Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- user nginx;
- worker_processes 1;
- worker_rlimit_nofile 260000;
- error_log /var/log/nginx/error.log warn;
- pid /var/run/nginx.pid;
- events {
- worker_connections 2048;
- accept_mutex off;
- accept_mutex_delay 200ms;
- use epoll;
- #multi_accept on;
- }
- http {
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
- set_real_ip_from 103.21.244.0/22;
- set_real_ip_from 103.22.200.0/22;
- set_real_ip_from 103.31.4.0/22;
- set_real_ip_from 104.16.0.0/12;
- set_real_ip_from 108.162.192.0/18;
- set_real_ip_from 131.0.72.0/22;
- set_real_ip_from 141.101.64.0/18;
- set_real_ip_from 162.158.0.0/15;
- set_real_ip_from 172.64.0.0/13;
- set_real_ip_from 173.245.48.0/20;
- set_real_ip_from 188.114.96.0/20;
- set_real_ip_from 190.93.240.0/20;
- set_real_ip_from 197.234.240.0/22;
- set_real_ip_from 198.41.128.0/17;
- set_real_ip_from 127.0.0.1/32;
- real_ip_header CF-Connecting-IP;
- log_format main '$remote_addr - $remote_user [$time_local] $status '
- '"$request" $body_bytes_sent "$http_referer" '
- '"$http_user_agent" "$http_x_forwarded_for"';
- #Disable IFRAME
- add_header X-Frame-Options SAMEORIGIN;
- #Prevent Cross-site scripting (XSS) attacks
- add_header X-XSS-Protection "1; mode=block";
- #Prevent MIME-sniffing
- add_header X-Content-Type-Options nosniff;
- access_log off;
- sendfile on;
- tcp_nopush on;
- tcp_nodelay off;
- types_hash_max_size 2048;
- server_tokens off;
- server_names_hash_bucket_size 128;
- client_max_body_size 0;
- client_body_buffer_size 256k;
- client_body_in_file_only off;
- client_body_timeout 60s;
- client_header_buffer_size 256k;
- client_header_timeout 20s;
- large_client_header_buffers 8 256k;
- keepalive_timeout 10;
- keepalive_disable msie6;
- reset_timedout_connection on;
- send_timeout 60s;
- gzip on;
- gzip_static on;
- gzip_disable "msie6";
- gzip_vary on;
- gzip_proxied any;
- gzip_comp_level 6;
- gzip_buffers 16 8k;
- gzip_http_version 1.1;
- gzip_types text/plain text/css application/json text/javascript application/javascript text/xml application/xml application/xml+rss;
- include /etc/nginx/conf.d/*.conf;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement