API tools faq
paste
Advertisement
Guest User

nginx.conf

a guest
Jan 22nd, 2018
414
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.38 KB | None | 0 0
raw download clone embed print report
  1. user nginx;
  2. worker_processes 1;
  3. worker_rlimit_nofile 260000;
  4.  
  5. error_log /var/log/nginx/error.log warn;
  6. pid /var/run/nginx.pid;
  7.  
  8. events {
  9. worker_connections 2048;
  10. accept_mutex off;
  11. accept_mutex_delay 200ms;
  12. use epoll;
  13. #multi_accept on;
  14. }
  15.  
  16. http {
  17. include /etc/nginx/mime.types;
  18. default_type application/octet-stream;
  19.  
  20. set_real_ip_from 103.21.244.0/22;
  21. set_real_ip_from 103.22.200.0/22;
  22. set_real_ip_from 103.31.4.0/22;
  23. set_real_ip_from 104.16.0.0/12;
  24. set_real_ip_from 108.162.192.0/18;
  25. set_real_ip_from 131.0.72.0/22;
  26. set_real_ip_from 141.101.64.0/18;
  27. set_real_ip_from 162.158.0.0/15;
  28. set_real_ip_from 172.64.0.0/13;
  29. set_real_ip_from 173.245.48.0/20;
  30. set_real_ip_from 188.114.96.0/20;
  31. set_real_ip_from 190.93.240.0/20;
  32. set_real_ip_from 197.234.240.0/22;
  33. set_real_ip_from 198.41.128.0/17;
  34. set_real_ip_from 127.0.0.1/32;
  35. real_ip_header CF-Connecting-IP;
  36. log_format main '$remote_addr - $remote_user [$time_local] $status '
  37. '"$request" $body_bytes_sent "$http_referer" '
  38. '"$http_user_agent" "$http_x_forwarded_for"';
  39.  
  40. #Disable IFRAME
  41. add_header X-Frame-Options SAMEORIGIN;
  42.  
  43. #Prevent Cross-site scripting (XSS) attacks
  44. add_header X-XSS-Protection "1; mode=block";
  45.  
  46. #Prevent MIME-sniffing
  47. add_header X-Content-Type-Options nosniff;
  48.  
  49. access_log off;
  50. sendfile on;
  51. tcp_nopush on;
  52. tcp_nodelay off;
  53. types_hash_max_size 2048;
  54. server_tokens off;
  55. server_names_hash_bucket_size 128;
  56. client_max_body_size 0;
  57. client_body_buffer_size 256k;
  58. client_body_in_file_only off;
  59. client_body_timeout 60s;
  60. client_header_buffer_size 256k;
  61. client_header_timeout 20s;
  62. large_client_header_buffers 8 256k;
  63. keepalive_timeout 10;
  64. keepalive_disable msie6;
  65. reset_timedout_connection on;
  66. send_timeout 60s;
  67.  
  68. gzip on;
  69. gzip_static on;
  70. gzip_disable "msie6";
  71. gzip_vary on;
  72. gzip_proxied any;
  73. gzip_comp_level 6;
  74. gzip_buffers 16 8k;
  75. gzip_http_version 1.1;
  76. gzip_types text/plain text/css application/json text/javascript application/javascript text/xml application/xml application/xml+rss;
  77.  
  78. include /etc/nginx/conf.d/*.conf;
  79. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!