# Suggestions? => https://github.com/theraw/The-World-Is-Yours/issues
# Problems?    => https://github.com/theraw/The-World-Is-Yours/issues
user nginx;
pid /var/run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65535;
events {
    multi_accept on;
    use epoll;
    worker_connections 65535;
}

http {
    # ////////////////////////////////////////////////////// #
    # =================== START L7 ========================= #
    testcookie off;
    testcookie_name DOPEHOSTING;
    testcookie_secret random;
    testcookie_session $remote_addr;
    #testcookie_arg GO;
    testcookie_httponly_flag on;
    testcookie_max_attempts 3;
    testcookie_secure_flag on;
    testcookie_get_only on;
    testcookie_p3p 'CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"';
    testcookie_fallback /cookies.html?backurl=$scheme://$host$request_uri;
    
    testcookie_whitelist {
        8.8.8.8/32;
        127.0.0.1/32;
    }
    testcookie_redirect_via_refresh on;
    testcookie_refresh_encrypt_cookie on;
    testcookie_refresh_encrypt_cookie_key random;
    testcookie_refresh_encrypt_cookie_iv random;
    testcookie_refresh_template '<html><head><meta http-equiv="refresh" content="0; $testcookie_nexturl"><title>Just a moment please...</title></head><body> </script><script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script><script type=\"text/javascript\" src="//proxy2.dopehosting.net/aes.min.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("$testcookie_enc_key"),b=toNumbers("$testcookie_enc_iv"),c=toNumbers("$testcookie_enc_set");document.cookie="DOPEHOSTING="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";</script></body></html>';
    # ===================== END L7 ========================= #
    # ////////////////////////////////////////////////////// #

    # ////////////////////////////////////////////////////// #
    # ===================== LOGS =========================== #
    log_format main '$remote_addr  |==| $status |==| $request |==| $time_local';
    # -------------------------------------------------------#
    log_format agent '$remote_addr |==| $status |==| $request |==| $http_user_agent';
    # -------------------------------------------------------#
    log_format full '$remote_addr  |==| $remote_user |==| $time_local |==| $request |==| $status |==| $body_bytes_sent |==| $http_referer |==| $http_user_agent |==| $http_x_forwarded_for';
    # =================== END LOGS ========================= #
    # ////////////////////////////////////////////////////// #
    
    # ////////////////////////////////////////////////////// #
    # ===================== GEIP =========================== #
    geoip2 /nginx/db/GeoLite2-Country.mmdb {
        $geoip2_data_country_code default=US country iso_code;
        $geoip2_data_country_name country names en;
    }
    # =================== END GEIP ========================= #
    # ////////////////////////////////////////////////////// #
    
    # ////////////////////////////////////////////////////// #
    # ===================== EXTRA ========================== #
    limit_conn_zone $server_name zone=max:1m;
    limit_req_zone  $binary_remote_addr zone=one:1m rate=1r/s;
    # =================== END EXTRA ======================== #
    # ////////////////////////////////////////////////////// #
    
    # ////////////////////////////////////////////////////// #
    # ==================== BACKENDS ======================== #
    map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
    }
    
    # Example Of Backend
    #upstream varnish {
    #    zone tcp_servers 64k;
    #    server 10.10.10.39:80;
    #}
    # =================== END BACKENDS ===================== #
    # ////////////////////////////////////////////////////// #

    # ////////////////////////////////////////////////////// #
    # ==================== GENERAL ========================= #
    default_type                   application/octet-stream;
    sendfile                       on;
    server_names_hash_bucket_size  6969;
    server_names_hash_max_size     6969;
    resolver                       1.1.1.1 8.8.8.8;
    client_body_buffer_size        128k;
    client_header_buffer_size      5M;
    client_max_body_size           128M;
    client_body_timeout            30s;
    client_header_timeout          30s;
    keepalive_timeout              30s;
    open_file_cache                max=200000 inactive=20s;
    open_file_cache_errors         on;
    open_file_cache_min_uses       2;
    open_file_cache_valid          90s;
    reset_timedout_connection      on;
    send_timeout                   30s;
    port_in_redirect               off;
    server_name_in_redirect        off;
    server_tokens                  off;
    tcp_nodelay                    on;
    tcp_nopush                     on;
    types_hash_max_size            2048;
    real_ip_header                 X-Forwarded-For;
    real_ip_recursive              on;
    set_real_ip_from               127.0.0.1;
    include                        /nginx/mime.types;
    # =================== END GENERAL ====================== #
    # ////////////////////////////////////////////////////// #

    # ////////////////////////////////////////////////////// #
    # =================== LOAD CONFIGS ===================== #
    include /nginx/live/*;
    include /nginx/conf.d/*;
    include /nginx/naxsi_core.rules;
    # =================== END CONFIGS ====================== #
    # ////////////////////////////////////////////////////// #
}