diff --git a/VMess-Websocket-TLS-Web (nginx)/README.md b/VMess-Websocket-TLS-Web (nginx)/README.md
new file mode 100644
index 0000000..36f216a
--- /dev/null
+++ b/VMess-Websocket-TLS-Web (nginx)/README.md	
@@ -0,0 +1,13 @@
+# VMess: WebSocket + TLS + Web (nginx)
+
+来自[新 V2Ray 白话文指南](https://guide.v2fly.org/advanced/wss_and_web.html)的WebSocket+TLS+Web配置，使用nginx作为服务器。
+
+配置文件中的以下字段需要替换：
+
+- `V2RAY_PORT`：任意有效的端口，只在`127.0.0.1`监听。
+- `V2RAY_UUID`：VMess的UUID。
+- `PATH`：WS请求的路径，形如`/nginx`等的字符串。
+- `DOMAIN_NAME`：你的域名。
+- `CERT`：TLS证书。
+- `KEY`：TLS的Key。
+
diff --git a/VMess-Websocket-TLS-Web (nginx)/config_client.json b/VMess-Websocket-TLS-Web (nginx)/config_client.json
new file mode 100644
index 0000000..56f5027
--- /dev/null
+++ b/VMess-Websocket-TLS-Web (nginx)/config_client.json	
@@ -0,0 +1,58 @@
+{
+    "log": {
+        "loglevel": "warning"
+    },
+    "routing": {
+        "domainStrategy": "AsIs",
+        "rules": [
+            {
+                "ip": [
+                    "geoip:private"
+                ],
+                "outboundTag": "direct",
+                "type": "field"
+            }
+        ]
+    },
+    "inbounds": [
+        {
+            "port": 1080,
+            "protocol": "socks",
+            "settings": {
+                "auth": "noauth",
+                "udp": true
+            },
+            "tag": "socks"
+        }
+    ],
+    "outbounds": [
+        {
+            "protocol": "vmess",
+            "sendThrough": "0.0.0.0",
+            "settings": {
+                "vnext": [
+                    {
+                        "address": DOMAIN_NAME, //你的域名。
+                        "port": 443,
+                        "users": [
+                            {
+                                "alterId": 64,
+                                "id": V2RAY_UUID, //VMess的UUID。
+                                "level": 0,
+                                "security": "auto",
+                                "testsEnabled": "none"
+                            }
+                        ]
+                    }
+                ]
+            },
+            "streamSettings": {
+                "network": "ws",
+                "security": "tls",
+                "wsSettings": {
+                    "path": PATH //WS请求的路径，形如`/nginx`等的字符串。
+                }
+            }
+        }
+    ]
+}
diff --git a/VMess-Websocket-TLS-Web (nginx)/config_server.json b/VMess-Websocket-TLS-Web (nginx)/config_server.json
new file mode 100644
index 0000000..6c68b77
--- /dev/null
+++ b/VMess-Websocket-TLS-Web (nginx)/config_server.json	
@@ -0,0 +1,31 @@
+{
+    "log": {
+        "loglevel": "warning"
+    },
+    "inbounds": [
+        {
+          "port": `V2RAY_PORT`, //任意有效的端口，只在`127.0.0.1`监听。
+          "listen":"127.0.0.1",
+          "protocol": "vmess",
+          "settings": {
+            "clients": [
+              {
+                "id": V2RAY_UUID, //VMess的UUID。
+                "alterId": 64
+              }
+            ]
+          },
+          "streamSettings": {
+            "network": "ws",
+            "wsSettings": {
+            "path": PATH //WS请求的路径，形如`/nginx`等的字符串。
+            }
+          }
+        }
+      ],
+    "outbounds": [
+        {
+            "protocol": "freedom"
+        }
+    ]
+}
diff --git a/VMess-Websocket-TLS-Web (nginx)/nginx.conf b/VMess-Websocket-TLS-Web (nginx)/nginx.conf
new file mode 100644
index 0000000..e39f640
--- /dev/null
+++ b/VMess-Websocket-TLS-Web (nginx)/nginx.conf	
@@ -0,0 +1,107 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+	worker_connections 768;
+	# multi_accept on;
+}
+
+http {
+
+	##
+	# Basic Settings
+	##
+
+	sendfile on;
+	tcp_nopush on;
+	types_hash_max_size 2048;
+	# server_tokens off;
+
+	# server_names_hash_bucket_size 64;
+	# server_name_in_redirect off;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	##
+	# SSL Settings
+	##
+
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
+	ssl_prefer_server_ciphers on;
+
+	##
+	# Logging Settings
+	##
+
+	access_log /var/log/nginx/access.log;
+	error_log /var/log/nginx/error.log;
+
+	##
+	# Gzip Settings
+	##
+
+	gzip on;
+
+	# gzip_vary on;
+	# gzip_proxied any;
+	# gzip_comp_level 6;
+	# gzip_buffers 16 8k;
+	# gzip_http_version 1.1;
+	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+	##
+	# Virtual Host Configs
+	##
+
+	include /etc/nginx/conf.d/*.conf;
+	include /etc/nginx/sites-enabled/*;
+
+	server {
+		listen 80;
+
+		# 你的域名
+		server_name DOMAIN_NAME;
+		return 301 https://$server_name$request_uri;
+	}
+
+	server {
+		listen 443 ssl;
+		listen [::]:443 ssl;
+
+		# TLS证书
+		ssl_certificate CERT;
+		# TLS的Key
+		ssl_certificate_key KEY;
+		ssl_session_timeout 1d;
+		ssl_session_cache shared:MozSSL:10m;
+		ssl_session_tickets off;
+
+		ssl_protocols TLSv1.2 TLSv1.3;
+		ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+		ssl_prefer_server_ciphers off;
+
+		# 你的域名
+		server_name DOMAIN_NAME;
+
+		location PATH {
+			if ($http_upgrade != "websocket" ) {
+				return 404;
+			}
+
+			proxy_redirect off;
+			# 任意有效的端口，只在`127.0.0.1`监听
+			proxy_pass http://127.0.0.1:V2RAY_PORT;
+			proxy_http_version 1.1;
+			proxy_set_header Upgrade $http_upgrade;
+			proxy_set_header Connection "upgrade";
+			proxy_set_header Host $host;
+
+			# Show real IP in v2ray access.log
+			proxy_set_header X-Real-IP $remote_addr;
+			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		}
+	}
+}
\ No newline at end of file