LNMP配置

最新推荐文章于 2024-07-04 11:21:35 发布

我家住在罗马

最新推荐文章于 2024-07-04 11:21:35 发布

阅读量147

点赞数 1

分类专栏： linux

本文链接：https://blog.csdn.net/gyy77/article/details/108696570

版权

linux 专栏收录该内容

2 篇文章 0 订阅

订阅专栏

user  www www;

worker_processes auto;

error_log  /home/wwwlogs/nginx_error.log  crit;

pid        /usr/local/nginx/logs/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;

events
    {
        use epoll;
        worker_connections 51200;
        multi_accept on;
    }

http
    {
        include       mime.types;
        default_type  application/octet-stream;

        server_names_hash_bucket_size 128;
        client_header_buffer_size 32k;
        large_client_header_buffers 4 32k;
        client_max_body_size 50m;

        sendfile   on;
        tcp_nopush on;

        keepalive_timeout 60;

        tcp_nodelay on;

        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;
        fastcgi_buffer_size 64k;
        fastcgi_buffers 4 64k;
        fastcgi_busy_buffers_size 128k;
        fastcgi_temp_file_write_size 256k;

        gzip on;
        gzip_min_length  1k;
        gzip_buffers     4 16k;
        gzip_http_version 1.1;
        gzip_comp_level 2;
        gzip_types     text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
        gzip_vary on;
        gzip_proxied   expired no-cache no-store private auth;
        gzip_disable   "MSIE [1-6]\.";

        #limit_conn_zone $binary_remote_addr zone=perip:10m;
        ##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.

        server_tokens off;
        access_log off;
server
    {
    if ($host = www.supershot.cn) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


	listen 80;
    server_name supershot.cn www.supershot.cn;
	return 301 https://www.supershot.cn$request_uri;
    

}
server
    {
        listen 443 ssl http2;
        #listen [::]:80 default_server ipv6only=on;
        server_name supershot.cn www.supershot.cn;
	ssl off;
   	ssl_certificate cert/a.pem; # managed by Certbot
   	ssl_certificate_key cert/a.key;
	#ssl_certificate /etc/letsencrypt/live/www.supershot.cn/fullchain.pem; # managed by Certbot
	#ssl_certificate_key /etc/letsencrypt/live/www.supershot.cn/privkey.pem; # managed by Certbot       
	ssl_session_timeout 8m;
	ssl_ciphers HIGH:!aNULL:!MD5; 
 	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 	ssl_prefer_server_ciphers on;
        index  index.html index.htm index.jsp default.jsp index.do default.do index.php default.php Home.html index.;
        root  /home/wwwroot/default/gyy;

	include rewrite/other.conf;
        error_page   404   /error/404.html;

        # Deny access to PHP files in specific directory
        #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php(\/.*)*$ { deny all; }

        #include enable-php.conf;

	include enable-php-pathinfo.conf;	
	
	location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ 
	{  
		expires 30d; 
	}	 

	location ~ .*\.(js|css|html)?$ 
	{ 
		expires 12h; 
	} 
	
        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
	    root /home/wwwroot/default/gyy;
       	    index index.html index.htm;
            deny all;
        }

        location ~ \.php$ {
     	   include /usr/local/nginx/conf/fastcgi_params;
       	   fastcgi_pass  127.0.0.1:9000;
           # fastcgi_pass unix:/var/run/php7-fpm.sock;
           fastcgi_index index.php;
           fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
        }	

        access_log  /home/wwwlogs/access.log;    

    }
    include vhost/*.conf;
}