mirror of
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker.git
synced 2025-09-02 18:50:13 +00:00
f19f327dcb
- PLEASE READ UPDATED CONFIGURATION INSTRUCTIONS - PLEASE READ CHANGELOG - New Custom Include File (/etc/nginx/bots.d/blacklist-user-agents.conf ) for Blacklisting your own User-Agents which will not get wiped out with updates - New include file (/etc/nginx/conf.d/botblocker-nginx-settings.conf) for having the important nging settings automatically included into your nginx.conf for you. - New Bash Installer Script for Easy Installation and Copying Files Directly from the Repo - Important to note changes in this Version Update as you will get EMERG errors if you are missing any of the new include files
67 lines
No EOL
1.6 KiB
Text
67 lines
No EOL
1.6 KiB
Text
error_log /tmp/error.log;
|
|
pid /tmp/nginx.pid;
|
|
worker_processes 1;
|
|
|
|
events {
|
|
worker_connections 1024;
|
|
multi_accept on;
|
|
use epoll;
|
|
}
|
|
|
|
http {
|
|
# Set an array of temp and cache file options that will otherwise default to restricted locations accessible only to root.
|
|
client_body_temp_path /tmp/client_body;
|
|
fastcgi_temp_path /tmp/fastcgi_temp;
|
|
proxy_temp_path /tmp/proxy_temp;
|
|
scgi_temp_path /tmp/scgi_temp;
|
|
uwsgi_temp_path /tmp/uwsgi_temp;
|
|
|
|
##
|
|
# Basic Settings
|
|
##
|
|
sendfile on;
|
|
tcp_nopush on;
|
|
tcp_nodelay on;
|
|
keepalive_timeout 65;
|
|
types_hash_max_size 2048;
|
|
#server_names_hash_bucket_size 64;
|
|
#server_names_hash_max_size 4096;
|
|
|
|
# Our request limiter zone for wp-login attacks
|
|
limit_req_zone $binary_remote_addr zone=wp-login:10m rate=1r/s;
|
|
|
|
# DDos Mitigation
|
|
# ***************
|
|
# https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/
|
|
# Limiting the Rate of Requests
|
|
#limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
|
|
# Limiting the Number of Connections
|
|
#limit_conn_zone $binary_remote_addr zone=addr:50m;
|
|
|
|
include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
##
|
|
# Logging Settings
|
|
##
|
|
access_log /tmp/access.log;
|
|
error_log /tmp/error.log;
|
|
|
|
##
|
|
# Gzip Settings
|
|
##
|
|
gzip on;
|
|
gzip_disable "msie6";
|
|
|
|
##
|
|
# Virtual Host Configs
|
|
##
|
|
include {DIR}/nginx/conf.d/*.conf;
|
|
include {DIR}/nginx/sites-enabled/*;
|
|
include {DIR}/nginx/botblocker-nginx-settings.conf;
|
|
include {DIR}/nginx/globalblacklist.conf;
|
|
|
|
upstream php {
|
|
server 127.0.0.1:{PORT};
|
|
}
|
|
} |