[setup-ngxblocker] add Debian 8 test .conf files for server_names_hash_bucket_size

2025-09-01 10:09:49 +00:00 · 2019-08-16 09:18:46 +02:00 · 2019-08-16 09:18:46 +02:00 · 36c6fbbc0c
commit 36c6fbbc0c
parent 9388fa7d11
4 changed files with 113 additions and 0 deletions
--- a/.DS_Store
+++ b/.DS_Store
--- a/.dev-tools/.DS_Store
+++ b/.dev-tools/.DS_Store
--- a/.dev-tools/setup-ngxblocker/.DS_Store
+++ b/.dev-tools/setup-ngxblocker/.DS_Store
--- a/.dev-tools/setup-ngxblocker/commented/debian-8-jessie-hasbucket.conf
+++ b/.dev-tools/setup-ngxblocker/commented/debian-8-jessie-hasbucket.conf
@ -0,0 +1,113 @@
+
+user								www-data;
+
+worker_priority						0;
+worker_processes					2;
+worker_cpu_affinity					auto;
+worker_rlimit_core					512m;
+worker_rlimit_nofile				65535;
+
+# daemon								on;
+# master_process						off;
+
+# thread_pool							default threads=64 max_queue=65535;
+
+
+error_log  /var/log/nginx/error.log;
+#error_log  logs/error.log  notice;
+#error_log  logs/error.log  info;
+
+#pid        logs/nginx.pid;
+
+
+events {
+	use								epoll;
+	accept_mutex					on;
+	accept_mutex_delay				500ms;
+	worker_aio_requests				32;
+	worker_connections				10240;
+	multi_accept					on;
+}
+
+
+http {
+    include							mime.types;
+    default_type					application/octet-stream;
+	
+	aio								threads;
+	
+	# Controlling Buffer Overflow Attacks
+	client_body_buffer_size			128k; # maybe fix
+	client_body_in_file_only		off;
+	client_body_in_single_buffer	off;
+	client_body_timeout				10s;
+	client_header_buffer_size		128k; # maybe fix
+	client_header_timeout			360s;
+	client_max_body_size			1m; # if you need more change this value to 64m
+	
+	connection_pool_size			512;
+	# disable_symlinks				off;
+	# etag							on; # for static files
+	# ignore_invalid_headers			on;
+	
+	keepalive_disable				msie6;
+	keepalive_requests				100; # default 100
+	keepalive_timeout				60s; # default 75s
+	
+	# large_client_header_buffers		4 256k; # maybe like that 2 1k;
+	
+	access_log						off;
+	log_not_found					off;
+	log_subrequest					off;
+	
+	open_file_cache					max=65535 inactive=30s;
+	open_file_cache_errors			on;
+	open_file_cache_min_uses		1;
+	open_file_cache_valid			60s;
+	
+	server_tokens					off;
+	sendfile						on;
+	sendfile_max_chunk				0;
+	tcp_nodelay						on;
+ 	
+
+	tcp_nopush						on;
+	
+	
+	types_hash_bucket_size			128;
+	types_hash_max_size				2048;
+	
+	# Test setup-ngxblocker for duplicate server_names_hash_bucket_size
+	server_names_hash_bucket_size 64;
+
+	
+	gzip							on;
+	gzip_buffers					16 8k;
+	gzip_comp_level					4;
+	gzip_disable					"msie6";
+	gzip_min_length					256;
+	gzip_http_version				1.1;
+	gzip_proxied					any;
+	gzip_types						application/json application/javascript application/font-woff application/xml application/xml+rss text/css text/javascript text/plain text/xml;
+	gzip_vary						on;
+	
+	ssi								on;
+	ssi_last_modified				on;
+	ssi_min_file_chunk				1k;
+	ssi_silent_errors				on;
+	ssi_value_length				256;
+	
+	http2_chunk_size				32k; # default 8k
+	http2_body_preread_size			64k; # default 64k
+	http2_idle_timeout				3m; # default 3m
+	http2_max_concurrent_streams	10240; # default 128
+	http2_max_field_size			16k; # default 4k
+	http2_max_header_size			32k; # default 16k
+	http2_max_requests				10240; # default 1000
+	http2_recv_buffer_size			256k; # default 256k
+	http2_recv_timeout				30s; # default 30s
+	
+	# nginx-naxsi config
+	# include							/etc/nginx/naxsi_core.rules;
+	
+}