Correction : Burette de la Cyclo de Paris Est.

[lhc/ateliers.git] / etc / nginx / nginx.conf

diff --git a/etc/nginx/nginx.conf b/etc/nginx/nginx.conf
index b87bf14..1ebd203 100644 (file)
--- a/etc/nginx/nginx.conf
+++ b/etc/nginx/nginx.conf
@@ -1,5 +1,4 @@
 # DOC: http://blog.martinfjordvald.com/2010/07/nginx-primer/
-daemon on;
 events {
        multi_accept on;
        use epoll;
@@ -22,13 +21,16 @@ http {
        default_type application/octet-stream;
        error_log /var/log/nginx/error.log warn;
        error_page 403 = 404;
-       fastcgi_cache_key "$request_method $scheme://$host$request_uri";
+       fastcgi_cache_key "$request_method $scheme://$http_host$request_uri";
        fastcgi_cache_path /run/shm/cache/nginx/fastcgi
+        inactive=10m
+        keys_zone=microcache:2M
         levels=1:2
-        keys_zone=microcache:10m
-        inactive=5m
-        max_size=64m;
-       fastcgi_cache microcache;
+        loader_files=100000
+        loader_sleep=1
+        loader_threshold=2592000000
+        max_size=64M;
+       fastcgi_temp_path /run/shm/tmp/nginx/ 1 2;
        gzip on;
        gzip_buffers 16 8k;
        gzip_comp_level 6;
@@ -70,6 +72,7 @@ http {
        sendfile on;
        server_names_hash_bucket_size 128;
        server_tokens off;
+       ssl_session_cache shared:SSL:10m;
        tcp_nodelay on;
                # NOTE: don't buffer data-sends (disable Nagle algorithm).
                #       Good for sending frequent small bursts of data in real time.
@@ -79,9 +82,25 @@ http {
                #       This is useful for prepending headers before calling sendfile,
                #       or for throughput optimization.
        types_hash_max_size 2048;
+       map $http_user_agent $bad_bot {
+        # NOTE: user agents that are to be blocked.
+               default 0;
+               libwww-perl                      1;
+               ~(?i)(httrack|htmlparser|libwww) 1;
+        }
+       #map $http_referer $bad_referer {
+       # # NOTE: referrers that are to be blocked.
+       #       default 0;
+       #       ~(?i)(babes|casino|click|diamond|forsale|girl|jewelry|love|nudit|organic|poker|porn|poweroversoftware|replica|sex|teen|webcam|zippo) 1;
+       # }
+       geo $not_local {
+               default 1;
+               127.0.0.1 0;
+        }
+       include /etc/nginx/site.d/*/http.conf;
        include /etc/nginx/site.d/*/server.conf;
  }
-pid /var/run/nginx.pid;
+pid /run/nginx.pid;
 user www-data;
 worker_processes 2;