager will control the number of child processes.
pm = dynamic
pm.max_children = 75
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 20
pm.max_requests = 500

; Pass environment variables
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
Now we create a new file: /etc/nginx/expires.conf
# Expire rules for static content

# No default expire rule. This config mirrors that of apache as outlined in the
# html5-boilerplate .htaccess file. However, nginx applies rules by location,
# the apache rules are defined by type. A consequence of this difference is that
# if you use no file extension in the url and serve html, with apache you get an
# expire time of 0s, with nginx you'd get an expire header of one month in the
# future (if the default expire rule is 1 month). Therefore, do not use a
# default expire rule with nginx unless your site is completely static

# cache.appcache, your document html and data
location ~* \.(?:manifest|appcache|html?|xml|json|php)$ {
  expires -1;

# Feed
location ~* \.(?:rss|atom)$ {
  expires 1h;

# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
  expires 1M;
  access_log off;
  add_header Cache-Control "public";

# CSS and Javascript
location ~* \.(?:css|js)$ {
  expires 1m;
  access_log off;

Create new vhost:

server {
    real_ip_header X-Real-IP;
    real_ip_recursive on;

listen 80;


  root /var/www/;

  index index.php index.html;

  access_log /var/log/nginx/;
  error_log /var/log/nginx/;

  # ADD Expire Header
  include expires.conf;

  try_files $uri @rewrite;

  location ~ \.php$ {
    fastcgi_param HTTPS on;
    fastcgi_pass unix:/var/run/php5-fpm/;
    fastcgi_index index.php;
    include /etc/nginx/fastcgi.conf;

  location @rewrite {
    rewrite  ^/join/$ /index.php?a=join last;
    rewrite  ^/user_cpl/$ /index.php?a=user_cpl last;
    rewrite  ^/stats/(.*)/$ /index.php?a=stats&u=$1 last;
    rewrite  ^/stats/$ /index.php?a=stats last;
    rewrite  ^/details/(.*)/$ /index.php?a=details&u=$1 last;
    rewrite  ^/overall-stats/$ /index.php?a=details last;
    rewrite  ^/lost_pw/$ /index.php?a=lost_pw last;
    rewrite  ^/review/(.*)/$ /index.php?a=rate&u=$1 last;
    rewrite  ^/reviews/(.*)/$ /index.php?a=details&u=$1&all_reviews=1 last;

    rewrite  ^/category/(.*)/$ /index.php?cat=$1 last;

    rewrite ^/forward/(.*)/ /index.php?a=forward&u=$1 last;
    rewrite ^/out/(.*)/ /index.php?a=out&u=$1&go=1 last;
    rewrite ^/top100/(.*)/ /index.php?cat=$1 last;

    rewrite ^/rank/(.*)/(.*)/top100/(.*)/ /index.php?start=$1&method=$2&cat=$3 last;
    rewrite ^/rank/(.*)/top100/(.*)/ /index.php?method=$1&cat=$2 last;
    rewrite ^/rank/(.*)/(.*)/ /index.php?start=$1&method=$2 last;
    rewrite ^/rank/(.*)/ /index.php?method=$1 last;

    rewrite ^/search/(.*)/(.*)/ /index.php?a=search&start=$1&q=$2 last;
    rewrite ^/search/(.*)/ /index.php?a=search&q=$1 last;
    rewrite ^/search/ /index.php?a=search last;
    rewrite ^/lastsites/ /index.php?a=lastsites last;
    rewrite ^/page/(.*)/ /index.php?a=page&id=$1 last;

    rewrite ^/lastsites/ /index.php?a=lastsites last;

    rewrite ^/callback-guide/ /index.php?a=callback last;


Please don't forget to set set_real_ip_from; here you need to add the Proxy Server IP-Adress!

And now if i didn't forget anything you should restart/reload your nginx (webserver) and install your Visiolist on your Webserver :)

I will try to add the next days more detailed information, but not today sitting here already to long :D

Last edited: