Sanity check of my config - is it secure?
Nuno Magalhães
nunomagalhaes at eu.ipp.pt
Sun May 22 20:48:42 MSD 2011
Have a look at these:
http://wiki.nginx.org/Configuration
http://wiki.nginx.org/Modules
http://wiki.nginx.org/3rdPartyModules
https://calomel.org/nginx.html
And what version of nginx (latest is 1.0.2)? What OS?
On Sun, May 22, 2011 at 15:56, benseb <nginx-forum at nginx.us> wrote:
> gzip on;
> # gzip_static on;
If you're serving so much static content you may as well enable
gzip_static, although it's pointless for compressed images like jpg.
> gzip_types text/plain text/css image/x-icon
No html? Javascript?
> server_tokens off;
Won't disable the Server: header. There's a module that can do that.
> if ($request_uri ~*
> (^\/|\.ico|\.css|\.js|\.swf|\.gif|\.jp?g|\.png)$ ) {
You can probably replace this if-statement with a regex.
> location ^~ /applets/{
> root /home/vhosts/x.com/httpdocs;
> expires max;
> }
> location ^~ /css/{
> root /home/vhosts/x.com/httpdocs;
> expires max;
> }
And merge these locations (as well as others) perhaps? Something like
^~ /(applets|css)/
Just a few hints, like i said i'm no expert.
--
Mars 2 Stay!
http://xkcd.com/801/
/etc
More information about the nginx
mailing list