#user nobody; worker_processes 1; #pid /nginx/pid/nginx.pid; error_log /Users/baibing/work/cv_zc/Entry/log/nginx-error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 20000; multi_accept on; #use epoll; #mac 用不了 } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; #access_log log/access.log main; sendfile on; sendfile_max_chunk 50m; client_max_body_size 50m; client_body_buffer_size 256k; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; gzip on; proxy_connect_timeout 5; #proxy_buffering off; proxy_read_timeout 60; proxy_send_timeout 30; proxy_buffer_size 256k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; proxy_temp_file_write_size 256k; proxy_next_upstream error timeout invalid_header http_500 http_503 http_404; proxy_max_temp_file_size 128m; proxy_temp_path /Users/baibing/work/cv_zc/Entry/nginx/temp; proxy_cache_path /Users/baibing/work/cv_zc/Entry/nginx/cache levels=1:2 keys_zone=cache_one:50m inactive=20m max_size=30g; #防止暴力刷接口 #limit_req_zone $binary_remote_addr zone=one:100m rate=50r/m; upstream entryservers { server 127.0.0.1:8014 weight=10; #server 10.14.11.22:8014 weight=0; } server { listen 443; server_name x.cv.com; charset utf-8; #charset koi8-r; #access_log logs/host.access.log main; ssl on; ssl_certificate /Users/baibing/work/cv_zc/Entry/ca.crt; ssl_certificate_key /Users/baibing/work/cv_zc/Entry/ca.key; location ~*.(htm|css|js|jpg|jpeg|png|gif|xml|ico|swf|eot|svg|ttf|woff|pdf|doc|docx|txt)$ { #root /Users/baibing/work/cv_zc/Entry/bin/; proxy_pass http://127.0.0.1:8011; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; index index.html index.htm; proxy_cache cache_one; proxy_cache_valid 200 302 0h; proxy_cache_key $scheme$host$uri$is_args$args; proxy_ignore_headers "Cache-Control" "Expires" "Set-Cookie";#不处理后端服务器返回的指定响应头 expires 0d; } location ~*^.+$ { #root /Users/baibing/work/cv_zc/Entry/bin/; proxy_pass http://127.0.0.1:8011; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-real-agent $http_user_agent; proxy_set_header x-real-referer $http_referer; index index.html index.htm; #可限制一个IP地址根据zone设置进行访问限制,这里设定为总的缓存数 #limit_req zone=one burst=100 nodelay; #deny 127.0.0.2; #allow 127.0.0.1; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /Users/baibing/work/cv_zc/Entry/bin/error; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # http server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} include servers/*; }