A web server is more than "run node app.js." It's reverse proxying, process management, TLS termination, rate limiting, static file caching, and service supervision — all configured in files most developers never open. Click any line below to see what it does and why it matters.
nginx sits in front of the application server, handling TLS, static files, and request routing. The proxy_pass directive forwards dynamic requests to the Node.js upstream while serving static assets directly — keeping the application server free for business logic.
PM2 runs the Node.js application in cluster mode, spawning one process per CPU core. If a process crashes, PM2 restarts it automatically. The exp_backoff_restart_delay prevents restart storms by progressively increasing the delay between restart attempts.
Production servers enforce TLSv1.2+, set Strict-Transport-Security headers, disable content-type sniffing, prevent clickjacking with X-Frame-Options, and rate-limit incoming requests to mitigate brute-force and DDoS attacks.
systemd ensures the application starts on boot and restarts on failure. The Restart=on-failure directive combined with RestartSec=5 provides a reliable process lifecycle without manual intervention — the foundation of self-healing infrastructure.
worker_processes auto matches nginx workers to CPU cores. Gzip compression reduces bandwidth by 60-80% for text content. Static file caching via expires 1y eliminates redundant transfers. Together these directives can 10x a server's effective throughput.
PM2's cluster mode enables rolling restarts — new code is loaded into fresh processes one at a time while old processes finish serving existing requests. Combined with nginx upstream health checks, deployments cause zero dropped connections.