divadsn/nginx.conf

## nginx.conf
# default nginx runtime settings
user www-data;
pid /run/nginx.pid;

# you must set worker processes based on your CPU cores, nginx does not benefit from setting more than that
worker_processes auto; #some last versions calculate it automatically

# number of file descriptors used for nginx
# the limit for the maximum FDs on the server is usually set by the OS.
# if you don't set FD's then OS settings will be used which is by default 2000
worker_rlimit_nofile 100000;

# only log critical errors
error_log /var/log/nginx/error.log crit;

# provides the configuration file context in which the directives that affect connection processing are specified.
events {
    # determines how much clients will be served per worker
    # max clients = worker_connections * worker_processes
    # max clients is also limited by the number of socket connections available on the system (~64k)
    worker_connections 4000;

    # optmized to serve many clients with each thread, essential for linux -- for testing environment
    use epoll;

    # accept as many connections as possible, may flood worker connections if set too low -- for testing environment
    multi_accept on;
}

http {
    # mime types
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    # ssl settings
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    # cache informations about FDs, frequently accessed files
    # can boost performance, but you need to test those values
    open_file_cache max=200000 inactive=20s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 2;
    open_file_cache_errors on;

    # to boost I/O on HDD we can disable access logs
    access_log off;

    # copies data between one FD and other from within the kernel
    # faster then read() + write()
    sendfile on;

    # send headers in one peace, its better then sending them one by one
    tcp_nopush on;

    # don't buffer data sent, good for small data bursts in real time
    tcp_nodelay on;

    # reduce the data that needs to be sent over network -- for testing environment
    gzip on;
    gzip_min_length 10240;
    gzip_proxied expired no-cache no-store private auth;
    gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/json application/xml;
    gzip_disable msie6;

    # allow the server to close connection on non responding client, this will free up memory
    reset_timedout_connection on;

    # if the request body size is more than the buffer size, then the entire (or partial)
    # request body is written into a temporary file
    client_body_buffer_size  128k;

    # headerbuffer size for the request header from client -- for testing environment
    client_header_buffer_size 3m;

    # maximum number and size of buffers for large headers to read from client request
    large_client_header_buffers 4 256k;

    # read timeout for the request body from client -- for testing environment
    client_body_timeout 3m;

    # how long to wait for the client to send a request header -- for testing environment
    client_header_timeout 3m;

    # if client stop responding, free up memory -- default 60
    send_timeout 2;

    # server will close connection after this time -- default 75
    keepalive_timeout 30;

    # number of requests client can make over keep-alive -- for testing environment
    keepalive_requests 100000;

    # limit the number of connections per single IP
    limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;

    # limit the number of requests for a given session
    limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;

    # zone which we want to limit by upper values, we want limit whole server
    server {
        limit_conn conn_limit_per_ip 10;
        limit_req zone=req_limit_per_ip burst=10 nodelay;
    }

    # virtual host configs
    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}
	# default nginx runtime settings
	user www-data;
	pid /run/nginx.pid;

	# you must set worker processes based on your CPU cores, nginx does not benefit from setting more than that
	worker_processes auto; #some last versions calculate it automatically

	# number of file descriptors used for nginx
	# the limit for the maximum FDs on the server is usually set by the OS.
	# if you don't set FD's then OS settings will be used which is by default 2000
	worker_rlimit_nofile 100000;

	# only log critical errors
	error_log /var/log/nginx/error.log crit;

	# provides the configuration file context in which the directives that affect connection processing are specified.
	events {
	# determines how much clients will be served per worker
	# max clients = worker_connections * worker_processes
	# max clients is also limited by the number of socket connections available on the system (~64k)
	worker_connections 4000;

	# optmized to serve many clients with each thread, essential for linux -- for testing environment
	use epoll;

	# accept as many connections as possible, may flood worker connections if set too low -- for testing environment
	multi_accept on;
	}

	http {
	# mime types
	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	# ssl settings
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	# cache informations about FDs, frequently accessed files
	# can boost performance, but you need to test those values
	open_file_cache max=200000 inactive=20s;
	open_file_cache_valid 30s;
	open_file_cache_min_uses 2;
	open_file_cache_errors on;

	# to boost I/O on HDD we can disable access logs
	access_log off;

	# copies data between one FD and other from within the kernel
	# faster then read() + write()
	sendfile on;

	# send headers in one peace, its better then sending them one by one
	tcp_nopush on;

	# don't buffer data sent, good for small data bursts in real time
	tcp_nodelay on;

	# reduce the data that needs to be sent over network -- for testing environment
	gzip on;
	gzip_min_length 10240;
	gzip_proxied expired no-cache no-store private auth;
	gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/json application/xml;
	gzip_disable msie6;

	# allow the server to close connection on non responding client, this will free up memory
	reset_timedout_connection on;

	# if the request body size is more than the buffer size, then the entire (or partial)
	# request body is written into a temporary file
	client_body_buffer_size 128k;

	# headerbuffer size for the request header from client -- for testing environment
	client_header_buffer_size 3m;

	# maximum number and size of buffers for large headers to read from client request
	large_client_header_buffers 4 256k;

	# read timeout for the request body from client -- for testing environment
	client_body_timeout 3m;

	# how long to wait for the client to send a request header -- for testing environment
	client_header_timeout 3m;

	# if client stop responding, free up memory -- default 60
	send_timeout 2;

	# server will close connection after this time -- default 75
	keepalive_timeout 30;

	# number of requests client can make over keep-alive -- for testing environment
	keepalive_requests 100000;

	# limit the number of connections per single IP
	limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;

	# limit the number of requests for a given session
	limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;

	# zone which we want to limit by upper values, we want limit whole server
	server {
	limit_conn conn_limit_per_ip 10;
	limit_req zone=req_limit_per_ip burst=10 nodelay;
	}

	# virtual host configs
	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
	}