use nginx worker processes auto

TEXT 194

Guest on 28th November 2024 07:08:04 AM

user nginx;
worker_processes auto;
timer_resolution 100ms;
worker_rlimit_nofile 2048;
error_log /var/log/nginx/error.log info;
events {
worker_connections 512;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" ';
gzip on;
gzip_min_length 4096;
gzip_buffers 16 8k;
gzip_types text/css text/xml application/xml application/x-javascript application/javascript text/javascript text/plain;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
# Simple anti-DDoS protection, part 1, limiting the timeouts and buffer sizes:
client_header_timeout 5;
client_body_timeout 5;
send_timeout 5;
keepalive_timeout 10;
reset_timedout_connection on;
# Required on aarch64 (a1 and m6g AWS instances):
#server_names_hash_bucket_size 64;
large_client_header_buffers 4 16k;
client_max_body_size 32m;
# Protect against a bug in IE 10&11, http://habrahabr.ru/company/pt/blog/249809/ :
add_header X-Frame-Options SAMEORIGIN;
# Hide the version of nginx from hackers:
server_tokens off;
# Simple anti-DDoS protection, part 2.1, limiting the number of connection and requests per IP address:
limit_req_zone $binary_remote_addr zone=reqsperip:16m rate=4r/s;
limit_conn_zone $binary_remote_addr zone=connsperip:16m;
# Simple anti-DDoS protection, part 4, beating off the bots that do not send Host: headers
server {
listen *:80;
server_name noname;
return 444;
}
server {
listen *:80;
server_name localhost;
access_log /var/log/nginx/pma.log main;
index index.php index.html;
root /www/pma;
# Simple anti-DDoS protection, part 2.2a, maximum 8 connections per source IP:
limit_conn connsperip 8;
location / { try_files $uri $uri/ /index.php$is_args$args; }
location ~ \.php$ {
# Simple anti-DDoS protection, part 2.2b, maximum 12 requests to PHP scripts per source IP:
limit_req zone=reqsperip burst=12 nodelay;
fastcgi_pass 127.0.0.1:59038;
fastcgi_buffer_size 16k;
fastcgi_busy_buffers_size 16k;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
include static.conf;
}
}

Raw Paste

user nginx;
worker_processes auto;
timer_resolution   100ms;
worker_rlimit_nofile 2048;

error_log /var/log/nginx/error.log info;

events {
        worker_connections  512;
        use epoll;
}

http {
        include         /etc/nginx/mime.types;
        default_type    application/octet-stream;

log_format main
                '$remote_addr - $remote_user [$time_local] '
                '"$request" $status $bytes_sent '
                '"$http_referer" "$http_user_agent" ';

gzip on;
        gzip_min_length 4096;
        gzip_buffers    16 8k;
        gzip_types text/css text/xml application/xml application/x-javascript application/javascript text/javascript text/plain;

sendfile        on;
        tcp_nopush      on;
        tcp_nodelay     on;

# Simple anti-DDoS protection, part 1, limiting the timeouts and buffer sizes:
        client_header_timeout      5;
        client_body_timeout        5;
        send_timeout               5;
        keepalive_timeout          10;
        reset_timedout_connection  on;
      
        # Required on aarch64 (a1 and m6g AWS instances):
        #server_names_hash_bucket_size 64;

large_client_header_buffers 4 16k;
        client_max_body_size          32m;

# Protect against a bug in IE 10&11, http://habrahabr.ru/company/pt/blog/249809/ :
        add_header X-Frame-Options SAMEORIGIN;

# Hide the version of nginx from hackers:
        server_tokens off;

# Simple anti-DDoS protection, part 2.1, limiting the number of connection and requests per IP address:
        limit_req_zone $binary_remote_addr zone=reqsperip:16m rate=4r/s;
        limit_conn_zone $binary_remote_addr zone=connsperip:16m;

# Simple anti-DDoS protection, part 4, beating off the bots that do not send  Host: headers
        server {
               listen *:80;
               server_name  noname;
               return  444;
        }

server {
                listen          *:80;
                server_name     localhost;
                access_log      /var/log/nginx/pma.log main;
                index           index.php  index.html;
                root            /www/pma;

# Simple anti-DDoS protection, part 2.2a, maximum 8 connections per source IP:
                limit_conn connsperip 8;

location / { try_files $uri $uri/ /index.php$is_args$args; }

location ~ \.php$ {
                  # Simple anti-DDoS protection, part 2.2b, maximum 12 requests to PHP scripts per source IP:
                  limit_req zone=reqsperip burst=12 nodelay;
                  fastcgi_pass   127.0.0.1:59038;
                  fastcgi_buffer_size   16k;
                  fastcgi_busy_buffers_size  16k;
                  include        fastcgi_params;
                  fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
                }

include static.conf;
        }
}