theraw/The-World-Is-Yours
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
328388d012f8952e3510735a2138d01df07fcd4b
The-World-Is-Yours/static/nginx.conf
T
theraw 328388d012 Update nginx.conf
2018-01-30 00:23:01 +01:00

394 lines
12 KiB
Nginx Configuration File
Raw Blame History

# Suggestions? => https://github.com/theraw/The-World-Is-Yours/issues
# Problems? => https://github.com/theraw/The-World-Is-Yours/issues
# Errors? => https://github.com/theraw/The-World-Is-Yours/issues
user root;
pid /var/run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65535;
events {
multi_accept on;
use epoll;
worker_connections 65535;
}
http {
# turn this 'on' if you want to use L7 For every domain hosted in your server
testcookie off;
testcookie_name DOPEHOSTING;
testcookie_secret random;
testcookie_session $remote_addr;
#testcookie_arg GO;
testcookie_httponly_flag on;
testcookie_max_attempts 3;
testcookie_secure_flag on;
testcookie_get_only on;
testcookie_p3p 'CP="CUR ADM OUR NOR STA NID", policyref="/w3c/p3p.xml"';
testcookie_fallback /cookies.html?backurl=$scheme://$host$request_uri;
# Those are some ip's whitelisted by me. mostly are search engines. But not everything!
testcookie_whitelist {
8.8.8.8/32;
64.18.0.0/20;
64.233.160.0/19;
66.102.0.0/20;
72.14.192.0/18;
145.239.77.50;
74.125.0.0/16;
108.177.8.0/21;
172.217.0.0/19;
173.194.0.0/16;
207.126.144.0/20;
209.85.128.0/17;
216.58.192.0/19;
216.239.32.0/19;
104.16.160.0/20;
2001:4860:4000::/36;
2404:6800:4000::/36;
2607:f8b0:4000::/36;
2800:3f0:4000::/36;
2a00:1450:4000::/36;
2c0f:fb50:4000::/36;
31.13.24.0/21;
31.13.64.0/18;
66.220.144.0/20;
69.63.176.0/20;
69.171.224.0/19;
74.119.76.0/22;
103.4.96.0/22;
173.252.64.0/18;
204.15.20.0/22;
2620:0:1c00::/40;
2620:0:1cff::/48;
2a03:2880:1000::/36;
2a03:2880:2000::/36;
2a03:2880:3000::/36;
2a03:2880::/32;
2a03:2880::/36;
2a03:2880:4000::/36;
2a03:2880:f001::/48;
2a03:2880:f002::/48;
2a03:2880:f003::/48;
2a03:2880:f004::/48;
2a03:2880:f005::/48;
2a03:2880:f006::/48;
2a03:2880:f007::/48;
2a03:2880:f008::/48;
2a03:2880:f009::/48;
2a03:2880:f00a::/48;
2a03:2880:f00c::/48;
2a03:2880:f00d::/48;
2a03:2880:f00e::/48;
2a03:2880:f00f::/48;
2a03:2880:f010::/48;
2a03:2880:f011::/48;
2a03:2880:f012::/48;
2a03:2880:f013::/48;
2a03:2880:f015::/48;
2a03:2880:f016::/48;
2a03:2880:f019::/48;
2a03:2880:f01a::/48;
2a03:2880:f01b::/48;
2a03:2880:f01c::/48;
2a03:2880:f01f::/48;
2a03:2880:f021::/48;
2a03:2880:f022::/48;
2a03:2880:f023::/48;
2a03:2880:f024::/48;
2a03:2880:f026::/48;
2a03:2880:f027::/48;
2a03:2880:f028::/48;
2a03:2880:f029::/48;
2a03:2880:f02a::/48;
2a03:2880:f02c::/48;
2a03:2880:f02d::/48;
2a03:2880:f02e::/48;
2a03:2880:f02f::/48;
2a03:2880:f030::/48;
2a03:2880:f032::/48;
2a03:2880:f101::/48;
2a03:2880:f102::/48;
2a03:2880:f103::/48;
2a03:2880:f104::/48;
2a03:2880:f105::/48;
2a03:2880:f106::/48;
2a03:2880:f107::/48;
2a03:2880:f108::/48;
2a03:2880:f109::/48;
2a03:2880:f10a::/48;
2a03:2880:f10c::/48;
2a03:2880:f10d::/48;
2a03:2880:f10e::/48;
2a03:2880:f10f::/48;
2a03:2880:f110::/48;
2a03:2880:f111::/48;
2a03:2880:f112::/48;
2a03:2880:f113::/48;
2a03:2880:f115::/48;
2a03:2880:f116::/48;
2a03:2880:f119::/48;
2a03:2880:f11a::/48;
2a03:2880:f11b::/48;
2a03:2880:f11c::/48;
2a03:2880:f11f::/48;
2a03:2880:f121::/48;
2a03:2880:f122::/48;
2a03:2880:f124::/48;
2a03:2880:f126::/48;
2a03:2880:f127::/48;
2a03:2880:f128::/48;
2a03:2880:f129::/48;
2a03:2880:f12a::/48;
2a03:2880:f12c::/48;
2a03:2880:f12d::/48;
2a03:2880:f12e::/48;
2a03:2880:f12f::/48;
2a03:2880:f130::/48;
2a03:2880:f132::/48;
2a03:2880:f201::/48;
2a03:2880:f202::/48;
2a03:2880:f203::/48;
2a03:2880:f204::/48;
2a03:2880:f205::/48;
2a03:2880:f206::/48;
2a03:2880:f207::/48;
2a03:2880:f208::/48;
2a03:2880:f209::/48;
2a03:2880:f20a::/48;
2a03:2880:f20c::/48;
2a03:2880:f20d::/48;
2a03:2880:f20e::/48;
2a03:2880:f20f::/48;
2a03:2880:f210::/48;
2a03:2880:f211::/48;
2a03:2880:f212::/48;
2a03:2880:f213::/48;
2a03:2880:f215::/48;
2a03:2880:f216::/48;
2a03:2880:f219::/48;
2a03:2880:f21a::/48;
2a03:2880:f21b::/48;
2a03:2880:f21c::/48;
2a03:2880:f21f::/48;
2a03:2880:f221::/48;
2a03:2880:f222::/48;
2a03:2880:f224::/48;
2a03:2880:f226::/48;
2a03:2880:f227::/48;
2a03:2880:f228::/48;
2a03:2880:f229::/48;
2a03:2880:f22a::/48;
2a03:2880:f22c::/48;
2a03:2880:f22d::/48;
2a03:2880:f22e::/48;
2a03:2880:f22f::/48;
2a03:2880:f230::/48;
2a03:2880:f232::/48;
2a03:2880:fffe::/48;
2a03:2880:ffff::/48;
2620:10f:d000::/44;
2a02:6b8:1::/48;
2a02:6b8:2::/48;
2a02:6b8::/32;
2a02:6b8:3::/48;
2a02:6b8:4::/48;
2a02:6b8:5::/48;
2a02:6b8:6::/48;
2a02:6b8:7::/48;
2a02:6b8:8::/48;
2a02:6b8:9::/48;
2a02:6b8:a::/48;
2a02:6b8:b::/48;
2a02:6b8:c::/48;
2a02:6b8:d::/48;
2a02:6b8:e::/48;
2a02:6b8:f::/48;
2001:4860::/32;
2401:fa00::/32;
2404:6800::/32;
2404:6800:4001::/48;
2404:6800:4002::/48;
2404:6800:4003::/48;
2404:6800:4004::/48;
2404:6800:4005::/48;
2404:6800:4006::/48;
2404:6800:4007::/48;
2404:6800:4008::/48;
2404:6800:4009::/48;
2404:6800:400a::/48;
2600:1900::/28;
2605:ef80:200::/42;
2605:ef80::/32;
2605:ef80:400::/42;
2605:ef80:80::/42;
2605:ef80:900::/40;
2605:ef80:c0::/42;
2607:f8b0::/32;
2607:f8b0:4000::/48;
2607:f8b0:4001::/48;
2607:f8b0:4002::/48;
2607:f8b0:4003::/48;
2607:f8b0:4004::/48;
2607:f8b0:4005::/48;
2607:f8b0:4006::/48;
2607:f8b0:4007::/48;
2607:f8b0:4008::/48;
2607:f8b0:4009::/48;
2607:f8b0:400a::/48;
2607:f8b0:400b::/48;
2607:f8b0:400c::/48;
2607:f8b0:400d::/48;
2607:f8b0:400e::/48;
2607:f8b0:400f::/48;
2607:f8b0:4010::/48;
2607:f8b0:4011::/48;
2607:f8b0:4012::/48;
2607:f8b0:4013::/48;
2607:f8b0:4014::/48;
2607:f8b0:4015::/48;
2607:f8b0:4016::/48;
2620:0:1000::/40;
2620:120:e000::/40;
2620:15c::/36;
2800:3f0::/32;
2800:3f0:4001::/48;
2800:3f0:4002::/48;
2800:3f0:4003::/48;
2800:3f0:4004::/48;
2800:3f0:4005::/48;
2a00:1450::/32;
2a00:1450:4001::/48;
2a00:1450:4002::/48;
2a00:1450:4003::/48;
2a00:1450:4004::/48;
2a00:1450:4005::/48;
2a00:1450:4006::/48;
2a00:1450:4007::/48;
2a00:1450:4008::/48;
2a00:1450:4009::/48;
2a00:1450:400a::/48;
2a00:1450:400b::/48;
2a00:1450:400c::/48;
2a00:1450:400d::/48;
2a00:1450:400e::/48;
2a00:1450:400f::/48;
2a00:1450:4010::/48;
2a00:1450:4011::/48;
2a00:1450:4012::/48;
2a00:1450:4013::/48;
2a00:1450:4014::/48;
2a00:1450:4015::/48;
2a00:1450:4016::/48;
2a00:1450:4017::/48;
2a00:1450:4018::/48;
2a00:1450:4019::/48;
2a00:1450:401a::/48;
2a00:1450:401b::/48;
2a00:1450:401c::/48;
2a00:79e0::/32;
2a03:ace0:100::/40;
2a03:ace0::/32;
2c0f:fb50::/32;
2c0f:fb50:4002::/48;
2c0f:fb50:4003::/48;
}
testcookie_redirect_via_refresh on;
testcookie_refresh_encrypt_cookie on;
testcookie_refresh_encrypt_cookie_key random;
testcookie_refresh_encrypt_cookie_iv random;
testcookie_refresh_template '<html><head><meta http-equiv="refresh" content="0; $testcookie_nexturl"><title>Just a moment please...</title></head><body> </script><script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script><script type=\"text/javascript\" src="//proxy2.dopehosting.net/aes.min.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("$testcookie_enc_key"),b=toNumbers("$testcookie_enc_iv"),c=toNumbers("$testcookie_enc_set");document.cookie="DOPEHOSTING="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";</script></body></html>';
log_format main '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"'
'rt=$request_time uct="$upstream_connect_time" uht="$upstream_header_time" urt="$upstream_response_time"';
geoip2 /nginx/db/GeoLite2-Country.mmdb {
$geoip2_data_country_code default=US country iso_code;
$geoip2_data_country_name country names en;
}
# EX Ban China!
#map $geoip2_data_country_code $allowed_country {
# default yes;
# CN no;
#}
# Don't Go with "Nginx Can Handle Everything" !
limit_conn_zone $server_name zone=max:1m;
limit_req_zone $binary_remote_addr zone=one:1m rate=1r/s;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# Example Of Backend
#upstream varnish {
# zone tcp_servers 64k;
# server 10.10.10.39:80;
#}
client_body_buffer_size 1M;
client_header_buffer_size 1M;
client_body_timeout 90s;
client_header_timeout 90s;
client_max_body_size 2m;
keepalive_timeout 15s;
port_in_redirect off;
sendfile on;
server_names_hash_bucket_size 6969;
server_name_in_redirect off;
server_tokens off;
tcp_nodelay on;
tcp_nopush on;
types_hash_max_size 2048;
resolver 8.8.8.8 8.8.4.4;
## Real IP Forwarding ##
# set_real_ip_from 127.0.0.1;
# CloudFlare IPs
# List from: https://www.cloudflare.com/ips-v4
#set_real_ip_from 103.21.244.0/22;
#set_real_ip_from 103.22.200.0/22;
#set_real_ip_from 103.31.4.0/22;
#set_real_ip_from 104.16.0.0/12;
#set_real_ip_from 108.162.192.0/18;
#set_real_ip_from 131.0.72.0/22;
#set_real_ip_from 141.101.64.0/18;
#set_real_ip_from 162.158.0.0/15;
#set_real_ip_from 172.64.0.0/13;
#set_real_ip_from 173.245.48.0/20;
#set_real_ip_from 188.114.96.0/20;
#set_real_ip_from 190.93.240.0/20;
#set_real_ip_from 197.234.240.0/22;
#set_real_ip_from 198.41.128.0/17;
#set_real_ip_from 199.27.128.0/21;
# IPV6 Isn't Accepted Sorry!
# Replace with correct visitor IP
real_ip_header X-Forwarded-For;
real_ip_recursive on;
## MIME ##
include /nginx/mime.types;
default_type application/octet-stream;
## Logging Settings ##
# access_log /nginx/logs/access.log;
# error_log /nginx/logs/error.log;
# Proxy Settings
proxy_cache_path /tmp/dope_dynamic levels=1:2 keys_zone=dope_dynamic:20m inactive=10m max_size=2500m;
proxy_cache_path /tmp/dope_static levels=1:2 keys_zone=dope_static:20m inactive=10m max_size=2500m;
proxy_temp_path /tmp/dope_temp;
## Virtual Host Configs ##
include /nginx/live/*;
include /nginx/conf.d/*;
include /nginx/naxsi_core.rules;
}
Reference in New Issue View Git Blame Copy Permalink