Skip to content

Instantly share code, notes, and snippets.

@goregrish
Last active October 30, 2023 13:39
Show Gist options
  • Save goregrish/7d9e7fa8e5538e2c044cac9150056b90 to your computer and use it in GitHub Desktop.
Save goregrish/7d9e7fa8e5538e2c044cac9150056b90 to your computer and use it in GitHub Desktop.
Xenforo forum (cloudflare enabled) nginx.conf for virtual hosting domains from /etc/nginx/domains/ | handles 15,000 Unique Visitors per day
user nginx nginx;
worker_processes auto; #some last versions calculate it automatically
# number of file descriptors used for nginx
# the limit for the maximum FDs on the server is usually set by the OS.
# if you don't set FD's then OS settings will be used which is by default 2000
worker_rlimit_nofile 100000;
# only log critical errors
error_log /var/log/nginx/error.log;
# provides the configuration file context in which the directives that affect connection processing are specified.
events {
# determines how much clients will be served per worker
# max clients = worker_connections * worker_processes
# max clients is also limited by the number of socket connections available on the system (~64k)
worker_connections 4000;
# optimized to serve many clients with each thread, essential for linux -- for testing environment
use epoll;
# accept as many connections as possible, may flood worker connections if set too low -- for testing environment
multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
types_hash_bucket_size 64;
server_tokens off;
access_log off;
client_max_body_size 150M;
client_body_buffer_size 200M;
#Cloudflare
# - IPv4
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 131.0.72.0/22;
# - IPv6
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2a06:98c0::/29;
set_real_ip_from 2c0f:f248::/32;
real_ip_header CF-Connecting-IP;
# allow the server to close connection on non responding client, this will free up memory
reset_timedout_connection on;
# request timed out -- default 60
client_body_timeout 10;
# if client stop responding, free up memory -- default 60
send_timeout 2;
# server will close connection after this time -- default 75
keepalive_timeout 30;
# copies data between one FD and other from within the kernel
# faster than read() + write()
sendfile on;
# send headers in one piece, it is better than sending them one by one
tcp_nopush on;
# don't buffer data sent, good for small data bursts in real time
tcp_nodelay on;
fastcgi_buffer_size 16k;
fastcgi_buffers 16 16k;
types_hash_max_size 2048;
server_names_hash_bucket_size 64;
## Load virtual host conf files. ##
include /etc/nginx/domains/*;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment