diff --git a/nginx/nginx.conf b/nginx/nginx.conf index b868bcb..5c61a59 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -1,5 +1,6 @@ user www-data; worker_processes auto; +worker_rlimit_nofile 8192; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; @@ -13,49 +14,28 @@ http { ## # Basic Settings ## - + charset utf-8; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; server_tokens off; + log_not_found off; server_names_hash_bucket_size 64; server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; - - # Optional mapping rules - #map $sent_http_content_type $content_security_policy { - # ~*text/(html|javascript)|application/pdf|xml "default-src 'self'; base-uri 'none'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests"; - #} - - #map $sent_http_content_type $referrer_policy { - # ~*text/(css|html|javascript)|application\/pdf|xml "strict-origin-when-cross-origin"; - #} - - #map $sent_http_content_type $cors { - #Images - # ~*image/ "*"; - - #Web fonts - # ~*font/ "*"; - # ~*application/vnd.ms-fontobject "*"; - # ~*application/x-font-ttf "*"; - # ~*application/font-woff "*"; - # ~*application/x-font-woff "*"; - # ~*application/font-woff2 "*"; - #} ## # SSL Settings ## - + ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers off; - + ## # Logging Settings ## @@ -77,6 +57,12 @@ http { gzip_http_version 1.1; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + map $http_upgrade $connection_upgrade { + default upgrade; + "" close; + } + + ## # Virtual Host Configs ##