user nginx nginx; worker_processes 16; worker_rlimit_nofile 8192; worker_priority -5; error_log /srv/log/nginx/error.log; #error_log /var/log/nginx/error.log notice; #error_log /var/log/nginx/error.log info; pid /srv/pids/nginx.pid; events { worker_connections 2048; use epoll; } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /srv/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; output_buffers 1 32k; postpone_output 1460; server_names_hash_bucket_size 256; client_header_buffer_size 32k; #keepalive_timeout 0; keepalive_timeout 75 20; gzip on; limit_zone slimits $binary_remote_addr 1m; limit_conn slimits 3; ignore_invalid_headers on; limit_req_zone $binary_remote_addr zone=limit:16m rate=5r/s; limit_req_zone $binary_remote_addr zone=limit_def:16m rate=1r/s; limit_zone one $binary_remote_addr 10m; fastcgi_cache_valid 200 301 302 304 1m; fastcgi_cache_key "$request_method|$http_if_modified_since|$http_if_none_match|$host|$request_uri"; reset_timedout_connection on; open_file_cache off; fastcgi_intercept_errors on; gzip_buffers 8 32k; # gzip_static on; gzip_http_version 1.0; gzip_comp_level 9; gzip_vary on; gzip_min_length 1470; gzip_proxied any; gzip_disable "msie6"; gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript; # include conf.d/*.conf; server { # listen *:80; listen 80; server_name localhost; charset utf-8; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 64k; fastcgi_buffers 8 64k; fastcgi_busy_buffers_size 64k; fastcgi_temp_file_write_size 64k; client_body_timeout 10; client_header_timeout 10; send_timeout 60; output_buffers 8 128k; postpone_output 1460; client_max_body_size 2m; access_log /srv/log/nginx/host.access.log main; # location / { # root /srv/www/htdocs/; # index index.php index.html; # } error_page 404 /404.html; # redirect server error pages to the static page /50x.html # # error_page 500 502 503 504 /50x.html; # location = /50x.html { # root /srv/www/htdocs/; # } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location / { root /srv/www/htdocs; fastcgi_intercept_errors on; # limit_conn one 10; index index.php; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME /srv/www/htdocs/$fastcgi_script_name; include fastcgi_params; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\.ht { deny all; } location ~* ^.+\.(jpg|jpeg|gif|png|bmp|htm|html|ico|rar|css|js|zip|java|jar|txt|flv|swf|mid|doc|ppt|xls|pdf|txt|mp3|wma|rss|xml|avi|mpg|iso|djvu|mkv|exe|7z)$ { add_header Cache-Control public; access_log off; root /srv/www/htdocs; expires 30d; break; } } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root /srv/www/htdocs/; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443; # server_name localhost; # ssl on; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_timeout 5m; # ssl_protocols SSLv2 SSLv3 TLSv1; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root /srv/www/htdocs/; # index index.html index.htm; # } #} include vhosts.d/*.conf; }