hoangweb
4/19/2016 - 8:00 AM

nginx- virtual host

nginx- virtual host

# limit the processing rate of requests coming from a single IP address and, at the same time
# use $binary_remote_addr instead of $remote_addr
limit_req_zone $binary_remote_addr zone=perip:10m rate=1r/s;
limit_req_zone $binary_remote_addr zone=login:10m rate=1r/s;

limit_conn_zone $binary_remote_addr zone=addr:10m;      #store requests for the specified key

# cache for fastcgi
fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=APPKEY:100m inactive=60m max_size=100m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";

server {
    listen 80;
    # listen [::]:80 ipv6only=on default_server;
    # listen 443 ssl https default_server;        # ssl

    server_name hoangweb.com www.hoangweb.com;
    root /usr/share/nginx/html/hoangweb;
    index index.php index.html index.htm;
    charset  utf-8;
	
    error_log /var/log/nginx/hoangweb-error.log;
    access_log off;
    log_not_found off;

    # Prevent directory listing
    autoindex off;
        
    # error page
    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location  /404.html {
        internal;
    }
    # Deliver 404 instead of 403 "Forbidden"
    error_page 403 = 404;
    
    # Closing Slow Connections
    client_max_body_size 50M;
    client_body_timeout 5s;     #how long NGINX waits between writes of the client body
    client_header_timeout 5s;       # how long NGINX waits between writes of client headers
    client_body_buffer_size    128k;

    # limit request, nodelay: not show 503 error when reach limit queue.
    limit_req zone=perip burst=10 nodelay;

    # Define default caching of 24h
    expires 86400s;
    add_header Pragma public;
    add_header Cache-Control "max-age=86400, public, must-revalidate, proxy-revalidate";
    
    #location ~* \.(html|js|css|gif|jpg|jpeg|png|bmp|tif|pdf|ico|swf|wmv|flv)$ {
        # cache static content, so you can cache other location (for dynamic content)
    #    # set HTTP response expires header
    #    expires 90d;    #day: 365d
    #    add_header Cache-Control "public";
        
    #    access_log  off;
    #    error_log   off;
    #    log_not_found off;
    #    try_files $uri =404;
        
        # filehandle caching: keep handler for request static files open
    #    open_file_cache         max=1000 inactive=5m;
    #    open_file_cache_valid   60s;
    #    open_file_cache_min_uses    5;
    #    open_file_cache_errors  off;
    #}
    
    # Aggressive caching for static files
    # If you alter static files often, please use 
    # add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
    location ~* \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|
    gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|
    mpg|mpe|mpp|odb|odc|odf|odg|odp|ods|odt|ogg|ogv|otf|pdf|png|pot|pps|
    ppt|pptx|ra|ram|svg|svgz|swf|tar|t?gz|tif|tiff|ttf|wav|webm|wma|woff|
    wri|xla|xls|xlsx|xlt|xlw|zip)$ {
        expires 31536000s;
        access_log off;
        log_not_found off;
        add_header Pragma public;
        add_header Cache-Control "max-age=31536000, public";
        gzip_vary on;
    }
    
    # Rewrite for versioned CSS+JS via filemtime
    location ~* ^.+\.(css|js)$ {
        rewrite ^(.+)\.(\d+)\.(css|js)$ $1.$3 last;
        expires 31536000s;
        access_log off;
        log_not_found off;
        add_header Pragma public;
        add_header Cache-Control "max-age=31536000, public";
    }
    
    location / {
        try_files $uri $uri/ /index.php$is_args$args;        
        #try_files $uri $uri/ /index.php?q=$uri&$args;
    }
    location ~ \.(hh|php)$ {
        try_files $uri /index.php;
        fastcgi_keep_conn on;
        proxy_intercept_errors on;

        # php_fpm as a fallback in NGINX should a 502 (Bad Gateway) error occur
        error_page 502 404 504 = @fallback;

        fastcgi_split_path_info ^(.+\.php)(/.+)$;

        #fastcgi_pass 127.0.0.1:9000;
        #for ubuntu 12 or newer, replace with:
        fastcgi_pass unix:/var/run/php5-fpm-hoangweb.sock;

        #fastcgi_pass_header "X-Accel-Redirect";
        #fastcgi_pass_header "X-Accel-Buffering";
        #fastcgi_pass_header "X-Accel-Charset";
        #fastcgi_pass_header "X-Accel-Expires";      #<?php header('X-Accel-Expires: '. (60*60*24) )?>
        #fastcgi_pass_header "X-Accel-Limit-Rate";

        fastcgi_index index.php;
        if (!-f $realpath_root$fastcgi_script_name) {
          return 404;
        }

        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param SCRIPT_NAME $fastcgi_script_name;

        include fastcgi_params;
        fastcgi_read_timeout 300;

        # use cache
        fastcgi_cache   APPKEY;
        fastcgi_cache_valid 200 60m;
    }
    location /login/ {
        # apply rate limiting
        # burst=5: dropping requests if more than 5 queue up from a specific IP
        limit_req zone=login burst=5;
    }
    location @fallback {
      try_files $uri /index.php;
      fastcgi_split_path_info ^(.+\.php)(/.+)$;   # takes any PHP file
      include fastcgi_params;
      fastcgi_index index.php;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      fastcgi_param SCRIPT_NAME $fastcgi_script_name;

      #server unix:/var/run/hhvm/hhvm.sock;
      fastcgi_pass unix:/var/run/php5-fpm.sock;
    }
    location @notincache {
      try_files $uri /index.php;
      fastcgi_pass php1;
    }
    # Deny access to hidden files
    location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;
    }
}

# sub domain
server {
	listen *:80;
	server_name img.hoangweb.com;
	root /usr/share/nginx/html/hoangweb/wp-content/uploads;
	index index.php index.html index.htm;

	client_max_body_size 50M;
	error_log /var/log/nginx/hoangweb-error.log;
	access_log off;
	error_log off;
}
upstream php1 {
    #server unix:/var/run/hhvm/hhvm.sock;
    server unix:/var/run/php5-fpm.sock;
}