API tools faq
paste
Advertisement
Guest User

nginx.conf

a guest
Feb 17th, 2020
133
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.86 KB | None | 0 0
raw download clone embed print report
  1. load_module modules/ngx_http_geoip_module.so;
  2. load_module modules/ngx_stream_geoip_module.so;
  3. load_module modules/ngx_http_brotli_filter_module.so;
  4. load_module modules/ngx_http_brotli_static_module.so;
  5. user www-data;
  6. worker_processes 8;
  7. pid /run/nginx.pid;
  8. worker_rlimit_nofile 40000;
  9.  
  10. events {
  11. worker_connections 2000;
  12. }
  13.  
  14. http {
  15. sendfile on;
  16. fastcgi_read_timeout 300;
  17. tcp_nopush on;
  18. tcp_nodelay on;
  19. keepalive_timeout 900;
  20. types_hash_max_size 2048;
  21. open_file_cache max=200000 inactive=20s;
  22. open_file_cache_valid 30s;
  23. open_file_cache_min_uses 5;
  24. open_file_cache_errors off;
  25. server_tokens off;
  26.  
  27. geoip_country /usr/share/GeoIP/GeoIPv6.dat;
  28. map $geoip_country_code $allowed_country {
  29. default yes;
  30. IQ no;
  31. JO no;
  32. AU no;
  33. EG no;
  34. PK no;
  35. IN no;
  36. CZ no;
  37. MY no;
  38. TR no;
  39. KH no;
  40. BR no;
  41. SG no;
  42. IL no;
  43. CH no;
  44. IR no;
  45. }
  46.  
  47. map $geoip_country_code $allowed_country2 {
  48. default no;
  49. NL yes;
  50. BG yes;
  51. BE yes;
  52. CA yes;
  53. }
  54.  
  55. include /etc/nginx/mime.types;
  56. default_type application/octet-stream;
  57.  
  58. ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
  59. ssl_prefer_server_ciphers on;
  60. ssl_session_cache shared:SSL:40m;
  61. ssl_session_timeout 4h;
  62. ssl_session_tickets on;
  63. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
  64.  
  65. brotli on;
  66. brotli_comp_level 6;
  67. brotli_static on;
  68. brotli_types *;
  69.  
  70. gzip on;
  71. gzip_comp_level 5;
  72. gzip_min_length 256;
  73. gzip_proxied any;
  74. gzip_vary on;
  75.  
  76. gzip_types
  77. application/atom+xml
  78. application/javascript
  79. application/json
  80. application/ld+json
  81. application/manifest+json
  82. application/rss+xml
  83. application/vnd.geo+json
  84. application/vnd.ms-fontobject
  85. application/x-font-ttf
  86. application/x-web-app-manifest+json
  87. application/xhtml+xml
  88. application/xml
  89. font/opentype
  90. image/bmp
  91. image/svg+xml
  92. image/x-icon
  93. text/cache-manifest
  94. text/css
  95. text/plain
  96. text/vcard
  97. text/vnd.rim.location.xloc
  98. text/vtt
  99. text/x-component
  100. text/x-cross-domain-policy;
  101.  
  102. access_log /dev/null;
  103. error_log /dev/null;
  104. log_not_found off;
  105.  
  106. fastcgi_buffers 16 16k;
  107. fastcgi_buffer_size 32k;
  108.  
  109. client_body_buffer_size 128k;
  110. client_header_buffer_size 1k;
  111. client_max_body_size 1000M;
  112. large_client_header_buffers 4 16k;
  113.  
  114. reset_timedout_connection on;
  115. client_body_timeout 5s;
  116.  
  117. client_header_timeout 5s;
  118. proxy_connect_timeout 1600;
  119. proxy_send_timeout 1600;
  120. proxy_read_timeout 1600;
  121. keepalive_requests 100000;
  122.  
  123. include /etc/nginx/conf.d/*.conf;
  124. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!