-
-
Notifications
You must be signed in to change notification settings - Fork 490
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[setup-ngxblocker] add Debian 8 test .conf files for server_names_has…
…h_bucket_size
- Loading branch information
1 parent
9388fa7
commit 36c6fbb
Showing
4 changed files
with
113 additions
and
0 deletions.
There are no files selected for viewing
Binary file not shown.
Binary file not shown.
113 changes: 113 additions & 0 deletions
113
.dev-tools/setup-ngxblocker/commented/debian-8-jessie-hasbucket.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,113 @@ | ||
|
|
||
| user www-data; | ||
|
|
||
| worker_priority 0; | ||
| worker_processes 2; | ||
| worker_cpu_affinity auto; | ||
| worker_rlimit_core 512m; | ||
| worker_rlimit_nofile 65535; | ||
|
|
||
| # daemon on; | ||
| # master_process off; | ||
|
|
||
| # thread_pool default threads=64 max_queue=65535; | ||
|
|
||
|
|
||
| error_log /var/log/nginx/error.log; | ||
| #error_log logs/error.log notice; | ||
| #error_log logs/error.log info; | ||
|
|
||
| #pid logs/nginx.pid; | ||
|
|
||
|
|
||
| events { | ||
| use epoll; | ||
| accept_mutex on; | ||
| accept_mutex_delay 500ms; | ||
| worker_aio_requests 32; | ||
| worker_connections 10240; | ||
| multi_accept on; | ||
| } | ||
|
|
||
|
|
||
| http { | ||
| include mime.types; | ||
| default_type application/octet-stream; | ||
|
|
||
| aio threads; | ||
|
|
||
| # Controlling Buffer Overflow Attacks | ||
| client_body_buffer_size 128k; # maybe fix | ||
| client_body_in_file_only off; | ||
| client_body_in_single_buffer off; | ||
| client_body_timeout 10s; | ||
| client_header_buffer_size 128k; # maybe fix | ||
| client_header_timeout 360s; | ||
| client_max_body_size 1m; # if you need more change this value to 64m | ||
|
|
||
| connection_pool_size 512; | ||
| # disable_symlinks off; | ||
| # etag on; # for static files | ||
| # ignore_invalid_headers on; | ||
|
|
||
| keepalive_disable msie6; | ||
| keepalive_requests 100; # default 100 | ||
| keepalive_timeout 60s; # default 75s | ||
|
|
||
| # large_client_header_buffers 4 256k; # maybe like that 2 1k; | ||
|
|
||
| access_log off; | ||
| log_not_found off; | ||
| log_subrequest off; | ||
|
|
||
| open_file_cache max=65535 inactive=30s; | ||
| open_file_cache_errors on; | ||
| open_file_cache_min_uses 1; | ||
| open_file_cache_valid 60s; | ||
|
|
||
| server_tokens off; | ||
| sendfile on; | ||
| sendfile_max_chunk 0; | ||
| tcp_nodelay on; | ||
|
|
||
|
|
||
| tcp_nopush on; | ||
|
|
||
|
|
||
| types_hash_bucket_size 128; | ||
| types_hash_max_size 2048; | ||
|
|
||
| # Test setup-ngxblocker for duplicate server_names_hash_bucket_size | ||
| server_names_hash_bucket_size 64; | ||
|
|
||
|
|
||
| gzip on; | ||
| gzip_buffers 16 8k; | ||
| gzip_comp_level 4; | ||
| gzip_disable "msie6"; | ||
| gzip_min_length 256; | ||
| gzip_http_version 1.1; | ||
| gzip_proxied any; | ||
| gzip_types application/json application/javascript application/font-woff application/xml application/xml+rss text/css text/javascript text/plain text/xml; | ||
| gzip_vary on; | ||
|
|
||
| ssi on; | ||
| ssi_last_modified on; | ||
| ssi_min_file_chunk 1k; | ||
| ssi_silent_errors on; | ||
| ssi_value_length 256; | ||
|
|
||
| http2_chunk_size 32k; # default 8k | ||
| http2_body_preread_size 64k; # default 64k | ||
| http2_idle_timeout 3m; # default 3m | ||
| http2_max_concurrent_streams 10240; # default 128 | ||
| http2_max_field_size 16k; # default 4k | ||
| http2_max_header_size 32k; # default 16k | ||
| http2_max_requests 10240; # default 1000 | ||
| http2_recv_buffer_size 256k; # default 256k | ||
| http2_recv_timeout 30s; # default 30s | ||
|
|
||
| # nginx-naxsi config | ||
| # include /etc/nginx/naxsi_core.rules; | ||
|
|
||
| } |