caddy 0.10.9 vs nginx h2load test 16/09/17 config files

## caddybench.domain.com.ssl.conf
# /etc/caddy/conf.d/caddybench.domain.com.ssl.conf
caddybench.domain.com:443 {
    gzip {
        level 5
        min_length 1400
    }
    #browse
    header / {
        #Strict-Transport-Security "max-age=31536000"
        #Cache-Control "max-age=86400"
        X-Content-Type-Options "nosniff"
        X-Frame-Options "SAMEORIGIN"
        X-XSS-Protection "1; mode=block"
        X-Powered-By "Caddy via CentminMod"
        #-Server
    }
    timeouts {
    read   10s
    header 10s
    write  20s
    idle   2m
    }
    root /home/nginx/domains/caddybench.domain.com/public
    fastcgi / 127.0.0.1:9000 {
        ext   .php
        split .php
        index index.php
        connect_timeout 10s
        read_timeout 10s
        send_timeout 10s
    }
    errors /home/nginx/domains/caddybench.domain.com/log/caddy-caddybench.domain.com-errors.log {
        rotate_size 100 # Rotate after 100 MB
        rotate_age  14  # Keep log files for 14 days
        rotate_keep 10  # Keep at most 10 log files
        rotate_compress
      }
    log / /home/nginx/domains/caddybench.domain.com/log/caddy-caddybench.domain.com-access.ssl.log "{remote} {when} {method} {uri} {proto} {status} {size} {>User-Agent} {latency}" {
        rotate_size 100 # Rotate after 100 MB
        rotate_age  14  # Keep log files for 14 days
        rotate_keep 10  # Keep at most 10 log files
        rotate_compress
    }
}

## caddybench.domain.com.ssl.conf-proxycache.conf
# /etc/caddy/conf.d/caddybench.domain.com.ssl.conf
caddybench.domain.com:443 {
    gzip {
        level 5
        min_length 1400
    }
    proxy / caddybench.domain.com:80
    cache {
        match_path /
        match_header Content-Type image/jpg image/png text/html
        status_header X-Cache-Status
        default_max_age 5m
        path /tmp/caddy-cache
    }
    #browse
    header / {
        #Strict-Transport-Security "max-age=31536000"
        #Cache-Control "max-age=86400"
        X-Content-Type-Options "nosniff"
        X-Frame-Options "SAMEORIGIN"
        X-XSS-Protection "1; mode=block"
        X-Powered-By "Caddy via CentminMod"
        #-Server
    }
    timeouts {
    read   10s
    header 10s
    write  20s
    idle   2m
    }
    root /home/nginx/domains/caddybench.domain.com/public
    fastcgi / 127.0.0.1:9000 {
        ext   .php
        split .php
        index index.php
        connect_timeout 10s
        read_timeout 10s
        send_timeout 10s
    }
    errors /home/nginx/domains/caddybench.domain.com/log/caddy-caddybench.domain.com-errors.log {
        rotate_size 100 # Rotate after 100 MB
        rotate_age  14  # Keep log files for 14 days
        rotate_keep 10  # Keep at most 10 log files
        rotate_compress
      }
    log / /home/nginx/domains/caddybench.domain.com/log/caddy-caddybench.domain.com-access.ssl.log "{remote} {when} {method} {uri} {proto} {status} {size} {>User-Agent} {latency}" {
        rotate_size 100 # Rotate after 100 MB
        rotate_age  14  # Keep log files for 14 days
        rotate_keep 10  # Keep at most 10 log files
        rotate_compress
    }
}

## nginxbench.domain.com.ssl.conf
# /usr/local/nginx/conf/conf.d/nginxbench.domain.com.ssl.conf
#x# HTTPS-DEFAULT
 server {

   server_name nginxbench.domain.com www.nginxbench.domain.com;
   return 302 https://$server_name$request_uri;
   include /usr/local/nginx/conf/staticfiles.conf;
 }

#   server_name nginxbench.domain.com www.nginxbench.domain.com;

server {
  listen 443 ssl http2;
  server_name nginxbench.domain.com www.nginxbench.domain.com;

  include /usr/local/nginx/conf/ssl/nginxbench.domain.com/nginxbench.domain.com.crt.key.conf;
  include /usr/local/nginx/conf/ssl_include.conf;

  http2_max_field_size 16k;
  http2_max_header_size 32k;
  # mozilla recommended
  #ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;

  ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
  ssl_prefer_server_ciphers   on;
  #add_header Alternate-Protocol  443:npn-spdy/3;

  # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
  #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
  add_header X-Frame-Options SAMEORIGIN;
  add_header X-Xss-Protection "1; mode=block" always;
  add_header X-Content-Type-Options "nosniff" always;
  #spdy_headers_comp 5;
  ssl_buffer_size 1369;
  ssl_session_tickets on;

  # enable ocsp stapling
  resolver 8.8.8.8 8.8.4.4 valid=10m;
  resolver_timeout 10s;
  ssl_stapling on;
  ssl_stapling_verify on;

# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;

  # limit_conn limit_per_ip 16;
  # ssi  on;

  access_log /home/nginx/domains/nginxbench.domain.com/log/access.log combined buffer=256k flush=5m;
  error_log /home/nginx/domains/nginxbench.domain.com/log/error.log;

  include /usr/local/nginx/conf/autoprotect/nginxbench.domain.com/autoprotect-nginxbench.domain.com.conf;
  root /home/nginx/domains/nginxbench.domain.com/public;
  # uncomment cloudflare.conf include if using cloudflare for
  # server and/or vhost site
  #include /usr/local/nginx/conf/cloudflare.conf;
  include /usr/local/nginx/conf/503include-main.conf;

  location / {
  include /usr/local/nginx/conf/503include-only.conf;

# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;

  # Enables directory listings when index file not found
  #autoindex  on;

  # Shows file listing times as local time
  #autoindex_localtime on;

  # Wordpress Permalinks example
  #try_files $uri $uri/ /index.php?q=$uri&$args;

  }

  include /usr/local/nginx/conf/pre-staticfiles-local-nginxbench.domain.com.conf;
  include /usr/local/nginx/conf/pre-staticfiles-global.conf;
  include /usr/local/nginx/conf/staticfiles.conf;
  include /usr/local/nginx/conf/php.conf;

  include /usr/local/nginx/conf/drop.conf;
  #include /usr/local/nginx/conf/errorpage.conf;
  include /usr/local/nginx/conf/vts_server.conf;
}
	# /etc/caddy/conf.d/caddybench.domain.com.ssl.conf
	caddybench.domain.com:443 {
	gzip {
	level 5
	min_length 1400
	}
	#browse
	header / {
	#Strict-Transport-Security "max-age=31536000"
	#Cache-Control "max-age=86400"
	X-Content-Type-Options "nosniff"
	X-Frame-Options "SAMEORIGIN"
	X-XSS-Protection "1; mode=block"
	X-Powered-By "Caddy via CentminMod"
	#-Server
	}
	timeouts {
	read 10s
	header 10s
	write 20s
	idle 2m
	}
	root /home/nginx/domains/caddybench.domain.com/public
	fastcgi / 127.0.0.1:9000 {
	ext .php
	split .php
	index index.php
	connect_timeout 10s
	read_timeout 10s
	send_timeout 10s
	}
	errors /home/nginx/domains/caddybench.domain.com/log/caddy-caddybench.domain.com-errors.log {
	rotate_size 100 # Rotate after 100 MB
	rotate_age 14 # Keep log files for 14 days
	rotate_keep 10 # Keep at most 10 log files
	rotate_compress
	}
	log / /home/nginx/domains/caddybench.domain.com/log/caddy-caddybench.domain.com-access.ssl.log "{remote} {when} {method} {uri} {proto} {status} {size} {>User-Agent} {latency}" {
	rotate_size 100 # Rotate after 100 MB
	rotate_age 14 # Keep log files for 14 days
	rotate_keep 10 # Keep at most 10 log files
	rotate_compress
	}
	}
	# /usr/local/nginx/conf/conf.d/nginxbench.domain.com.ssl.conf
	#x# HTTPS-DEFAULT
	server {

	server_name nginxbench.domain.com www.nginxbench.domain.com;
	return 302 https://$server_name$request_uri;
	include /usr/local/nginx/conf/staticfiles.conf;
	}

	# server_name nginxbench.domain.com www.nginxbench.domain.com;

	server {
	listen 443 ssl http2;
	server_name nginxbench.domain.com www.nginxbench.domain.com;

	include /usr/local/nginx/conf/ssl/nginxbench.domain.com/nginxbench.domain.com.crt.key.conf;
	include /usr/local/nginx/conf/ssl_include.conf;

	http2_max_field_size 16k;
	http2_max_header_size 32k;
	# mozilla recommended
	#ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;

	ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
	ssl_prefer_server_ciphers on;
	#add_header Alternate-Protocol 443:npn-spdy/3;

	# before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
	#add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
	add_header X-Frame-Options SAMEORIGIN;
	add_header X-Xss-Protection "1; mode=block" always;
	add_header X-Content-Type-Options "nosniff" always;
	#spdy_headers_comp 5;
	ssl_buffer_size 1369;
	ssl_session_tickets on;

	# enable ocsp stapling
	resolver 8.8.8.8 8.8.4.4 valid=10m;
	resolver_timeout 10s;
	ssl_stapling on;
	ssl_stapling_verify on;

	# ngx_pagespeed & ngx_pagespeed handler
	#include /usr/local/nginx/conf/pagespeed.conf;
	#include /usr/local/nginx/conf/pagespeedhandler.conf;
	#include /usr/local/nginx/conf/pagespeedstatslog.conf;

	# limit_conn limit_per_ip 16;
	# ssi on;

	access_log /home/nginx/domains/nginxbench.domain.com/log/access.log combined buffer=256k flush=5m;
	error_log /home/nginx/domains/nginxbench.domain.com/log/error.log;

	include /usr/local/nginx/conf/autoprotect/nginxbench.domain.com/autoprotect-nginxbench.domain.com.conf;
	root /home/nginx/domains/nginxbench.domain.com/public;
	# uncomment cloudflare.conf include if using cloudflare for
	# server and/or vhost site
	#include /usr/local/nginx/conf/cloudflare.conf;
	include /usr/local/nginx/conf/503include-main.conf;

	location / {
	include /usr/local/nginx/conf/503include-only.conf;

	# block common exploits, sql injections etc
	#include /usr/local/nginx/conf/block.conf;

	# Enables directory listings when index file not found
	#autoindex on;

	# Shows file listing times as local time
	#autoindex_localtime on;

	# Wordpress Permalinks example
	#try_files $uri $uri/ /index.php?q=$uri&$args;

	}

	include /usr/local/nginx/conf/pre-staticfiles-local-nginxbench.domain.com.conf;
	include /usr/local/nginx/conf/pre-staticfiles-global.conf;
	include /usr/local/nginx/conf/staticfiles.conf;
	include /usr/local/nginx/conf/php.conf;

	include /usr/local/nginx/conf/drop.conf;
	#include /usr/local/nginx/conf/errorpage.conf;
	include /usr/local/nginx/conf/vts_server.conf;
	}