user apache;
worker_processes 8;
worker_rlimit_nofile 100000;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
access_log on;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens on;
gzip on;
gzip_static on;
gzip_comp_level 1;
gzip_min_length 1024;
#Note, text/html is on by default in nginx
gzip_types text/css application/x-javascript text/xml application/rss+xml
keepalive_timeout 50;
keepalive_requests 100;
limit_zone myzone $binary_remote_addr 10m;
# Load config files from the /etc/nginx/conf.d directory
include /etc/nginx/conf.d/*.conf;
server {
## Redirect to Domain if $host does not match www.domain.com
listen 80 default_server;
server_name _;
rewrite ^ http://www.domain.com/vb$request_uri permanent;
}
server {
limit_conn myzone 20;
listen 80;
server_name www.domain.com;
root /var/www/html;
index index.php index.html index.shtml index.htm;
client_max_body_size 2M;
#charset koi8-r;
## Tell browsers to cache these files for 90 days and serve them directly
location ~* \.(jpg|jpeg|gif|css|png|ico|js)$ {
expires 90d;
}
location / {
## Enable Server Side Includes for /
ssi on;
## If the file exists as a static file serve it directly without
## running all the other rewite tests on it;
try_files $uri $uri/ @IndexRewrites;
}
location @IndexRewrites {
rewrite <ALL REWRITES REMOVED FOR PASTEBIN>;
}
# WordPress single blog rules.
# Designed to be included in any server {} block.
# Based on http://codex.wordpress.org/Nginx
# This order might seem weird - this is attempted to match last if rules below fail.
# http://wiki.nginx.org/HttpCoreModule
location /blog/ {
try_files $uri $uri/ /blog/index.php?$args;
# Add trailing slash to */wp-admin requests.
rewrite /blog/wp-admin$ $scheme://$host$uri/ permanent;
# Uncomment one of the lines below for the appropriate caching plugin (if used).
include wordpress-wp-super-cache.conf;
}
## Rewriterule to make vBseo forum links work
## Based on http://www.axivo.com/community/threads/proper-vbseo-rewrite-rules-for-vbulletin-3.123
location /vb/ {
try_files $uri $uri/ @vbseo;
}
location @vbseo {
fastcgi_pass unix:/dev/shm/php.sock;
fastcgi_param SCRIPT_FILENAME $document_root/vb/vbseo.php;
fastcgi_param QUERY_STRING vbseourl=$request_uri;
include fastcgi_params;
internal;
}
location = /vb/inlinemod.php {
fastcgi_pass unix:/dev/shm/php.sock;
fastcgi_param SCRIPT_FILENAME $document_root/vb/vbseo.php;
fastcgi_param QUERY_STRING vbseourl=$request_uri;
include fastcgi_params;
}
error_page 403 404 /e404.php;
# Pass all .php files onto a php-fpm/php-fcgi server.
# Based on https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/
location ~ \.php$ {
# Zero-day exploit defense.
# http://forum.nginx.org/read.php?2,88845,page=3
# Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
# Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine. And then cross your fingers that you won't get hacked.
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/dev/shm/php.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
}