作者:王丹__-划_402 | 来源:互联网 | 2017-10-31 20:56
文章标题:nginx关于服务静态文件的配置。Linux是中国IT实验室的一个技术频道。包含桌面应用,Linux系统管理,内核研究,嵌入式系统和开源等一些基本分类
我们的目标是配置一个服务最快且cpu/io利用最有效的服务器,更重要的是一个安全的web服务器,下面的配置文件适用于最新版nginx。
写道
#######################################################
### Calomel.org /etc/nginx.conf BEGIN
#######################################################
#
pid /var/run/nginx.pid;
user nginx nginx;
worker_processes 2;
events {
worker_connections 1024;
}
http {
## MIME types
include mime.types;
# types {
# image/gif gif;
# image/jpeg jpg;
# image/png png;
# image/bmp bmp;
# image/x-icon ico;
# text/css css;
# text/html html;
# text/plain bob;
# text/plain txt;
}
default_type application/octet-stream;
## Size Limits
client_body_buffer_size 8k;
client_header_buffer_size 1k;
client_max_body_size 1k;
large_client_header_buffers 1 1k;
## Timeouts
client_body_timeout 5;
client_header_timeout 5;
keepalive_timeout 5 5;
send_timeout 5;
## General Options
ignore_invalid_headers on;
limit_zone gulag $binary_remote_addr 1m;
recursive_error_pages on;
sendfile on;
server_name_in_redirect off;
server_tokens off;
## TCP options
tcp_nodelay on;
tcp_nopush on;
## Compression
gzip on;
gzip_static on;
gzip_buffers 16 8k;
gzip_comp_level 9;
gzip_http_version 1.0;
gzip_min_length 0;
gzip_types text/plain text/html text/css image/x-icon image/bmp;
gzip_vary on;
## Log Format
log_format main '$remote_addr $host $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" "$http_user_agent" "$gzip_ratio"';
## Deny access to any host other than (www.)mydomain.com
server {
server_name _; #default
return 444;
}
## Server (www.)mydomain.com
server {
access_log /var/log/nginx/access.log main buffer=32k;
error_log /var/log/nginx/error.log info;
expires 31d;
limit_conn gulag 5;
listen 127.0.0.1:8080 rcvbuf=64k backlog=128;
root /disk01/htdocs;
server_name mydomain.com www.mydomain;
## SSL Options (only enable if you use a SSL certificate)
# ssl on;
# ssl_certificate /ssl_keys/mydomain.com_ssl.crt;
# ssl_certificate_key /ssl_keys/mydomain_ssl.key;
# ssl_ciphers HIGH:!ADH:!MD5;
# ssl_prefer_server_ciphers on;
# ssl_protocols SSLv3;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
## Only allow GET and HEAD request methods
if ($request_method !~ ^(GET|HEAD)$ ) {
return 444;
}
[1] [2] [3] 下一页