API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 23rd, 2019
272
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.67 KB | None | 0 0
raw download clone embed print report
  1. # Server globals
  2. user www-data;
  3. worker_processes auto;
  4. worker_rlimit_nofile 65535;
  5. error_log /var/log/nginx/error.log crit;
  6. pid /var/run/nginx.pid;
  7.  
  8.  
  9. # Worker config
  10. events {
  11. worker_connections 2048;
  12. use epoll;
  13. multi_accept on;
  14. }
  15.  
  16. http {
  17. # Main settings
  18. sendfile on;
  19. tcp_nopush on;
  20. tcp_nodelay on;
  21. client_header_timeout 1m;
  22. client_body_timeout 1m;
  23. client_header_buffer_size 2k;
  24. client_body_buffer_size 256k;
  25. client_max_body_size 2048m;
  26. large_client_header_buffers 4 8k;
  27. send_timeout 30;
  28. keepalive_timeout 60 60;
  29. reset_timedout_connection on;
  30. server_tokens off;
  31. server_name_in_redirect off;
  32. server_names_hash_max_size 512;
  33. server_names_hash_bucket_size 512;
  34.  
  35. # Log format
  36. log_format main '$remote_addr - $remote_user [$time_local] $request '
  37. '"$status" $body_bytes_sent "$http_referer" '
  38. '"$http_user_agent" "$http_x_forwarded_for"';
  39. log_format bytes '$body_bytes_sent';
  40. #access_log /var/log/nginx/access.log main;
  41. access_log off;
  42.  
  43.  
  44. # Mime settings
  45. include /etc/nginx/mime.types;
  46. default_type application/octet-stream;
  47.  
  48.  
  49. # Compression
  50. gzip on;
  51. gzip_comp_level 9;
  52. gzip_min_length 512;
  53. gzip_buffers 8 64k;
  54. gzip_types text/plain text/css text/javascript text/js text/xml app lication/json application/javascript application/x-javascript application/xml ap plication/xml+rss application/x-font-ttf image/svg+xml font/opentype;
  55. gzip_proxied any;
  56. gzip_disable "MSIE [1-6]\.";
  57.  
  58.  
  59. # Proxy settings
  60. proxy_redirect off;
  61. proxy_set_header Host $host;
  62. proxy_set_header X-Real-IP $remote_addr;
  63. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  64. proxy_pass_header Set-Cookie;
  65. proxy_connect_timeout 90;
  66. proxy_send_timeout 90;
  67. proxy_read_timeout 90;
  68. proxy_buffers 32 4k;
  69.  
  70.  
  71. # Cloudflare https://www.cloudflare.com/ips
  72. set_real_ip_from 199.27.128.0/21;
  73. set_real_ip_from 173.245.48.0/20;
  74. set_real_ip_from 103.21.244.0/22;
  75. set_real_ip_from 103.22.200.0/22;
  76. set_real_ip_from 103.31.4.0/22;
  77. set_real_ip_from 141.101.64.0/18;
  78. set_real_ip_from 108.162.192.0/18;
  79. set_real_ip_from 190.93.240.0/20;
  80. set_real_ip_from 188.114.96.0/20;
  81. set_real_ip_from 197.234.240.0/22;
  82. set_real_ip_from 198.41.128.0/17;
  83. set_real_ip_from 162.158.0.0/15;
  84. set_real_ip_from 104.16.0.0/12;
  85. set_real_ip_from 172.64.0.0/13;
  86. #set_real_ip_from 2400:cb00::/32;
  87. #set_real_ip_from 2606:4700::/32;
  88. #set_real_ip_from 2803:f800::/32;
  89. #set_real_ip_from 2405:b500::/32;
  90. #set_real_ip_from 2405:8100::/32;
  91. real_ip_header CF-Connecting-IP;
  92.  
  93.  
  94. # SSL PCI Compliance
  95. ssl_session_cache shared:SSL:10m;
  96. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  97. ssl_prefer_server_ciphers on;
  98. ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256: DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDH E-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA 256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CB C3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AE S128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:! MD5:!PSK:!RC4";
  99.  
  100.  
  101. # Error pages
  102. error_page 403 /error/403.html;
  103. error_page 404 /error/404.html;
  104. error_page 502 503 504 /error/50x.html;
  105.  
  106.  
  107. # Cache settings
  108. proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
  109. proxy_cache_key "$host$request_uri $cookie_user";
  110. proxy_temp_path /var/cache/nginx/temp;
  111. proxy_ignore_headers Expires Cache-Control;
  112. proxy_cache_use_stale error timeout invalid_header http_502;
  113. proxy_cache_valid any 1d;
  114.  
  115.  
  116. # Cache bypass
  117. map $http_cookie $no_cache {
  118. default 0;
  119. ~SESS 1;
  120. ~wordpress_logged_in 1;
  121. }
  122.  
  123.  
  124. # File cache settings
  125. open_file_cache max=10000 inactive=30s;
  126. open_file_cache_valid 60s;
  127. open_file_cache_min_uses 2;
  128. open_file_cache_errors off;
  129.  
  130. # Wildcard include
  131. include /etc/nginx/conf.d/*.conf;
  132. }
  133.  
  134. # configuration file /etc/nginx/mime.types:
  135.  
  136. types {
  137. text/html html htm shtml;
  138. text/css css;
  139. text/xml xml;
  140. image/gif gif;
  141. image/jpeg jpeg jpg;
  142. application/javascript js;
  143. application/atom+xml atom;
  144. application/rss+xml rss;
  145.  
  146. text/mathml mml;
  147. text/plain txt;
  148. text/vnd.sun.j2me.app-descriptor jad;
  149. text/vnd.wap.wml wml;
  150. text/x-component htc;
  151.  
  152. image/png png;
  153. image/tiff tif tiff;
  154. image/vnd.wap.wbmp wbmp;
  155. image/x-icon ico;
  156. image/x-jng jng;
  157. image/x-ms-bmp bmp;
  158. image/svg+xml svg svgz;
  159. image/webp webp;
  160.  
  161. application/font-woff woff;
  162. application/java-archive jar war ear;
  163. application/json json;
  164. application/mac-binhex40 hqx;
  165. application/msword doc;
  166. application/pdf pdf;
  167. application/postscript ps eps ai;
  168. application/rtf rtf;
  169. application/vnd.apple.mpegurl m3u8;
  170. application/vnd.ms-excel xls;
  171. application/vnd.ms-fontobject eot;
  172. application/vnd.ms-powerpoint ppt;
  173. application/vnd.wap.wmlc wmlc;
  174. application/vnd.google-earth.kml+xml kml;
  175. application/vnd.google-earth.kmz kmz;
  176. application/x-7z-compressed 7z;
  177. application/x-cocoa cco;
  178. application/x-java-archive-diff jardiff;
  179. application/x-java-jnlp-file jnlp;
  180. application/x-makeself run;
  181. application/x-perl pl pm;
  182. application/x-pilot prc pdb;
  183. application/x-rar-compressed rar;
  184. application/x-redhat-package-manager rpm;
  185. application/x-sea sea;
  186. application/x-shockwave-flash swf;
  187. application/x-stuffit sit;
  188. application/x-tcl tcl tk;
  189. application/x-x509-ca-cert der pem crt;
  190. application/x-xpinstall xpi;
  191. application/xhtml+xml xhtml;
  192. application/xspf+xml xspf;
  193. application/zip zip;
  194.  
  195. application/octet-stream bin exe dll;
  196. application/octet-stream deb;
  197. application/octet-stream dmg;
  198. application/octet-stream iso img;
  199. application/octet-stream msi msp msm;
  200.  
  201. application/vnd.openxmlformats-officedocument.wordprocessingml.document d ocx;
  202. application/vnd.openxmlformats-officedocument.spreadsheetml.sheet x lsx;
  203. application/vnd.openxmlformats-officedocument.presentationml.presentation p ptx;
  204.  
  205. audio/midi mid midi kar;
  206. audio/mpeg mp3;
  207. audio/ogg ogg;
  208. audio/x-m4a m4a;
  209. audio/x-realaudio ra;
  210.  
  211. video/3gpp 3gpp 3gp;
  212. video/mp2t ts;
  213. video/mp4 mp4;
  214. video/mpeg mpeg mpg;
  215. video/quicktime mov;
  216. video/webm webm;
  217. video/x-flv flv;
  218. video/x-m4v m4v;
  219. video/x-mng mng;
  220. video/x-ms-asf asx asf;
  221. video/x-ms-wmv wmv;
  222. video/x-msvideo avi;
  223. }
  224.  
  225. # configuration file /etc/nginx/conf.d/default.conf:
  226. server {
  227. listen x.x.x.x.x.x:80;
  228. #server_name okay.uz www.test.ru;
  229. error_log /var/log/nginx/error.log error;
  230.  
  231. location / {
  232. proxy_pass http://localhost:8080;
  233. location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|tif|tiff|css|js|ttf|otf|w ebp|woff|txt|csv|rtf|doc|docx|xls|xlsx|ppt|pptx|odf|odp|ods|odt|pdf|psd|ai|eot|e ps|ps|zip|tar|tgz|gz|rar|bz2|7z|aac|m4a|mp3|mp4|ogg|wav|wma|3gp|avi|flv|m4v|mkv| mov|mpeg|mpg|wmv|exe|iso|dmg|swf|map)$ {
  234. root /opt/www/public_html/okay.uz/;
  235. access_log /var/log/nginx/access.log combined;
  236. access_log /var/log/nginx/access.bytes bytes;
  237. expires max;
  238. try_files $uri @fallback;
  239. }
  240. }
  241.  
  242. location /error/ {
  243. alias /opt/www/public_html/test.ru/;
  244. }
  245.  
  246. location @fallback {
  247. proxy_pass http://localhost:8080;
  248. }
  249.  
  250. location ~ /\.ht {return 404;}
  251. location ~ /\.svn/ {return 404;}
  252. location ~ /\.git/ {return 404;}
  253. location ~ /\.hg/ {return 404;}
  254. location ~ /\.bzr/ {return 404;}
  255.  
  256. ###include /home/admin/conf/web/nginx.windows.uz.conf*;
  257. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!