nginx- virtual host
# limit the processing rate of requests coming from a single IP address and, at the same time
# use $binary_remote_addr instead of $remote_addr
limit_req_zone $binary_remote_addr zone=perip:10m rate=1r/s;
limit_req_zone $binary_remote_addr zone=login:10m rate=1r/s;
limit_conn_zone $binary_remote_addr zone=addr:10m; #store requests for the specified key
# cache for fastcgi
fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=APPKEY:100m inactive=60m max_size=100m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
server {
listen 80;
# listen [::]:80 ipv6only=on default_server;
# listen 443 ssl https default_server; # ssl
server_name hoangweb.com www.hoangweb.com;
root /usr/share/nginx/html/hoangweb;
index index.php index.html index.htm;
charset utf-8;
error_log /var/log/nginx/hoangweb-error.log;
access_log off;
log_not_found off;
# Prevent directory listing
autoindex off;
# error page
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location /404.html {
internal;
}
# Deliver 404 instead of 403 "Forbidden"
error_page 403 = 404;
# Closing Slow Connections
client_max_body_size 50M;
client_body_timeout 5s; #how long NGINX waits between writes of the client body
client_header_timeout 5s; # how long NGINX waits between writes of client headers
client_body_buffer_size 128k;
# limit request, nodelay: not show 503 error when reach limit queue.
limit_req zone=perip burst=10 nodelay;
# Define default caching of 24h
expires 86400s;
add_header Pragma public;
add_header Cache-Control "max-age=86400, public, must-revalidate, proxy-revalidate";
#location ~* \.(html|js|css|gif|jpg|jpeg|png|bmp|tif|pdf|ico|swf|wmv|flv)$ {
# cache static content, so you can cache other location (for dynamic content)
# # set HTTP response expires header
# expires 90d; #day: 365d
# add_header Cache-Control "public";
# access_log off;
# error_log off;
# log_not_found off;
# try_files $uri =404;
# filehandle caching: keep handler for request static files open
# open_file_cache max=1000 inactive=5m;
# open_file_cache_valid 60s;
# open_file_cache_min_uses 5;
# open_file_cache_errors off;
#}
# Aggressive caching for static files
# If you alter static files often, please use
# add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
location ~* \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|
gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|
mpg|mpe|mpp|odb|odc|odf|odg|odp|ods|odt|ogg|ogv|otf|pdf|png|pot|pps|
ppt|pptx|ra|ram|svg|svgz|swf|tar|t?gz|tif|tiff|ttf|wav|webm|wma|woff|
wri|xla|xls|xlsx|xlt|xlw|zip)$ {
expires 31536000s;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
gzip_vary on;
}
# Rewrite for versioned CSS+JS via filemtime
location ~* ^.+\.(css|js)$ {
rewrite ^(.+)\.(\d+)\.(css|js)$ $1.$3 last;
expires 31536000s;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
#try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ \.(hh|php)$ {
try_files $uri /index.php;
fastcgi_keep_conn on;
proxy_intercept_errors on;
# php_fpm as a fallback in NGINX should a 502 (Bad Gateway) error occur
error_page 502 404 504 = @fallback;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass 127.0.0.1:9000;
#for ubuntu 12 or newer, replace with:
fastcgi_pass unix:/var/run/php5-fpm-hoangweb.sock;
#fastcgi_pass_header "X-Accel-Redirect";
#fastcgi_pass_header "X-Accel-Buffering";
#fastcgi_pass_header "X-Accel-Charset";
#fastcgi_pass_header "X-Accel-Expires"; #<?php header('X-Accel-Expires: '. (60*60*24) )?>
#fastcgi_pass_header "X-Accel-Limit-Rate";
fastcgi_index index.php;
if (!-f $realpath_root$fastcgi_script_name) {
return 404;
}
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include fastcgi_params;
fastcgi_read_timeout 300;
# use cache
fastcgi_cache APPKEY;
fastcgi_cache_valid 200 60m;
}
location /login/ {
# apply rate limiting
# burst=5: dropping requests if more than 5 queue up from a specific IP
limit_req zone=login burst=5;
}
location @fallback {
try_files $uri /index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$; # takes any PHP file
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
#server unix:/var/run/hhvm/hhvm.sock;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
location @notincache {
try_files $uri /index.php;
fastcgi_pass php1;
}
# Deny access to hidden files
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
}
# sub domain
server {
listen *:80;
server_name img.hoangweb.com;
root /usr/share/nginx/html/hoangweb/wp-content/uploads;
index index.php index.html index.htm;
client_max_body_size 50M;
error_log /var/log/nginx/hoangweb-error.log;
access_log off;
error_log off;
}
upstream php1 {
#server unix:/var/run/hhvm/hhvm.sock;
server unix:/var/run/php5-fpm.sock;
}