Guest User

Untitled

a guest
Jul 25th, 2018
324
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  
  2. user www-data;
  3. worker_processes auto;
  4. worker_rlimit_nofile 116124;
  5. pid /run/nginx.pid;
  6. events {
  7. worker_connections 8192;
  8. multi_accept on;
  9. }
  10. http {
  11. ##
  12. # Basic Settings
  13. ##
  14. sendfile on;
  15. tcp_nopush on;
  16. tcp_nodelay on;
  17. server_tokens off;
  18. reset_timedout_connection on;
  19. send_timeout 15;
  20. keepalive_timeout 15;
  21. client_body_buffer_size 128k;
  22. client_max_body_size 50m;
  23. client_body_timeout 15;
  24. client_header_timeout 15;
  25. open_file_cache_valid 3m;
  26. open_file_cache max=38708 inactive=5m;
  27. types_hash_max_size 2048;
  28. # server_names_hash_bucket_size 64;
  29. # server_name_in_redirect off;
  30. limit_req_status 403;
  31. limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
  32. limit_req_zone $binary_remote_addr zone=wp:10m rate=3r/s;
  33. include /etc/nginx/mime.types;
  34. include common/headers-http.conf;
  35. default_type application/octet-stream;
  36. ##
  37. # SSL Settings
  38. ##
  39. ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
  40. ssl_session_timeout 10m;
  41. ssl_session_cache shared:SSL:20m;
  42. ssl_dhparam /etc/ssl/dhparam.pem;
  43. ssl_ecdh_curve prime256v1:secp384r1:secp521r1;
  44. ssl_prefer_server_ciphers on;
  45. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT';
  46. ##
  47. # Logging Settings
  48. ##
  49. access_log /var/log/nginx/access.log;
  50. error_log /var/log/nginx/error.log;
  51. open_log_file_cache max=1000 inactive=30s valid=1m;
  52. log_format we_log '$remote_addr $upstream_response_time $upstream_cache_status [$time_local] '
  53. '$http_host "$request" $status $body_bytes_sent '
  54. '"$http_referer" "$http_user_agent"';
  55. ##
  56. # Gzip Settings
  57. ##
  58. gzip on;
  59. gzip_disable "msie6";
  60. gzip_vary on;
  61. gzip_proxied any;
  62. gzip_comp_level 6;
  63. gzip_buffers 16 8k;
  64. gzip_http_version 1.1;
  65. gzip_types application/atom+xml application/javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/svg+xml image/x-icon text/css text/plain text/x-component text/xml text/javascript;
  66. ##
  67. # Virtual Host Configs
  68. ##
  69. include /etc/nginx/conf.d/*.conf;
  70. include /etc/nginx/sites-enabled/*;
  71. set_real_ip_from 103.21.244.0/22;
  72. set_real_ip_from 103.22.200.0/22;
  73. set_real_ip_from 103.31.4.0/22;
  74. set_real_ip_from 104.16.0.0/12;
  75. set_real_ip_from 108.162.192.0/18;
  76. set_real_ip_from 131.0.72.0/22;
  77. set_real_ip_from 141.101.64.0/18;
  78. set_real_ip_from 162.158.0.0/15;
  79. set_real_ip_from 172.64.0.0/13;
  80. set_real_ip_from 173.245.48.0/20;
  81. set_real_ip_from 188.114.96.0/20;
  82. set_real_ip_from 190.93.240.0/20;
  83. set_real_ip_from 197.234.240.0/22;
  84. set_real_ip_from 198.41.128.0/17;
  85. set_real_ip_from 2400:cb00::/32;
  86. set_real_ip_from 2606:4700::/32;
  87. set_real_ip_from 2803:f800::/32;
  88. set_real_ip_from 2405:b500::/32;
  89. set_real_ip_from 2405:8100::/32;
  90. set_real_ip_from 2c0f:f248::/32;
  91. set_real_ip_from 2a06:98c0::/29;
  92. # use any of the following two
  93. real_ip_header CF-Connecting-IP;
  94. #real_ip_header X-Forwarded-For;
  95. }
  96. #mail {
  97. # # See sample authentication script at:
  98. # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
  99. #
  100. # # auth_http localhost/auth.php;
  101. # # pop3_capabilities "TOP" "USER";
  102. # # imap_capabilities "IMAP4rev1" "UIDPLUS";
  103. #
  104. # server {
  105. # listen localhost:110;
  106. # protocol pop3;
  107. # proxy on;
  108. # }
  109. #
  110. # server {
  111. # listen localhost:143;
  112. # protocol imap;
  113. # proxy on;
  114. # }
  115. #}
RAW Paste Data