mirror of
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker.git
synced 2025-09-02 10:40:36 +00:00
Removed old Travis CI Testing Files
This commit is contained in:
Mitchell Krog
parent
2cab6b3151
commit
e4032bab80
2 changed files with 0 additions and 148 deletions
114
nginx.conf
114
nginx.conf
|
|
@ -1,114 +0,0 @@
|
|||
user www-data;
|
||||
worker_processes auto;
|
||||
error_log /tmp/error.log;
|
||||
pid /tmp/nginx.pid;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
multi_accept on;
|
||||
use epoll;
|
||||
}
|
||||
|
||||
http {
|
||||
|
||||
##
|
||||
# Basic Settings
|
||||
##
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
keepalive_timeout 90s;
|
||||
keepalive_requests 1000;
|
||||
server_tokens off;
|
||||
client_body_buffer_size 32k;
|
||||
client_header_buffer_size 1k;
|
||||
client_max_body_size 50M;
|
||||
types_hash_max_size 2048;
|
||||
server_names_hash_bucket_size 64;
|
||||
server_names_hash_max_size 4096;
|
||||
large_client_header_buffers 4 16k;
|
||||
|
||||
# Our request limiter zone for wp-login attacks
|
||||
limit_req_zone $binary_remote_addr zone=wp-login:10m rate=1r/s;
|
||||
|
||||
# DDos Mitigation
|
||||
# ***************
|
||||
# https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/
|
||||
# Limiting the Rate of Requests
|
||||
limit_req_zone $ratelimited zone=flood:50m rate=90r/s;
|
||||
# Limiting the Number of Connections
|
||||
limit_conn_zone $ratelimited zone=addr:50m;
|
||||
# End Slow conections
|
||||
#client_body_timeout 5s;
|
||||
#client_header_timeout 5s;
|
||||
|
||||
|
||||
# use any of the following two
|
||||
real_ip_header CF-Connecting-IP;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
##
|
||||
# Logging Settings
|
||||
##
|
||||
log_format custom '$remote_addr - $http_x_forwarded_for $remote_user $server_port [$time_local] "$request" '
|
||||
'$status "$http_referer" "$http_user_agent" "$http_header"'
|
||||
'"$body_bytes_sent" - "$gzip_ratio"';
|
||||
|
||||
log_format timedcombined '$remote_addr - $http_cf_connecting_ip $remote_user [$time_local] '
|
||||
'"$request" $status $body_bytes_sent '
|
||||
'"$http_referer" "$http_user_agent" '
|
||||
'PORT:$server_port $request_time $upstream_response_time $pipe "$gzip_ratio"';
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
log_format wordpress '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"'
|
||||
'PORT:$server_port $request_time $upstream_response_time $pipe "GZIP:$gzip_ratio"';
|
||||
|
||||
access_log /var/log/nginx/access.log timedcombined;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
##
|
||||
# Gzip Settings
|
||||
##
|
||||
|
||||
gzip on;
|
||||
gzip_disable "MSIE [1-6]\.";
|
||||
gzip_vary on;
|
||||
gzip_static on;
|
||||
gzip_min_length 20;
|
||||
gzip_proxied expired no-cache no-store private auth;
|
||||
gzip_comp_level 7;
|
||||
gzip_buffers 32 4k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
|
||||
#gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
|
||||
|
||||
##
|
||||
# Virtual Host Configs
|
||||
##
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
include /etc/nginx/sites-enabled/*;
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name fakedomain.com;
|
||||
root /var/www;
|
||||
limit_conn conn_limit_per_ip 10;
|
||||
limit_req zone=req_limit_per_ip burst=10 nodelay;
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,34 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
|
||||
NGINX_CONFIG="${DIR}/nginx.conf"
|
||||
NGINX_CONFIG_LOG="/tmp/nginx-config-check.log"
|
||||
NGINX_CACHE_DIR="${DIR}/nginx-cache"
|
||||
NGINX_BINARY="${NGINX_CACHE_DIR}/nginx"
|
||||
NGINX_DEB_URL="https://nginx.org/packages/ubuntu/pool/nginx/n/nginx/nginx_1.10.0-1~trusty_amd64.deb"
|
||||
#NGINX_DEB_URL="https://launchpad.net/~ondrej/+archive/ubuntu/nginx-mainline/+build/10448355/+files/nginx-light_1.11.2-1~exp1+deb.sury.org~trusty+3_amd64.deb"
|
||||
|
||||
# Download nginx binary, if necessary
|
||||
mkdir -p ${NGINX_CACHE_DIR}
|
||||
if [[ ! -f "${NGINX_BINARY}" ]]; then
|
||||
DEB_TMP_PATH="/tmp/nginx.deb.$$"
|
||||
DEB_TMP_UNPACKED="/tmp/nginx-deb/"
|
||||
wget "${NGINX_DEB_URL}" -O "${DEB_TMP_PATH}"
|
||||
pushd /tmp
|
||||
mkdir -p "${DEB_TMP_UNPACKED}"
|
||||
dpkg-deb -R "${DEB_TMP_PATH}" $(basename "${DEB_TMP_UNPACKED}")
|
||||
cp "${DEB_TMP_UNPACKED}/usr/sbin/nginx" "${NGINX_BINARY}"
|
||||
popd
|
||||
fi
|
||||
|
||||
chmod +x ${NGINX_CACHE_DIR}/nginx
|
||||
${NGINX_CACHE_DIR}/nginx -t -c "${NGINX_CONFIG}" 2>${NGINX_CONFIG_LOG}
|
||||
|
||||
if [[ $(cat $NGINX_CONFIG_LOG | egrep "syntax is ok" | wc -l) -eq 1 ]]; then
|
||||
echo "Nginx configuration OK!"
|
||||
exit 0
|
||||
else
|
||||
echo -e "Nginx configuration invalid:\n"
|
||||
cat ${NGINX_CONFIG_LOG}
|
||||
exit 1
|
||||
fi
|
||||
Loading…
Add table
Reference in a new issue