Nginx-ru mailing list archive (nginx-ru@sysoev.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Тюнинг nginx
- To: nginx-ru@xxxxxxxxx
- Subject: Тюнинг nginx
- From: "xganet" <nginx-forum@xxxxxxxx>
- Date: Fri, 01 Jul 2011 22:54:39 -0400
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mickey.jlkhosting.com; s=x; h=Date:Sender:From:Message-ID:Content-Transfer-Encoding:Content-Type:Subject:To; bh=AzNI17QGPFWSPpy5Lg98H4WXvV+m6U3s90ddYpw4SV4=; b=YoRImKIPduNyYcnPO7hNAy1L0wFNwOj+H+DbXrIBNw7lSBoelaiQYNkEQnshDqXLRqx7X0ssrGT7LW48MJIfWCfeD5awV5zyLQLRKaEndG24K6wxAmuJgebh0PG4Jxba;
Приветствую всех
VPS падает даже при зажатом F5,
установлена Ubuntu 8.10
И хотелось бы хоть немного защититься
от школоддоса
Помогите разобраться, Нашел статью
Тюнинг nginx для защиты от ддос
http://alug.org.ru/forum/viewtopic.php?id=283
1. в /etc/nginx/nginx.conf нужно полностью менять
на предложенное? ведь у меня в nginx.conf что
то про мои два домена написано:
user www-data;
worker_processes 1;
error_log off;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log off;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
tcp_nodelay on;
gzip on;
include /etc/nginx/sites-enabled/*;
client_max_body_size 16m;
log_format isp '$bytes_sent $request_length';
server {
listen 77.77.77.77:80;
server_name yousite.ru www.yousite.ru;
rewrite ^(/manager/.*)$ https://$host$1 permanent;
rewrite ^(/manager/.*)$ https://$host$1 permanent;
error_page 404 = @fallback;
location ~* ^/(webstat/|awstats|webmail/|myadmin/|manimg/) {
proxy_pass http://77.77.77.77:8080;
proxy_redirect http://yousite.ru:8080/ /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
location / {
proxy_pass http://77.77.77.77:8080;
proxy_redirect http://yousite.ru:8080/ /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
location ~*
^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar)$ {
root /var/www/p17267_you/data/www/yousite.ru;
access_log /var/www/httpd-logs/yousite.ru.access.log ;
access_log /var/www/nginx-logs/p17267_you isp;
}
location @fallback {
proxy_pass http://77.77.77.77:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 77.77.77.77:80;
server_name xenstyle.ru www.xensite.ru;
rewrite ^(/manager/.*)$ https://$host$1 permanent;
rewrite ^(/manager/.*)$ https://$host$1 permanent;
error_page 404 = @fallback;
location ~* ^/(webstat/|awstats|webmail/|myadmin/|manimg/) {
proxy_pass http://77.77.77.77:8080;
proxy_redirect http://xensite.ru:8080/ /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
location / {
proxy_pass http://77.77.77.77:8080;
proxy_redirect http://xensite.ru:8080/ /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
location ~*
^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar)$ {
root /var/www/p17267_you/data/www/xensite.ru;
access_log /dev/null ;
access_log /var/www/nginx-logs/p17267_you isp;
}
location @fallback {
proxy_pass http://77.77.77.77:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
}
}
2. /etc/nginx/proxy - тут тоже непонятно что
куда?
3. сам скрипт тоже куда его? и как
назвать
буду очень благодарен
Posted at Nginx Forum:
http://forum.nginx.org/read.php?21,211710,211710#msg-211710
_______________________________________________
nginx-ru mailing list
nginx-ru@xxxxxxxxx
http://nginx.org/mailman/listinfo/nginx-ru
|