hide/strip set cookies on static files and howto use alias
JoakimR
nginx-forum at forum.nginx.org
Mon Apr 4 16:29:32 UTC 2016
Hi
I have a few questions about how do I configure it.
First question:
How do I strip the "Set-Cookie" header from all static files like css and
jpg? I know i can setup a reverse proxy and use "proxy_hide_header
Set-Cookie", but seems like foolish to make yet another host, just to
reverse to your self and add a few hundred msec to the request.
Second question:
I'm trying to make an alias to hide a folder in the lookup to the subfolder,
the structure is:
/var/www/domain.tld/media/ads
/var/www/domain.tld/media/galleries
/var/www/domain.tld/media/misc
/var/www/domain.tld/media/thumbs
making the url like this /media/thumbs/5 subfolders/image-file
how do i change that into /thumbs/5 subfolders/image-file
I have tried with both alias and root but both returns a 404
Third question:
[error] 9178#9178: *13452 upstream timed out (110: Connection timed out)
while reading response header from upstream, client: upstream:
"fastcgi://unix:/var/run/php-fpm.sock", host:
have a lot of those, any suggestions?
nginx.conf
#user nginx;
user apache;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request"
'
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
aio threads;
sendfile on;
sendfile_max_chunk 1m;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
keepalive_timeout 15;
client_max_body_size 4G;
client_body_buffer_size 10K;
client_header_buffer_size 1k;
large_client_header_buffers 2 1k;
index index.php index.html index.htm;
## Nginx’s Open file cache
https://easyengine.io/tutorials/nginx/open-file-cache/
open_file_cache max=5000 inactive=5m; ##If you have way too
many files, change max from 5000 to more appropriate value.
open_file_cache_valid 20m; ## Tell nginx to check if information it
is holding is valid every n minutes.
open_file_cache_min_uses 1; ## If files don’t change much often, or
accesses less frequently, you can change inactive duration from 20m to
something else.
## Inactive andopen_file_cache_min_uses works together.
## This sample tells nginx to cache a file information as
long as minimum 2 requests are made during 5m window.
open_file_cache_errors on; ## Tell nginx to cache errors like 404
(file not found). If you are using nginx as load-balancer, leave this off.
gzip on;
gzip_disable "msie6";
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
application/atom+xml
application/rdf+xml
application/vnd.ms-fontobject
font/truetype
font/opentype
image/svg+xml;
add_header X-XSS-Protection "1; mode=block"; #Cross-site scripting
add_header X-Frame-Options "SAMEORIGIN" always; #clickjacking
add_header X-Content-Type-Options nosniff; #MIME-type sniffing
include /etc/nginx/conf.d/*.conf;
}
domain.tld.conf
server {
listen ip:80;
listen [ipv6]:80;
server_name domain.tld www.domain.tld;
index index.php =404;
try_files $uri $uri/ /index.php?q=$uri&$args;
root /var/www/domain.tld;
expires max;
add_header Pragma "public";
#include /etc/nginx/conf.d/mechbunny.inc;
set $site_root $document_root;
charset utf-8;
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log error;
location / {
if ($arg_max) { expires max; }
rewrite ^/page([0-9]+).html$ /index.php?controller=index&page=$1;
rewrite ^/galleries/(.*)-([0-9]+).html$
/index.php?controller=gallery&id=$2;
rewrite ^/video/(.*)-([0-9]+).html$
/index.php?controller=video&id=$2;
rewrite ^/signup$ /index.php?controller=signup;
rewrite ^/upload$ /index.php?controller=upload;
rewrite ^/upload_photo$ /index.php?controller=upload&option=photo;
rewrite ^/login$ /index.php?controller=login;
rewrite ^/logout$ /index.php?controller=logout;
rewrite ^/contact$ /index.php?controller=contact;
rewrite ^/forgot-pass$ /index.php?controller=forgot_pass;
rewrite ^/my-profile$ /index.php?controller=my_profile;
rewrite ^/my-friends$ /index.php?controller=my_friends;
rewrite ^/my-friends/$ /index.php?controller=friends;
rewrite ^/my-friends/page([0-9]+).html$
/index.php?controller=friends&page=$1;
rewrite ^/edit-profile$ /index.php?controller=edit_profile;
rewrite ^/edit-content/(.*)$
/index.php?controller=editContent&id=$1;
rewrite ^/static/(.*)$ /index.php?controller=displayStatic&id=$1;
rewrite ^/load/(.*)$ /index.php?controller=loadLayout&id=$1;
rewrite ^/filter/(.*)$ /index.php?controller=setFilter&id=$1;
rewrite ^/embed/([0-9]+)$ /index.php?controller=embed&id=$1;
rewrite ^/dmca$ /index.php?controller=dmca;
rewrite ^/tos$ /index.php?controller=tos;
rewrite ^/crss/([0-9]+)$ /index.php?controller=crss&id=$1;
rewrite ^/rss$ /index.php?controller=rss;
rewrite ^/a/(.*)$ /index.php?controller=link&slug=$1;
rewrite
^/(my-uploads|favorites|most-recent|most-discussed|most-viewed|longest|top-rated|photos|random|my-friends)/$
/index.php?controller=index&mode=$1;
rewrite
^/(my-uploads|favorites|most-recent|most-discussed|most-viewed|longest|top-rated|photos|random|my-friends)/page([0-9]+).html$
/index.php?controller=index&mode=$1&page=$2;
rewrite
^/(my-uploads|favorites|most-recent|most-discussed|most-viewed|longest|top-rated|photos|random|my-friends)/(day|week|month)/$
/index.php?controller=index&mode=$1&dateRange=$2;
rewrite
^/(my-uploads|favorites|most-recent|most-discussed|most-viewed|longest|top-rated|photos|random|my-friends)/(day|week|month)/page([0-9]+).html$
/index.php?controller=index&mode=$1&dateRange=$2&page=3;
rewrite
^/(my-uploads|favorites|most-recent|most-discussed|most-viewed|longest|top-rated|photos|random|my-friends)/page([0-9]+).html$
/index.php?controller=index&mode=$1&page=$2;
rewrite ^/uploads-by-user/([0-9]+)/$
/index.php?controller=index&mode=uploads-by-user&user=$1;
rewrite ^/uploads-by-user/([0-9]+)/page([0-9]+).html$
/index.php?controller=index&mode=uploads-by-user&user=$1&page=$2;
rewrite ^/search/(videos|members|photos)/([A-Za-z0-9-\s]+)/$
/index.php?controller=index&mode=search&type=$1&q=$2&page=1;
rewrite
^/search/(videos|members|photos)/([A-Za-z0-9-\s]+)/page([0-9]+).html$
/index.php?controller=index&mode=search&type=$1&q=$2&page=$3;
rewrite
^/search/(videos|members|photos)/([A-Za-z0-9-\s]+)/(newest|rating|views|longest)/$
/index.php?controller=index&mode=search&type=$1&q=$2&page=1&sortby=$3;
rewrite
^/search/(videos|members|photos)/([A-Za-z0-9-\s]+)/(newest|rating|views|longest)/page([0-9]+).html$
/index.php?controller=index&mode=search&type=$1&q=$2&page=$4&sortby=$3;
rewrite ^/search/([A-Za-z0-9-\s]+)/$
/index.php?controller=index&mode=search&q=$1&page=1;
rewrite ^/search/([A-Za-z0-9-\s]+)/page([0-9]+).html$
/index.php?controller=index&mode=search&q=$1&page=$2;
rewrite ^/search/([A-Za-z0-9-\s]+)/(newest|rating|views|longest)/$
/index.php?controller=index&mode=search&q=$1&page=1&sortby=$2;
rewrite
^/search/([A-Za-z0-9-\s]+)/(newest|rating|views|longest)/page([0-9]+).html$
/index.php?controller=index&mode=search&q=$1&page=$3&sortby=$2;
rewrite ^/channels/$ /index.php?controller=channels;
rewrite ^/channels/([0-9]+)/([A-Za-z0-9-\s]+)/$
/index.php?controller=index&mode=channel&channel=$1;
rewrite ^/channels/([0-9]+)/([A-Za-z0-9-\s]+)/page(.*).html$
/index.php?mode=channel&channel=$1&page=$3;
rewrite
^/channels/([0-9]+)/([A-Za-z0-9-\s]+)/(newest|rating|views|longest)/$
/index.php?controller=index&mode=channel&channel=$1&sortby=$3;
rewrite
^/channels/([0-9]+)/([A-Za-z0-9-\s]+)/(newest|rating|views|longest)/page(.*).html$
/index.php?mode=channel&channel=$1&sortby=$2&page=$4;
rewrite ^/models/$ /index.php?controller=pornstars;
rewrite ^/models/page([0-9]+).html$
/index.php?controller=pornstars&page=$1;
rewrite ^/models/([A-Za-z0-9-\s]+)/$
/index.php?controller=pornstars&letter=$1&page=1;
rewrite ^/models/([A-Za-z0-9-\s]+)/page([0-9]+).html$
/index.php?controller=pornstars&letter=$1&page=$2;
rewrite ^/models/(.*)-(.*).html$
/index.php?controller=pornstar_bio&id=$2;
rewrite ^/stars/$ /index.php?controller=pornstars;
rewrite ^/stars/page([0-9]+).html$
/index.php?controller=pornstars&page=$1;
rewrite ^/stars/([A-Za-z0-9-\s]+)/$
/index.php?controller=pornstars&letter=$1&page=1;
rewrite ^/stars/([A-Za-z0-9-\s]+)/page([0-9]+).html$
/index.php?controller=pornstars&letter=$1&page=$2;
rewrite ^/stars/(.*)-(.*).html$
/index.php?controller=pornstar_bio&id=$2;
rewrite ^/mailbox/$ /mailbox.php;
rewrite ^/mailbox/([0-9]+)$ /mailbox.php?mode=inbox&page=$1;
rewrite ^/mailbox/inbox/(.*)$ /mailbox.php?mode=inbox&page=$1;
rewrite ^/mailbox/outbox/(.*)$ /mailbox.php?mode=outbox&page=$1;
rewrite ^/mailbox/read/([0-9]+)$ /mailbox.php?mode=read&mid=$1;
rewrite ^/mailbox/read/([0-9]+)/delete/$
/mailbox.php?mode=read&mid=$1&delete=true;
rewrite ^/mailbox/read/([0-9]+)/spam/$
/mailbox.php?mode=read&mid=$1&spam=true;
rewrite ^/mailbox/compose/(.*)/reply/$
/mailbox.php?mode=compose&mid=$1&reply=true;
rewrite ^/mailbox/inbox/$ /mailbox.php?mode=inbox;
rewrite ^/mailbox/outbox/$ /mailbox.php?mode=outbox;
rewrite ^/mailbox/compose/$ /mailbox.php?mode=compose;
rewrite ^/user/(.*)-(.*)/$
/index.php?controller=user_profile&id=$2;
rewrite ^/members/$ /index.php?controller=members;
rewrite ^/members/page([0-9]+).html$
/index.php?controller=members&page=$1;
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
#
# Om nom nom cookies
#
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
#
# Custom headers and headers various browsers *should* be OK with
but aren't
#
add_header 'Access-Control-Allow-Headers'
'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
#
# Tell client that this pre-flight info is valid for 20 days
#
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'POST') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers'
'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
if ($request_method = 'GET') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers'
'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
}
location /thumbs/ {
alias /var/www/domain.tld/media/thumbs/;
}
location /admin/ {
#index index.php;
try_files $uri $uri/ /index.php?q=$uri&$args;
access_log off;
log_not_found off;
}
location ~ \.mp4$ {
limit_rate_after 5m;
limit_rate 832k;
mp4;
mp4_buffer_size 1m;
mp4_max_buffer_size 5m;
gzip off;
sendfile on;
aio on;
}
location ~ \.flv$ {
flv;
aio on;
limit_rate_after 10m;
limit_rate 812k;
sendfile on;
}
location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml)$ {
access_log off;
log_not_found off;
aio on;
sendfile on;
expires max;
add_header Pragma 'public';
add_header X-Frame-Options SAMEORIGIN;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri $uri/ index.php;
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,265879,265879#msg-265879
More information about the nginx
mailing list