| 1 | user www-data;
|
|---|
| 2 | worker_processes 4;
|
|---|
| 3 |
|
|---|
| 4 | error_log /var/log/httpd/nginx-error.log notice;
|
|---|
| 5 |
|
|---|
| 6 | pid /var/run/nginx.pid;
|
|---|
| 7 |
|
|---|
| 8 |
|
|---|
| 9 | events {
|
|---|
| 10 | worker_connections 1024;
|
|---|
| 11 | }
|
|---|
| 12 |
|
|---|
| 13 | http {
|
|---|
| 14 | include mime.types;
|
|---|
| 15 | default_type application/octet-stream;
|
|---|
| 16 |
|
|---|
| 17 | log_format main '$remote_addr $host - $remote_user [$time_local] "$request" '
|
|---|
| 18 | '$status $body_bytes_sent "$http_referer" '
|
|---|
| 19 | '"$http_user_agent" "$http_x_forwarded_for" "$gzip_ratio"';
|
|---|
| 20 |
|
|---|
| 21 | access_log /var/log/httpd/nginx-access.log main;
|
|---|
| 22 |
|
|---|
| 23 | limit_zone arbeit $binary_remote_addr 1m;
|
|---|
| 24 |
|
|---|
| 25 | server_tokens off;
|
|---|
| 26 |
|
|---|
| 27 | reset_timedout_connection on;
|
|---|
| 28 | sendfile on;
|
|---|
| 29 | tcp_nopush on;
|
|---|
| 30 | tcp_nodelay on;
|
|---|
| 31 |
|
|---|
| 32 | open_file_cache max=1000 inactive=60s;
|
|---|
| 33 | open_file_cache_valid 90s;
|
|---|
| 34 | open_file_cache_min_uses 2;
|
|---|
| 35 | open_file_cache_errors on;
|
|---|
| 36 |
|
|---|
| 37 | client_max_body_size 20m;
|
|---|
| 38 | client_body_buffer_size 128k;
|
|---|
| 39 |
|
|---|
| 40 | keepalive_timeout 75;
|
|---|
| 41 |
|
|---|
| 42 | ssl_session_cache shared:SSL:10m;
|
|---|
| 43 | ssl_session_timeout 10m;
|
|---|
| 44 | ssl_protocols SSLv3 TLSv1;
|
|---|
| 45 | ssl_ciphers HIGH:!aNULL:!MD5;
|
|---|
| 46 | ssl_prefer_server_ciphers on;
|
|---|
| 47 |
|
|---|
| 48 | gzip on;
|
|---|
| 49 | gzip_min_length 1100;
|
|---|
| 50 | gzip_comp_level 6;
|
|---|
| 51 | gzip_proxied any;
|
|---|
| 52 | gzip_buffers 16 8k;
|
|---|
| 53 | gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/xhtml+xml image/bmp;
|
|---|
| 54 | gzip_vary on;
|
|---|
| 55 | gzip_disable "msie6";
|
|---|
| 56 |
|
|---|
| 57 | add_header X-Frame-Options sameorigin;
|
|---|
| 58 |
|
|---|
| 59 | geoip_country /usr/local/share/GeoIP/GeoIP.dat;
|
|---|
| 60 | geoip_city /usr/local/share/GeoIP/GeoLiteCity.dat;
|
|---|
| 61 |
|
|---|
| 62 | server {
|
|---|
| 63 | listen 192.168.10.80:80 default_server accept_filter=httpready;
|
|---|
| 64 | server_name web1.vps
|
|---|
| 65 |
|
|---|
| 66 | allow all;
|
|---|
| 67 |
|
|---|
| 68 | rewrite ^(.*) https://$host$1 permanent;
|
|---|
| 69 |
|
|---|
| 70 | location ~ /\.ht {
|
|---|
| 71 | deny all;
|
|---|
| 72 | }
|
|---|
| 73 | }
|
|---|
| 74 |
|
|---|
| 75 | server {
|
|---|
| 76 | listen 192.168.10.80:443 default_server accept_filter=httpready;
|
|---|
| 77 | server_name web1.vps
|
|---|
| 78 |
|
|---|
| 79 | allow all;
|
|---|
| 80 |
|
|---|
| 81 | ssl on;
|
|---|
| 82 | ssl_certificate /usr/local/etc/ssl/httpd/crt/vps.crt;
|
|---|
| 83 | ssl_certificate_key /usr/local/etc/ssl/httpd/key/server.key;
|
|---|
| 84 |
|
|---|
| 85 | location / {
|
|---|
| 86 | root /usr/local/www/nginx;
|
|---|
| 87 | index index.html index.htm index.php;
|
|---|
| 88 | }
|
|---|
| 89 |
|
|---|
| 90 | error_page 500 502 503 504 /50x.html;
|
|---|
| 91 | location = /50x.html {
|
|---|
| 92 | root /usr/local/www/nginx-dist;
|
|---|
| 93 | }
|
|---|
| 94 |
|
|---|
| 95 | location = /favicon.ico {
|
|---|
| 96 | log_not_found off;
|
|---|
| 97 | access_log off;
|
|---|
| 98 | }
|
|---|
| 99 |
|
|---|
| 100 | location = /robots.txt {
|
|---|
| 101 | allow all;
|
|---|
| 102 | log_not_found off;
|
|---|
| 103 | # access_log off;
|
|---|
| 104 | }
|
|---|
| 105 |
|
|---|
| 106 | location ~ /\.ht {
|
|---|
| 107 | deny all;
|
|---|
| 108 | }
|
|---|
| 109 | }
|
|---|
| 110 |
|
|---|
| 111 | include /usr/local/etc/nginx/conf.d/*.conf;
|
|---|
| 112 | include /usr/local/etc/nginx/sites-enabled/*.conf;
|
|---|
| 113 | }
|
|---|
