error_log /tmp/error.log;
pid /tmp/nginx.pid;
worker_processes 1;

events {
	worker_connections 1024;
	multi_accept on;
    use epoll;
}

http {
    # Set an array of temp and cache file options that will otherwise default to restricted locations accessible only to root.
    client_body_temp_path /tmp/client_body;
    fastcgi_temp_path /tmp/fastcgi_temp;
    proxy_temp_path /tmp/proxy_temp;
    scgi_temp_path /tmp/scgi_temp;
    uwsgi_temp_path /tmp/uwsgi_temp;

    ##
    # Basic Settings
    ##
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
	#server_names_hash_bucket_size 64;
	#server_names_hash_max_size 4096;

	# Our request limiter zone for wp-login attacks
	limit_req_zone $binary_remote_addr zone=wp-login:10m rate=1r/s;
	
    # DDos Mitigation
    # ***************
    # https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/
    # Limiting the Rate of Requests
    #limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
    # Limiting the Number of Connections
    #limit_conn_zone $binary_remote_addr zone=addr:50m;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;
    
    ##
    # Logging Settings
    ##
    access_log /tmp/access.log;
    error_log /tmp/error.log;

    ##
    # Gzip Settings
    ##
    gzip on;
    gzip_disable "msie6";

    ##
    # Virtual Host Configs
    ##
    include {DIR}/nginx/conf.d/*.conf;
    include {DIR}/nginx/sites-enabled/*;
    include {DIR}/nginx/botblocker-nginx-settings.conf;
    include {DIR}/nginx/globalblacklist.conf;

    upstream php {
        server 127.0.0.1:{PORT};
    }
}