ftkro/nginx.conf

## nginx.conf
user  nginx;
worker_processes  3;
worker_cpu_affinity 001 010 100;
error_log  /var/log/nginx/default.error.log warn;
pid        /var/run/srv-nginx.pid;

worker_rlimit_nofile    10240;
events {
    worker_connections  5120;
    use epoll;
    multi_accept on;
    accept_mutex_delay 100ms;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format main    '$remote_addr - $remote_user [$time_local] "$request" '
                       '$status $body_bytes_sent "$http_referer" '
                       '"$http_user_agent" "$http_x_forwarded_for"';
    log_format backend '$http_x_forwarded_for - $remote_user [$time_local] "$request" '
                       '$status $body_bytes_sent "$http_referer" '
                       '"$http_user_agent"';

    access_log  /var/log/nginx/access.log  main;

    server_name_in_redirect off;
    server_tokens      off;
    proxy_ignore_client_abort on;
    sendfile           on;
    #aio                 on;
    tcp_nopush         on;
    keepalive_timeout  5;
    keepalive_requests 500000;
    client_max_body_size    25m;
    client_body_buffer_size 256k;
    proxy_buffers 8 32k;
    proxy_buffer_size 64k;
    if_modified_since before;

    gzip              off;

    proxy_cache_path  /tmp/proxy_cache levels=1:2
                      keys_zone=czone:32m max_size=256m inactive=1440m;
    proxy_temp_path   /var/cache/nginx/proxy_temp;
    proxy_cache_key   "$scheme://$host$request_uri";
    proxy_set_header  Host               $host;
    proxy_set_header  X-Real-IP          $remote_addr;
    proxy_set_header  Remote-Addr        $remote_addr;
    proxy_set_header  X-Forwarded-Host   $host;
    proxy_set_header  X-Forwarded-Server $host;
    proxy_set_header  X-Forwarded-For    $proxy_add_x_forwarded_for;
    proxy_set_header  Accept-Encoding    "";
    proxy_set_header  X-UA-Detect        $mobile;
    proxy_hide_header X-Pingback;
    proxy_hide_header Link;
    proxy_hide_header ETag;
    proxy_connect_timeout 5;
    proxy_send_timeout 10;
    proxy_read_timeout 120;
    proxy_cache_use_stale timeout invalid_header http_500 http_502 http_503 http_504;
    proxy_cache_lock on;
    proxy_cache_lock_timeout 5s;

    fastcgi_cache_path /tmp/fastcgi_cache levels=1:2
    keys_zone=fastcgizone:32m inactive=60m;
    fastcgi_cache_key "$scheme$request_method$host$request_uri$mobile_request";
    fastcgi_cache_use_stale error timeout invalid_header http_500;
    limit_req_zone $request_method zone=method:1m rate=250r/s;
    limit_conn_zone $binary_remote_addr zone=arbeit:10m;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    reset_timedout_connection on;
    tcp_nodelay on;
    upstream backend {
        server unix:/var/run/nginx-backend.sock;
        keepalive 7200;
    }
    upstream phpfpm {
        #server unix:/var/run/php/php5-fpm.sock;
        server unix:/var/run/php5-fpm.sock;
        keepalive 7200;
        }
    more_set_headers "X-Frame-Options: SAMEORIGIN";
    more_set_headers "X-Content-Type-Options: nosniff";
    more_set_headers "X-XSS-Protection: 1; mode=block";
    more_set_headers "X-Permitted-Cross-Domain-Policies: master-only";
    include /etc/nginx/conf.d/*.conf;
}
	user nginx;
	worker_processes 3;
	worker_cpu_affinity 001 010 100;
	error_log /var/log/nginx/default.error.log warn;
	pid /var/run/srv-nginx.pid;

	worker_rlimit_nofile 10240;
	events {
	worker_connections 5120;
	use epoll;
	multi_accept on;
	accept_mutex_delay 100ms;
	}


	http {
	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_x_forwarded_for"';
	log_format backend '$http_x_forwarded_for - $remote_user [$time_local] "$request" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent"';

	access_log /var/log/nginx/access.log main;

	server_name_in_redirect off;
	server_tokens off;
	proxy_ignore_client_abort on;
	sendfile on;
	#aio on;
	tcp_nopush on;
	keepalive_timeout 5;
	keepalive_requests 500000;
	client_max_body_size 25m;
	client_body_buffer_size 256k;
	proxy_buffers 8 32k;
	proxy_buffer_size 64k;
	if_modified_since before;

	gzip off;

	proxy_cache_path /tmp/proxy_cache levels=1:2
	keys_zone=czone:32m max_size=256m inactive=1440m;
	proxy_temp_path /var/cache/nginx/proxy_temp;
	proxy_cache_key "$scheme://$host$request_uri";
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header Remote-Addr $remote_addr;
	proxy_set_header X-Forwarded-Host $host;
	proxy_set_header X-Forwarded-Server $host;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Accept-Encoding "";
	proxy_set_header X-UA-Detect $mobile;
	proxy_hide_header X-Pingback;
	proxy_hide_header Link;
	proxy_hide_header ETag;
	proxy_connect_timeout 5;
	proxy_send_timeout 10;
	proxy_read_timeout 120;
	proxy_cache_use_stale timeout invalid_header http_500 http_502 http_503 http_504;
	proxy_cache_lock on;
	proxy_cache_lock_timeout 5s;

	fastcgi_cache_path /tmp/fastcgi_cache levels=1:2
	keys_zone=fastcgizone:32m inactive=60m;
	fastcgi_cache_key "$scheme$request_method$host$request_uri$mobile_request";
	fastcgi_cache_use_stale error timeout invalid_header http_500;
	limit_req_zone $request_method zone=method:1m rate=250r/s;
	limit_conn_zone $binary_remote_addr zone=arbeit:10m;
	ssl_session_cache shared:SSL:10m;
	ssl_session_timeout 10m;
	reset_timedout_connection on;
	tcp_nodelay on;
	upstream backend {
	server unix:/var/run/nginx-backend.sock;
	keepalive 7200;
	}
	upstream phpfpm {
	#server unix:/var/run/php/php5-fpm.sock;
	server unix:/var/run/php5-fpm.sock;
	keepalive 7200;
	}
	more_set_headers "X-Frame-Options: SAMEORIGIN";
	more_set_headers "X-Content-Type-Options: nosniff";
	more_set_headers "X-XSS-Protection: 1; mode=block";
	more_set_headers "X-Permitted-Cross-Domain-Policies: master-only";
	include /etc/nginx/conf.d/*.conf;
	}