0 Members and 1 Guest are viewing this topic.
# Virtual host file starts hereserver {listen 123.123.123.123:443;access_log /var/log/nginx/access.domain.com.log;error_log /var/log/nginx/error.domain.com.log;server_name domain.com www.domain.com;root /home/domain/public_html;ssl on;ssl_certificate /etc/pki/tls/certs/domain.com.bundle;ssl_certificate_key /etc/pki/tls/private/domain.com.key;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;ssl_prefer_server_ciphers on;ssl_session_cache shared:SSL:20m;ssl_session_timeout 60m;add_header Strict-Transport-Security "max-age=31536000";add_header X-Content-Type-Options nosniff;location / {location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh)\$ {expires 7d; #Comment this out if you are using the apache backend cache-control/expires headers.try_files \$uri \@backend;}error_page 405 = \@backend;error_page 500 = \@custom;add_header X-Cache "HIT from Backend";proxy_pass http://123.123.123.123:82;include proxy.inc;}location \@backend {internal;proxy_pass http://123.123.123.123:82;include proxy.inc;}location \@custom {internal;proxy_pass http://123.123.123.123:82;include proxy.inc;}location ~ .*\.(php|jsp|cgi|pl|py)?\$ {proxy_pass http://123.123.123.123:82;include proxy.inc;}location ~ /\.ht {deny all;}}# Virtual host file ends here
# Nginx config starts hereuser nobody;worker_processes auto;#worker_rlimit_nofile 20480;error_log /var/log/nginx/error.log warn;pid /var/run/nginx.pid;events { worker_connections 4096; # increase for busier servers use epoll; # you should use epoll for Linux kernels 2.6.x multi_accept on;}http { open_file_cache max=5000 inactive=30s; open_file_cache_valid 120s; open_file_cache_min_uses 2; open_file_cache_errors off; open_log_file_cache max=1024 inactive=30s min_uses=2; server_names_hash_max_size 10240; server_names_hash_bucket_size 1024; include mime.types; default_type application/octet-stream; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 20; gzip on; gzip_vary on; gzip_disable "MSIE [1-6]\."; gzip_proxied any; gzip_http_version 1.1; gzip_min_length 1000; gzip_comp_level 6; gzip_buffers 16 8k; gzip_types text/plain text/xml text/css application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg application/xml+rss text/javascript application/atom+xml application/javascript application/json; ignore_invalid_headers on; client_header_timeout 3m; client_body_timeout 3m; client_max_body_size 200m; send_timeout 3m; connection_pool_size 256; client_header_buffer_size 4k; large_client_header_buffers 4 32k; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; proxy_temp_path /tmp/nginx_temp; log_format bytes_log "$msec $bytes_sent ."; # Include site configurations include /etc/nginx/conf.d/*.conf;}