-
-
Save centminmod/e54a516889dedbf5ca330af2f95af6f5 to your computer and use it in GitHub Desktop.
123.09beta01 default /usr/local/nginx/conf/nginx.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
user nginx nginx; | |
worker_processes 4; | |
worker_priority -10; | |
worker_rlimit_nofile 260000; | |
timer_resolution 100ms; | |
pcre_jit on; | |
include /usr/local/nginx/conf/dynamic-modules.conf; | |
pid logs/nginx.pid; | |
events { | |
worker_connections 50000; | |
accept_mutex off; | |
accept_mutex_delay 200ms; | |
use epoll; | |
#multi_accept on; | |
} | |
http { | |
map_hash_bucket_size 128; | |
map_hash_max_size 4096; | |
server_names_hash_bucket_size 128; | |
server_names_hash_max_size 2048; | |
variables_hash_max_size 2048; | |
limit_req_zone $binary_remote_addr zone=xwplogin:16m rate=40r/m; | |
#limit_conn_zone $binary_remote_addr zone=xwpconlimit:16m; | |
# sets Centmin Mod headers via headers more nginx module | |
# https://github.com/openresty/headers-more-nginx-module | |
# don't remove the first 2 lines as centmin mod checks to see if they're | |
# missing and re-adds them anyway. Just uncomment the 3rd & 4th lines | |
# which is used to override the Server header to what you want = nginx | |
# and remove the X-Powered-By header + restart nginx service | |
# do not disable headers more nginx module itself as it's required for | |
# other centmin mod features like redis nginx level caching & letsencrypt | |
# integration in vhosts created by addons/acmetool.sh | |
more_set_headers "Server: nginx centminmod"; | |
more_set_headers "X-Powered-By: centminmod"; | |
#more_set_headers "Server: nginx"; | |
#more_clear_headers "X-Powered-By"; | |
# uncomment cloudflare.conf include if using cloudflare for | |
# server and/or vhost site + setup cron job for command | |
# /usr/local/src/centminmod/tools/csfcf.sh auto | |
# run the auto command once to populate cloudflare ips | |
#include /usr/local/nginx/conf/cloudflare.conf; | |
# uncomment incapsula.conf include if using incapsula for | |
# server and/or vhost site + setup cron job for command | |
# /usr/local/src/centminmod/tools/csfincapsula.sh auto | |
# run the auto command once to popular incapsula ips | |
#include /usr/local/nginx/conf/incapsula.conf; | |
include /usr/local/nginx/conf/maintenance.conf; | |
#include /usr/local/nginx/conf/vts_http.conf; | |
include /usr/local/nginx/conf/geoip.conf; | |
include /usr/local/nginx/conf/webp.conf; | |
#include /usr/local/nginx/conf/pagespeedadmin.conf; | |
include /usr/local/nginx/conf/fastcgi_param_https_map.conf; | |
log_format main '$remote_addr - $remote_user [$time_local] $request ' | |
'"$status" $body_bytes_sent "$http_referer" ' | |
'"$http_user_agent" "$http_x_forwarded_for" "$gzip_ratio"' | |
' "$connection" "$connection_requests" "$request_time"'; | |
log_format ddos-proxy '$remote_addr for $http_x_real_ip - $remote_user [$time_local] $request ' | |
'"$status" $body_bytes_sent "$http_referer" ' | |
'"$http_user_agent" "$http_x_forwarded_for" "$gzip_ratio"' | |
' "$connection" "$connection_requests" "$request_time"'; | |
log_format main_ext '$remote_addr - $remote_user [$time_local] "$request" ' | |
'$status $body_bytes_sent "$http_referer" ' | |
'"$http_user_agent" "$http_x_forwarded_for" ' | |
'rt=$request_time ua="$upstream_addr" ' | |
'us="$upstream_status" ut="$upstream_response_time" ' | |
'ul="$upstream_response_length" ' | |
'cs=$upstream_cache_status' ; | |
access_log off; | |
error_log logs/error.log warn; | |
index index.php index.html index.htm; | |
include mime.types; | |
default_type application/octet-stream; | |
charset utf-8; | |
sendfile on; | |
sendfile_max_chunk 512k; | |
tcp_nopush on; | |
tcp_nodelay on; | |
server_tokens off; | |
server_name_in_redirect off; | |
keepalive_timeout 5; | |
keepalive_requests 500; | |
lingering_time 20s; | |
lingering_timeout 5s; | |
keepalive_disable msie6; | |
gzip on; | |
gzip_vary on; | |
gzip_disable "MSIE [1-6]\."; | |
gzip_static on; | |
gzip_min_length 1400; | |
gzip_buffers 32 8k; | |
gzip_http_version 1.0; | |
gzip_comp_level 5; | |
gzip_proxied any; | |
gzip_types text/plain text/css text/xml application/javascript application/x-javascript application/xml application/xml+rss application/ecmascript application/json image/svg+xml; | |
client_body_buffer_size 256k; | |
client_body_in_file_only off; | |
client_body_timeout 60s; | |
client_header_buffer_size 64k; | |
## how long a connection has to complete sending | |
## it's headers for request to be processed | |
client_header_timeout 10s; | |
client_max_body_size 1024m; | |
connection_pool_size 512; | |
directio 4m; | |
directio_alignment 512; | |
ignore_invalid_headers on; | |
large_client_header_buffers 8 64k; | |
output_buffers 1 512k; | |
postpone_output 1460; | |
proxy_temp_path /tmp/nginx_proxy/; | |
request_pool_size 32k; | |
reset_timedout_connection on; | |
send_timeout 60s; | |
types_hash_max_size 2048; | |
# for nginx proxy backends to prevent redirects to backend port | |
# port_in_redirect off; | |
open_file_cache max=50000 inactive=60s; | |
open_file_cache_valid 120s; | |
open_file_cache_min_uses 2; | |
open_file_cache_errors off; | |
open_log_file_cache max=10000 inactive=30s min_uses=2; | |
## limit number of concurrency connections per ip to 16 | |
## add to your server {} section the next line | |
## limit_conn limit_per_ip 16; | |
## uncomment below line allows 500K sessions | |
# limit_conn_log_level error; | |
####################################### | |
# use limit_zone for Nginx <v1.1.7 and lower | |
# limit_zone $binary_remote_addr zone=limit_per_ip:16m; | |
####################################### | |
# use limit_conn_zone for Nginx >v1.1.8 and higher | |
# limit_conn_zone $binary_remote_addr zone=limit_per_ip:16m; | |
####################################### | |
include /usr/local/nginx/conf/conf.d/*.conf; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment