Virtual Host Configuration

Virtual hosts allow a single Nginx server to handle multiple domains or ports simultaneously. In production, they are essential when running multiple websites on one server or serving different applications per subdomain.

Name-Based Virtual Host

Differentiates requests coming to the same IP and port by the domain name in the Host header. This is the most common approach.

# /etc/nginx/conf.d/example.com.conf
server {
    listen 80;
    server_name example.com www.example.com;
    root /var/www/example.com;
    index index.html;
    access_log /var/log/nginx/example.com.access.log;
    error_log  /var/log/nginx/example.com.error.log;
    location / {
        try_files $uri $uri/ =404;
    }
}

# /etc/nginx/conf.d/another.com.conf
server {
    listen 80;
    server_name another.com www.another.com;
    root /var/www/another.com;
    index index.html;
    location / {
        try_files $uri $uri/ =404;
    }
}

Port-Based Virtual Host

Differentiates requests coming to the same IP but different ports.

# Port 80 — main site
server {
    listen 80;
    server_name example.com;
    root /var/www/main;
    location / {
        try_files $uri $uri/ =404;
    }
}

# Port 8080 — admin site (internal only)
server {
    listen 8080;
    server_name example.com;
    root /var/www/admin;
    allow 10.0.0.0/8;
    allow 192.168.0.0/16;
    deny all;
    location / {
        try_files $uri $uri/ =404;
    }
}

Subdomain Virtual Hosts

Serve different applications per subdomain like api.example.com and admin.example.com.

server {
    listen 80;
    server_name example.com www.example.com;
    root /var/www/example.com;
    location / { try_files $uri $uri/ =404; }
}

server {
    listen 80;
    server_name api.example.com;
    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

server {
    listen 80;
    server_name admin.example.com;
    root /var/www/admin;
    location / { try_files $uri $uri/ /index.html; }
}

Wildcard Subdomain

Handle all subdomains in a single server block using a wildcard.

server {
    listen 80;
    server_name *.example.com;
    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Host $host;
    }
}

HTTP → HTTPS Redirect

Automatically redirect HTTP requests to HTTPS — essential in production.

# HTTP server — redirect to HTTPS
server {
    listen 80;
    server_name example.com www.example.com;
    return 301 https://$host$request_uri;
}

# HTTPS server — serve actual content
server {
    listen 443 ssl;
    server_name example.com www.example.com;
    ssl_certificate     /etc/ssl/certs/example.com.crt;
    ssl_certificate_key /etc/ssl/private/example.com.key;
    root /var/www/example.com;
    index index.html;
    location / { try_files $uri $uri/ =404; }
}

www → non-www Redirect

server {
    listen 80;
    server_name www.example.com;
    return 301 https://example.com$request_uri;
}

default_server Configuration

Designates the default server block to handle requests that don't match any server_name.

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name _;
    return 444;  # Close connection without response (blocks unknown domains)
}

return 444 closes the TCP connection without sending an HTTP response. Useful for blocking scanners and bots targeting unknown domains.

Enabling/Disabling Virtual Hosts (sites-available / sites-enabled Pattern)

Apache's convention can be applied to Nginx as well.

# Create config
sudo nano /etc/nginx/sites-available/example.com

# Enable via symbolic link
sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/

# Disable (remove link)
sudo rm /etc/nginx/sites-enabled/example.com

# Validate and reload
sudo nginx -t && sudo systemctl reload nginx

Production Example: Multi-Domain + SPA Routing

A pattern for serving React/Vue SPAs with try_files for client-side routing.

server {
    listen 443 ssl;
    server_name app.example.com;
    ssl_certificate     /etc/letsencrypt/live/app.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/app.example.com/privkey.pem;
    root /var/www/react-app/build;
    index index.html;

    # Static assets — cache optimization
    location ~* \.(js|css|png|jpg|gif|ico|woff2|svg)$ {
        expires 1y;
        add_header Cache-Control "public, immutable";
    }

    # API requests — proxy to backend
    location /api/ {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }

    # SPA routing — fallback to index.html for React Router
    location / {
        try_files $uri $uri/ /index.html;
    }
}

Summary

Virtual Host Type	Differentiator	Use Cases
Name-based	Host header (domain)	Multiple domains on one server
Port-based	listen port	Separate admin port, dev/prod separation
Subdomain	Subdomain name	Separate api., admin., app.
Wildcard	*.domain	Dynamic subdomain handling
default_server	No match	Block unknown domain requests

Name-Based Virtual Host​

Port-Based Virtual Host​

Subdomain Virtual Hosts​

Wildcard Subdomain​

HTTP → HTTPS Redirect​

www → non-www Redirect​

default_server Configuration​

Enabling/Disabling Virtual Hosts (sites-available / sites-enabled Pattern)​

Production Example: Multi-Domain + SPA Routing​

Summary​