Guest User

nginx.conf

a guest
Jan 22nd, 2018
234
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. user nginx;
  2. worker_processes 1;
  3. worker_rlimit_nofile 260000;
  4.  
  5. error_log /var/log/nginx/error.log warn;
  6. pid /var/run/nginx.pid;
  7.  
  8. events {
  9. worker_connections 2048;
  10. accept_mutex off;
  11. accept_mutex_delay 200ms;
  12. use epoll;
  13. #multi_accept on;
  14. }
  15.  
  16. http {
  17. include /etc/nginx/mime.types;
  18. default_type application/octet-stream;
  19.  
  20. set_real_ip_from 103.21.244.0/22;
  21. set_real_ip_from 103.22.200.0/22;
  22. set_real_ip_from 103.31.4.0/22;
  23. set_real_ip_from 104.16.0.0/12;
  24. set_real_ip_from 108.162.192.0/18;
  25. set_real_ip_from 131.0.72.0/22;
  26. set_real_ip_from 141.101.64.0/18;
  27. set_real_ip_from 162.158.0.0/15;
  28. set_real_ip_from 172.64.0.0/13;
  29. set_real_ip_from 173.245.48.0/20;
  30. set_real_ip_from 188.114.96.0/20;
  31. set_real_ip_from 190.93.240.0/20;
  32. set_real_ip_from 197.234.240.0/22;
  33. set_real_ip_from 198.41.128.0/17;
  34. set_real_ip_from 127.0.0.1/32;
  35. real_ip_header CF-Connecting-IP;
  36. log_format main '$remote_addr - $remote_user [$time_local] $status '
  37. '"$request" $body_bytes_sent "$http_referer" '
  38. '"$http_user_agent" "$http_x_forwarded_for"';
  39.  
  40. #Disable IFRAME
  41. add_header X-Frame-Options SAMEORIGIN;
  42.  
  43. #Prevent Cross-site scripting (XSS) attacks
  44. add_header X-XSS-Protection "1; mode=block";
  45.  
  46. #Prevent MIME-sniffing
  47. add_header X-Content-Type-Options nosniff;
  48.  
  49. access_log off;
  50. sendfile on;
  51. tcp_nopush on;
  52. tcp_nodelay off;
  53. types_hash_max_size 2048;
  54. server_tokens off;
  55. server_names_hash_bucket_size 128;
  56. client_max_body_size 0;
  57. client_body_buffer_size 256k;
  58. client_body_in_file_only off;
  59. client_body_timeout 60s;
  60. client_header_buffer_size 256k;
  61. client_header_timeout 20s;
  62. large_client_header_buffers 8 256k;
  63. keepalive_timeout 10;
  64. keepalive_disable msie6;
  65. reset_timedout_connection on;
  66. send_timeout 60s;
  67.  
  68. gzip on;
  69. gzip_static on;
  70. gzip_disable "msie6";
  71. gzip_vary on;
  72. gzip_proxied any;
  73. gzip_comp_level 6;
  74. gzip_buffers 16 8k;
  75. gzip_http_version 1.1;
  76. gzip_types text/plain text/css application/json text/javascript application/javascript text/xml application/xml application/xml+rss;
  77.  
  78. include /etc/nginx/conf.d/*.conf;
  79. }
RAW Paste Data