server { listen 80; #listen 443 ssl http2; server_name linyaohong.com www.linyaohong.com; index index.php index.html index.htm default.php default.htm default.html; root /server/wwwroot/linyaohong.com; location /test/ { limit_conn perserver 20; limit_conn perip 1; limit_rate 512k; } location ~* ^/websocket/(.*) { proxy_pass http://127.0.0.1:9552/$1; } #allow 10.10.10.200; #allow 127.0.0.1; #deny all; #301-START # if ($host ~ '^linyaohong.com') # { # return 301 http://www.linyaohong.com$request_uri; # } #301-END #HTTP_TO_HTTPS_START #if ($server_port !~ 443){ # rewrite ^(/.*)$ https://$host$1 permanent; #} error_page 404 403 /404.html; error_page 502 /502.html; #AUTH_START #auth_basic "Authorization"; #auth_basic_user_file /application/nginx/conf/passwd/linyaohong.com.pass; #AUTH_END #SSL-START SSL #ssl_certificate /etc/ssl/fullchain.pem; #ssl_certificate_key /etc/ssl/privkey.pem; #ssl_protocols TLSv1.1 TLSv1.2; #ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; #ssl_prefer_server_ciphers on; #ssl_session_cache shared:SSL:10m; #ssl_session_timeout 10m; #error_page 497 https://$host$request_uri; #SSL-END #SECURITY-START #include enable-php-53.conf; include enable-php-54.conf; #include enable-php-55.conf; #include enable-php-56.conf; #include enable-php-70.conf; #REWRITE-START URL #include /application/nginx/conf/rewrite/www.linyaohong.com.conf; #REWRITE-END location = /favicon.ico { log_not_found off; access_log off; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; error_log off; access_log off; } location ~ .*\.(js|css)?$ { expires 12h; error_log off; access_log off; } # #if ($http_user_agent ~* (Scrapy|Curl|HttpClient)) { # return 403; # } if ($request_method !~ ^(GET|HEAD|POST)$) { return 403; } #if ($http_user_agent ~* "bingbot|Trident|CoolpadWebkit|WinHttp|YisouSpider|WebBench|WebZIP|FetchURL|node-superagent|java|FeedDemon|Jullo|JikeSpider|Indy Library|Alexa Toolbar|AskTbFXTV|AhrefsBot|CrawlDaddy|Java|Feedly|Apache-HttpAsyncClient|UniversalFeedParser|ApacheBench|Microsoft URL Control|Swiftbot|ZmEu|oBot|jaunty|Python-urllib|lightDeckReports Bot|YYSpider|DigExt|HttpClient|MJ12bot|heritrix|EasouSpider|Ezooms|BOT/0.1|YandexBot|FlightDeckReports|Linguee Bot"|^$ ) { # return 403; # } #access_log /server/logs/www.linyaohong.com.log; error_log /server/logs/www.linyaohong.com.error.log; access_log /server/logs/www.linyaohong.com.access.log main; #access_log /server/logs/www.linyaohong.com.access.log logstash_json; #LOG Write to buffer first, 5s seconds write to hard disk #access_log /server/logs/www.linyaohong.com.access.log main gzip buffer=32k flush=5s; }