SHARE
TWEET

nginx.conf

a guest Nov 30th, 2013 847 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. user www-data;
  2. worker_processes 1;
  3. pid /var/run/nginx.pid;
  4.  
  5. events {
  6.         worker_connections 8;
  7. }
  8.  
  9. http {
  10.  
  11.         ## Disable Nginx version number in error pages and Server header
  12.         server_tokens off;
  13.  
  14.         ## Add here all HTTP method allowed
  15.         map $request_method $bad_method {
  16.                 default 1;
  17.                 ~(?i)(GET|HEAD|POST) 0;
  18.         }
  19.  
  20.         ## Add here all user agents that are to be blocked.
  21.         map $http_user_agent $bad_bot {
  22.                 default 0;
  23.                 ~(?i)(httrack|WinHTTrack|htmlparser|libwww|Python|perl|urllib|Zeus|scan|Curl|email|PycURL|Pyth|PyQ|WebCollector|WebCopier|WebCopy|webcraw|LWP:
  24. :simple|Havij) 1;
  25.         }
  26.  
  27.         ## Add here all referrers that are to blocked.
  28.         map $http_referer $bad_referer {
  29.                 default 0;
  30.                 ~(?i)(babes|click|forsale|jewelry|nudit|organic|poker|porn|amnesty|poweroversoftware|webcam|zippo|casino|replica) 1;
  31.         }
  32.  
  33.         include /etc/nginx/mime.types;
  34.  
  35.         default_type  application/octet-stream;
  36.         log_format main '$remote_addr - $remote_user [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent" "$gzip_ratio"';
  37.         access_log /var/log/nginx/access.log;
  38.         server_names_hash_bucket_size 64;
  39.         #server_names_hash_max_size 1024;
  40.         #types_hash_bucket_size 32;
  41.         types_hash_max_size 2048;
  42.  
  43.         client_header_timeout 10m;
  44.         client_body_timeout 10m;
  45.         send_timeout 10m;
  46.         connection_pool_size 256;
  47.         client_body_buffer_size 16k;
  48.         large_client_header_buffers 4 16k;
  49.         request_pool_size 4k;
  50.         sendfile on;
  51.  
  52.         gzip off;
  53.         gzip_min_length 0;
  54.         gzip_buffers 4 8k;
  55.         gzip_types text/plain application/x-shockwave-flash text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
  56.         gzip_proxied any;
  57.         gzip_http_version 1.0;
  58.         output_buffers 1 32k;
  59.         postpone_output 1460;
  60.  
  61.         tcp_nopush on;
  62.         tcp_nodelay on;
  63.         keepalive_timeout 75 20;
  64.         ignore_invalid_headers on;
  65.  
  66.         #set_real_ip_from 202.4.96.250;
  67.         #real_ip_header X-Forwarded-For;
  68.         #real_ip_recursive on;
  69.  
  70.         proxy_cache_path /usr/share/nginx/cache levels=1:2 keys_zone=cache:10m inactive=10m max_size=1000m;
  71.         proxy_cache_key "$scheme://$host$request_uri";
  72.  
  73.  
  74.         # creates zone “req_limit_per_ip” allocating 10MB for this session then limits queries for remote ip address to 1 request per second
  75.         limit_req_zone  $binary_remote_addr zone=req_limit_per_ip:10m rate=1r/s;
  76.         limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
  77.  
  78.         include /etc/nginx/conf.d/*.conf;
  79.         include /etc/nginx/sites-enabled/*;
  80.  
  81.         #default config, module disabled
  82.         testcookie off;
  83.  
  84.         #setting cookie name
  85.         testcookie_name BPC;
  86.  
  87.         #setting secret
  88.         testcookie_secret keepmesecret;
  89.  
  90.         #setting session key
  91.         testcookie_session $remote_addr;
  92.  
  93.         #setting argument name
  94.         testcookie_arg ckattempt;
  95.  
  96.         #setting maximum number of cookie setting attempts
  97.         testcookie_max_attempts 3;
  98.         testcookie_get_only on;
  99.         testcookie_fallback /cookies.html?backurl=http://$host$request_uri;
  100.  
  101. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top