Windows Server installation requirements
This article outlines the technical prerequisites, environment dependencies, and recommended best practices for installing Ninox on Windows Server
Note: First set up a Windows Server environment. You will find a step-by-step guide in Get started with Windows Server. Once all requirements are met, continue with On-Premises Setup Guide for Windows.
1. System requirements
Operating system
- Windows Server 2008 or newer
Minimum hardware
- 4 GB RAM
- 2 vCores
- 100 Mbit network connection
- 120 MB free space for installation files
- 10 GB free space for application data
- The exact requirement depends on your use case. We recommend a scalable storage solution.
2. Environment dependencies
- DNS name for the server
- Open port — default 80 or 443 (other ports can be configured)
- HTTP(S) connectivity from client to server
- SSL certificate (
.p12
/.pfx
) — with or without passphrase- The passphrase is stored in
server-config.json
as plain text.
- The passphrase is stored in
- SMTP server — optional authentication
3. Recommendations
- Use SSD storage for Ninox data.
- Implement a two-layer backup strategy:
- VM snapshots
- File-system incremental backups of the data directory
- Plan a fail-over strategy.
4. Network configuration
Ninox client/server communication uses HTTP(S). The following conditions must be met:
- Clients must reach the Ninox server via HTTPS over TCP/IP.
- The server’s DNS name (or the first component that terminates the client connection) must reliably resolve to the server IP.
- Static IP addresses are strongly recommended; avoid DynDNS.
- If clients connect from both internet and intranet, they must use the same address/DNS name.
5. Deployment scenarios
Simple setup
Client → HTTPS → Server
The server exposes an HTTPS port on the internet or a private network.
Forward-proxy setup
Client → HTTPS → Forward Proxy → HTTPS → Server
DMZ setup (recommended)
Client → HTTPS → Reverse Proxy → HTTP → Server
In a DMZ, the reverse proxy terminates all client connections.
Benefits of a DMZ configuration
- Centralized certificate management on the reverse proxy
- Added security through traffic inspection
Reverse-proxy requirements
- Allowed HTTP methods:
POST
,GET
,PUT
,PATCH
,DELETE
,OPTIONS
,HEAD
- TCP timeout > 60 seconds
- No URL rewriting — Ninox cannot run under a sub-path
- Supports parallel connections (at least 2 concurrent TCP connections per active client)
6. Configuration file
Edit the server-config.json
file in the installation directory. For a sample, see sample configuration file.
Note: Ensure the file is valid UTF-8-encoded JSON without proprietary UTF-8 headers.
Tip: Do not use Windows Notepad. Use Notepad++ or another code editor instead.