Created
February 10, 2016 01:31
-
-
Save macknilan/42c97efec47e8e0ccbb4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| COMO ROOT EN /etc/nginx/sites-available/myapp | |
| upstream myapp { | |
| server 0.0.0.0:8000; | |
| } | |
| limit_req_zone $binary_remote_addr zone=admin:10m rate=1r/s; # 10MB DE ESPACIO PARA IP's QUE INTENTAN ENTRAR A /admin 1 SOLICITUD/s | |
| include /etc/nginx/blockuseragents.rules; # SE INCLUYE EL ARCH PARA BLOQUEAR HTTP Agents | |
| limit_conn_zone $binary_remote_addr zone=addr:5m; # LIMIT THE NUMBER OF CONNECTIONS BY IP IN NGINX | |
| server { | |
| if ($blockedagent){ | |
| return 403; | |
| } | |
| if ($request_method !~ ^(GET|HEAD|POST)$) { | |
| return 444; | |
| } | |
| ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # DISABLE SSL AND ONLY ENABLE TLS IN NGINX | |
| limit_conn addr 10000; # LIMIT THE NUMBER OF CONNECTIONS BY IP IN NGINX | |
| include /etc/nginx/conf.d/*.conf; # SET BUFFER SIZE LIMITATIONS IN NGINX | |
| listen 80; # EL PUERTO EN EL QUE ESTOY ESCUCHANDO EN EL SERVIDOR | |
| listen [::]:80 default_server ipv6only=on; | |
| server_name muebleria.konetl.co www.muebleria.konetl.co; | |
| Server_tokens off; #NO DESPLEGAR LA VERSION DE NGINX EN ERROR LOGS | |
| access_log /var/log/nginx/myapp.log; # LOG DE LOS ERRORES | |
| error_log /var/log/nginx/myapp.error.log error; # LOG DE LOS ERRORES | |
| location = /favicon.ico { access_log off; log_not_found off; } # SE LE DICE A NGINX QUE IGNORE NO PODER ENCONTRAR favicon.ico | |
| # Ruta absoluta donde django copia los archivos estaticos | |
| # Es el valor que tiene la variable STATIC_ROOT en el setings.py | |
| location /static/ { | |
| autoindex on; | |
| alias /home/muebleria/LandingPage/landingpage/static/; | |
| } | |
| location /media/ { | |
| autoindex on; | |
| alias /home/muebleria/LandingPage/landingpage/media/; | |
| } | |
| location / { | |
| # Ruta donde correc nuesta proyecto de django con gunicorn | |
| proxy_pass http://myapp; | |
| proxy_redirect off; | |
| proxy_set_header Host $http_host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| client_max_body_size 10m; | |
| client_body_buffer_size 128K; | |
| proxy_connect_timeout 90; | |
| proxy_send_timeout 90; | |
| proxy_buffer_size 4k; | |
| proxy_buffers 4 32k; | |
| proxy_busy_buffers_size 64k; | |
| proxy_temp_file_write_size 64k; | |
| } | |
| location /admin/ { | |
| # aplicando directiva | |
| limit_req zone=admin burst=5; | |
| # repetimos el reverse proxy del location principal | |
| proxy_pass http://mi_app; | |
| proxy_set_header Host $http_host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment