Advertisement
Guest User

Untitled

a guest
Oct 31st, 2015
122
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.51 KB | None | 0 0
  1. user www-data;
  2. worker_processes auto;
  3. error_log /var/log/nginx/nginx_eroors.log;
  4. pid /var/run/nginx.pid;
  5. worker_rlimit_nofile 8192;
  6.  
  7. events {
  8. worker_connections 8192;
  9. multi_accept on;
  10. }
  11.  
  12. http {
  13. ##LOG CUSTOM
  14. #log_format compression '$remote_addr - $remote_user [$time_local] ' '"$request" $status ' '"$http_referer" "$http_user_agent" ';
  15. log_format main '$remote_addr - $remote_user [$time_local] $request '
  16. '"$status" $body_bytes_sent "$http_referer" '
  17. '"$http_user_agent" "$http_x_forwarded_for" "$gzip_ratio"'
  18. ' "$connection" "$connection_requests" "$request_time"';
  19.  
  20. client_max_body_size 256m;
  21.  
  22. more_set_headers "Server: nginx linuxiarz.pl";
  23. sendfile on;
  24. tcp_nopush on;
  25. tcp_nodelay on;
  26. types_hash_max_size 100240;
  27. #upload_progress uploads 1m;
  28.  
  29. vhost_traffic_status_zone;
  30.  
  31. access_log /var/log/nginx/global_access.log;
  32. error_log /var/log/nginx/global_errors.log;
  33.  
  34. # server_names_hash_bucket_size 64;
  35. # server_name_in_redirect off;
  36.  
  37. include /etc/nginx/mime.types;
  38. default_type application/octet-stream;
  39.  
  40.  
  41. ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
  42. #ssl_prefer_server_ciphers on;
  43. upload_progress uploads 1m;
  44.  
  45.  
  46. keepalive_timeout 8;
  47. keepalive_requests 1000;
  48. lingering_time 20s;
  49. lingering_timeout 5s;
  50. keepalive_disable msie6;
  51.  
  52. gzip on;
  53. gzip_vary on;
  54. gzip_disable "MSIE [1-6]\.";
  55. gzip_static on;
  56. gzip_min_length 1400;
  57. gzip_buffers 32 8k;
  58. gzip_http_version 1.0;
  59. gzip_comp_level 5;
  60. gzip_proxied any;
  61. gzip_types text/plain text/css text/xml application/javascript application/x-javascript application/xml application/xml+rss application/ecmascript application/json image/svg+xml;
  62.  
  63. client_body_buffer_size 256k;
  64. client_body_in_file_only off;
  65. client_body_timeout 10s;
  66. client_header_buffer_size 64k;
  67. client_header_timeout 8s;
  68. connection_pool_size 512;
  69. directio 4m;
  70. ignore_invalid_headers on;
  71. large_client_header_buffers 8 64k;
  72. output_buffers 8 256k;
  73. postpone_output 1460;
  74. proxy_temp_path /tmp/nginx_proxy/;
  75. request_pool_size 32k;
  76. reset_timedout_connection on;
  77. send_timeout 15s;
  78.  
  79. server_names_hash_bucket_size 64;
  80.  
  81. ## Hide the Nginx version number.
  82. server_tokens off;
  83.  
  84. ## Curve to use for ECDH.
  85. ssl_ecdh_curve secp521r1;
  86.  
  87. ## Enable OCSP stapling. A better way to revocate server certificates.
  88. ssl_stapling on;
  89.  
  90. ## Fill in with your own resolver.
  91. resolver 8.8.8.8;
  92.  
  93. include /etc/nginx/conf.d/*.conf;
  94. include /etc/nginx/sites-enabled/*;
  95. include /etc/nginx/pagespeed.conf;
  96. #include /etc/nginx/geoip.conf;
  97.  
  98. ## LogJam
  99. ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
  100. ssl_prefer_server_ciphers on;
  101. ssl_dhparam /etc/nginx/dhparams.pem;
  102.  
  103. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement