####################################################### ### nginx.conf BEGIN ####################################################### # pid /var/run/nginx.pid; user www www; worker_processes 4; worker_rlimit_nofile 8192; events { worker_connections 4096; use epoll; } http { ## MIME types include /usr/local/etc/fastcgi.conf; include /usr/local/etc/mime.types; default_type application/octet-stream; ## Size Limits client_body_buffer_size 1k; client_header_buffer_size 1k; client_max_body_size 10m; large_client_header_buffers 3 3k; connection_pool_size 256; request_pool_size 4k; server_names_hash_bucket_size 128; ## Timeouts client_body_timeout 60; client_header_timeout 60; keepalive_timeout 75 20; send_timeout 60; ## General Options ignore_invalid_headers on; limit_zone gulag $binary_remote_addr 1m; recursive_error_pages on; sendfile on; set_real_ip_from 127.0.0.0/16; real_ip_header X-Forwarded-For; ## TCP options tcp_nodelay on; tcp_nopush on; ## Compression gzip on; gzip_buffers 16 8k; gzip_comp_level 9; gzip_http_version 1.1; gzip_min_length 10; gzip_types text/plain text/css image/png image/gif image/jpeg application/x-javascript text/xml application/xml application/xml+rss text/javascript; gzip_vary on; gzip_static on; gzip_proxied any; gzip_disable "MSIE [1-6]\."; ## Log Format log_format main '"$http_x_forwarded_for" $host [$time_local] ' '"$request" $status $body_bytes_sent ' '$request_length $bytes_sent "$http_referer" ' '"$http_user_agent" $request_time "$gzip_ratio"'; client_body_temp_path /var/cache/nginx/client_body_temp 1 2; access_log /var/log/nginx/access.log main; error_log /var/log/nginx/error.log crit; ####################################################### ### nginx.conf catch-all ####################################################### server { limit_conn gulag 10; listen 127.0.0.1:88; server_name _; root /data/u/$host/; index index.php index.html; ## Deny some crawlers if ($http_user_agent ~* (HTTrack|HTMLParser|libwww) ) { return 444; } ## Deny certain Referers (case insensitive) if ($http_referer ~* (poker|sex|girl) ) { return 444; } ## www. redirect if ($host ~* ^(www\.)(.+)) { set $rawdomain $2; rewrite ^/(.*)$ http://$rawdomain/$1 permanent; } ## 6.x starts location / { #rewrite ^/(.*)/$ /$1 permanent; # remove trailing slashes - disabled try_files $uri @cache; } location @cache { if ( $request_method !~ ^(GET|HEAD)$ ) { return 405; } if ($http_cookie ~ "DRUPAL_UID") { return 405; } error_page 405 = @drupal; add_header Expires "Tue, 24 Jan 1984 08:00:00 GMT"; add_header Cache-Control "must-revalidate, post-check=0, pre-check=0"; add_header X-Header "Boost Citrus 1.9"; charset utf-8; try_files /cache/$host${uri}_$args.html @drupal; } location @drupal { rewrite ^/\?q=([^.]+)$ /index.php?q=$1 last; rewrite ^/(.*)\?token=([^.]+)$ /index.php?q=$1&token=$2 last; rewrite ^/([^.]+)\?t=([^.]+)$ /index.php?q=$1&t=$2 last; rewrite ^/([^.]+)\?string=([^.]+)$ /index.php?q=$1&string=$2 last; rewrite ^/([^.]+)\?destination=([^.]+)$ /index.php?q=$1&destination=$2 last; rewrite ^/([^.]+)\?page=([^.]+)$ /index.php?q=$1&page=$2 last; rewrite ^/([^.]+)\?filter0=([^\/]+)$ /index.php?q=$1&filter0=$2 last; rewrite ^/([^.]+)\?sort([^.]+)$ /index.php?q=$1&sort$2 last; rewrite ^/([^.]+)\?slide=([^.]+)$ /index.php?q=$1&slide=$2 last; rewrite ^/([^.]+)\?quote([^.]+)$ /index.php?q=$1"e$2 last; rewrite ^/(.+)$ /index.php?q=$1 last; } location ~* (/\..*|settings\.php$|\.(htaccess|engine|inc|info|install|module|profile|pl|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(Entries.*|Repository|Root|Tag|Template))$ { deny all; } location ~* /files/.*\.php$ { } location ~ \.php$ { try_files $uri @drupal; #check for existence of php file fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; } location ~ \.css$ { if ( $request_method !~ ^(GET|HEAD)$ ) { return 405; } if ($http_cookie ~ "DRUPAL_UID") { return 405; } error_page 405 = @uncached; access_log off; expires max; #if using aggregator add_header X-Header "Boost Citrus 2.1"; try_files /cache/$host${uri}_.css $uri =404; } location ~ \.js$ { if ( $request_method !~ ^(GET|HEAD)$ ) { return 405; } if ($http_cookie ~ "DRUPAL_UID") { return 405; } error_page 405 = @uncached; access_log off; expires max; # if using aggregator add_header X-Header "Boost Citrus 2.2"; try_files /cache/$host${uri}_.js $uri =404; } location @uncached { access_log off; expires max; # max if using aggregator, otherwise sane expire time } location ~* ^.+\.(jpg|jpeg|gif|png|ico)$ { access_log off; try_files $uri @drupal; } location ~ (/rss\.xml$|/feed$) { if ( $request_method !~ ^(GET|HEAD)$ ) { return 405; } if ($http_cookie ~ "DRUPAL_UID") { return 405; } error_page 405 = @drupal; add_header Expires "Tue, 24 Jan 1984 08:00:00 GMT"; add_header Cache-Control "must-revalidate, post-check=0, pre-check=0"; add_header X-Header "Boost Citrus 2.3"; charset utf-8; default_type text/xml; try_files /cache/$host${uri}_.xml $uri @drupal; } } # end of server ####################################################### ### nginx.conf catch-all ####################################################### }