Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- load_module modules/ngx_http_geoip_module.so;
- load_module modules/ngx_stream_geoip_module.so;
- load_module modules/ngx_http_brotli_filter_module.so;
- load_module modules/ngx_http_brotli_static_module.so;
- user www-data;
- worker_processes 8;
- pid /run/nginx.pid;
- worker_rlimit_nofile 40000;
- events {
- worker_connections 2000;
- }
- http {
- sendfile on;
- fastcgi_read_timeout 300;
- tcp_nopush on;
- tcp_nodelay on;
- keepalive_timeout 900;
- types_hash_max_size 2048;
- open_file_cache max=200000 inactive=20s;
- open_file_cache_valid 30s;
- open_file_cache_min_uses 5;
- open_file_cache_errors off;
- server_tokens off;
- geoip_country /usr/share/GeoIP/GeoIPv6.dat;
- map $geoip_country_code $allowed_country {
- default yes;
- IQ no;
- JO no;
- AU no;
- EG no;
- PK no;
- IN no;
- CZ no;
- MY no;
- TR no;
- KH no;
- BR no;
- SG no;
- IL no;
- CH no;
- IR no;
- }
- map $geoip_country_code $allowed_country2 {
- default no;
- NL yes;
- BG yes;
- BE yes;
- CA yes;
- }
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
- ssl_prefer_server_ciphers on;
- ssl_session_cache shared:SSL:40m;
- ssl_session_timeout 4h;
- ssl_session_tickets on;
- ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
- brotli on;
- brotli_comp_level 6;
- brotli_static on;
- brotli_types *;
- gzip on;
- gzip_comp_level 5;
- gzip_min_length 256;
- gzip_proxied any;
- gzip_vary on;
- gzip_types
- application/atom+xml
- application/javascript
- application/json
- application/ld+json
- application/manifest+json
- application/rss+xml
- application/vnd.geo+json
- application/vnd.ms-fontobject
- application/x-font-ttf
- application/x-web-app-manifest+json
- application/xhtml+xml
- application/xml
- font/opentype
- image/bmp
- image/svg+xml
- image/x-icon
- text/cache-manifest
- text/css
- text/plain
- text/vcard
- text/vnd.rim.location.xloc
- text/vtt
- text/x-component
- text/x-cross-domain-policy;
- access_log /dev/null;
- error_log /dev/null;
- log_not_found off;
- fastcgi_buffers 16 16k;
- fastcgi_buffer_size 32k;
- client_body_buffer_size 128k;
- client_header_buffer_size 1k;
- client_max_body_size 1000M;
- large_client_header_buffers 4 16k;
- reset_timedout_connection on;
- client_body_timeout 5s;
- client_header_timeout 5s;
- proxy_connect_timeout 1600;
- proxy_send_timeout 1600;
- proxy_read_timeout 1600;
- keepalive_requests 100000;
- include /etc/nginx/conf.d/*.conf;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement