By default, Plesk uses the Apache web server (http://en.wikipedia.org/wiki/Apache_HTTP_Server) to deliver the pages of your website to clients (such as browsers, through which visitors access your website). To achieve better performance, Apache is supplemented with another web server - nginx. You also have the option to use nginx only.
Default web server settings are specified by the server administrator (hosting provider). These settings determine how web servers process various types of files, how they use SSL/TLS, where they store log files, and so on.
However, you (as a website owner) can set up custom web server settings for your website. For example, add a type of the index file, restrict access to the site, and so on.
Note: You can adjust web server settings for your websites if your hosting subscription provides the corresponding permission.
Apache and nginx have certain settings you can customize on the domain level. They are located in Websites & Domains > domain name > Apache & nginx Settings. These settings are divided into two groups:
MIME types match file extensions with file types to instruct web browsers how to handle certain types of files. For example, the following MIME type
instructs the web browser to process all
.txt files as plain text. By default, most common MIME types are already preconfigured. However, if you find that the pages of your website cannot be properly processed by web browsers because you use files with non-standard extensions, you need to configure one or more custom MIME types.
To configure custom MIME types:
Apache handlers instruct the web server how to process files with specific extensions. For example, the following handler
instructs the web server to treat all
.cgi files as cgi scripts. By default, handlers for files with common extensions are already preconfigured. However, if you want to change which handler is used to process files with a specific extension, you need to configure one or more custom handlers.
To configure custom handlers:
You can prevent certain visitors from accessing your website. You can deny access to:
*" character )
Blocked visitors will receive a "403 Forbidden" error message when trying to browse your website.
To configure access to your website:
Whenever a visitor to your website browses a URL requesting a directory instead of a specific file (for example,
www.example.com/example instead of
www.example.com/index.html), Apache looks for an index file to display. By default, Apache looks for the following files (in the order specified):
If all seven files were to be present in a directory, a visitor browsing it would be served the
index.html file. If
index.html were to be missing, Apache would look for the
index.cgi file instead, and so on. If no suitable index file is found, by default, a "403 Forbidden" error is displayed.
Plesk allows you to customize what index files Apache looks for whenever a visitor browses a directory on your website:
index.phpfile by default instead of
hello.php, you can have Apache serve it by default).
To configure the index files:
expires header governs how long web browsers can keep cached copies of your web content before requesting it again from the server. Configuring this header can decrease the server load and speed up your website.
For example, you set the expiration period to 10 days. A visitor browses your website, requesting its
index.html page. The visitor's web browser stores a copy of the page in its cache, and for the next 10 days it would serve the cached copy every time the visitor browses your website. On the eleventh day, if the page is requested again, the browser would request the page again from the server, because the one it stored in the cache is past its expiration date.
When configuring the
expires header for websites featuring dynamic content, we recommend enabling the response with Expires headers for static files only option. Otherwise, all content, including dynamic content, will be stored in the visitors' browsers' cache for the duration of the expiration period. This is not recommended because the dynamic content is, as a rule, updated frequently.
Note: The "Expires" header feature requires that
mod_expires is enabled in Apache.
To configure the "Expires" header:
Note: If nginx is enabled, only files served by Apache will have the expires header. If the Smart static files processing checkbox is selected, which files are treated as static is determined by the Apache and nginx default configurations. If the Serve static files directly by nginx checkbox is selected and any file extensions are specified, nginx only serves the files with the specified extensions.
You can configure additional headers to HTTP responses according to the following pattern:
Name : Value
HTTP response headers contain information about the requested page to instruct web browsers to perform various actions. For example, the following header will protect the visitors to your website against clickjacking:
To configure additional headers:
By default, Apache is allowed to follow symbolic links. If your website does not use symbolic links, we recommend disabling this option as it presents a security risk.
To forbid Apache from following symbolic link:
On Plesk for Linux, you can host websites using a combination of nginx and PHP-FPM. In this case, requests to websites are not passed to Apache but are served by nginx instead. Nginx-only hosting is a solid option for PHP websites, but it is also well-suited for hosting static websites and application servers. You can configure individual websites to be served only by nginx without stopping or disabling Apache, and it does not impact websites hosted using Apache in any way.
Note: Plesk services (for example, Webmail) continue working using Apache and are not affected by switching to nginx-only hosting.
To switch on/off nginx only hosting for a domain:
To revert a domain to Apache+nginx hosting, select the Proxy mode checkbox.
When you switch a domain to nginx-only hosting, you face certain limitations:
By default, on Plesk for Linux servers, nginx and Apache work in tandem, with Apache serving dynamic content and nginx being used as a proxy serving static content. This scheme optimizes the usage of server resources and allows Plesk to serve requests to hosted websites faster. However, Plesk allows you to choose how static content for your websites is to be handled.
This is the default way Plesk for Linux operates. Whenever a request for static content comes in, Apache only indicates the corresponding file's location, and nginx finds and serves it.
To serve all static content via nginx:
If you want, you can have only files with specific extensions to be served as static content by nginx. Other files usually classified as static content are served by Apache. It is important to note that under this scenario, requests for files with the specified extensions never reach Apache at all. Consequently, they do not pass through Apache handlers. This means, for example, that rewrite rules or
.htaccess directives are not applied.
To serve only specific static content via nginx:
Note: Enabling the “Serve static files directly by nginx” option automatically disables the default “Smart static files processing” mode, even if the checkbox of the latter remains selected.
If you want, you can disable nginx and configure Apache to serve all content, both static and dynamic. It can be useful in specific cases, for example, nginx troubleshooting. For production websites, we do not recommend using Apache to handle all content.
To serve all static and dynamic content via Apache:
You can set the value of each parameter either by typing a custom value, or leaving the Default value. In the latter case, Plesk uses the values from the default web server configuration defined by the server administrator (hosting provider).
Your values override the default ones. The only exception is the Deny access to the site setting - IP addresses from the default configuration, as well as the IP addresses specified by you, will all be applied to your website. In case of a conflict (for example, when you allow the IP address that is denied in the default configuration), Apache uses your settings.