[ticket/10069] Improvements to sample nginx configuration.

Most of these were contributed by burningbunny: https://github.com/burningbunny PHPBB3-10069
author: Oleg Pudeyev <oleg@bsdpower.com> 2011-02-24 15:26:06 -0500
committer: Oleg Pudeyev <oleg@bsdpower.com> 2011-03-06 18:22:13 -0500
commit: b343920071cdef03ae421c67ea5b72ca1863cdcf (patch)
tree: a0e0289836a71ff518879e903cc803dd24d61cf5
parent: f08cbc73de208dab29737ab53db3af8a6a2d97fc (diff)
download: forums-b343920071cdef03ae421c67ea5b72ca1863cdcf.tar
forums-b343920071cdef03ae421c67ea5b72ca1863cdcf.tar.gz
forums-b343920071cdef03ae421c67ea5b72ca1863cdcf.tar.bz2
forums-b343920071cdef03ae421c67ea5b72ca1863cdcf.tar.xz
forums-b343920071cdef03ae421c67ea5b72ca1863cdcf.zip
1 files changed, 25 insertions, 8 deletions
diff --git a/phpBB/docs/nginx.sample.conf b/phpBB/docs/nginx.sample.conf
index 2a11e057c5..40b6ee76da 100644
--- a/phpBB/docs/nginx.sample.conf
+++ b/phpBB/docs/nginx.sample.conf
@@ -10,14 +10,23 @@ http {
     gzip_vary on;
     gzip_http_version 1.1;
     gzip_min_length 700;
+    
+    # Compression levels over 6 do not give an appreciable improvement
+    # in compression ratio, but take more resources.
     gzip_comp_level 6;
-    gzip_disable "MSIE [1-6]\.";
+    
+    # IE 6 and lower do not support gzip with Vary correctly.
+    gzip_disable "msie6";
+    # Before nginx 0.7.63:
+    #gzip_disable "MSIE [1-6]\.";
 
     # Catch-all server for requests to invalid hosts.
     # Also catches vulnerability scanners probing IP addresses.
-    # Should be first.
     server {
-        listen 80;
+        # default specifies that this block is to be used when
+        # no other block matches.
+        listen 80 default;
+
         server_name bogus;
         return 444;
         root /var/empty;
@@ -26,14 +35,20 @@ http {
     # If you have domains with and without www prefix,
     # redirect one to the other.
     server {
-        listen 80;
+        # Default port is 80.
+        #listen 80;
+
         server_name myforums.com;
-        rewrite ^(.*)$ http://www.myforums.com$1 permanent;
+
+        # A trick from http://wiki.nginx.org/Pitfalls#Taxing_Rewrites:
+        rewrite ^ http://www.myforums.com$request_uri permanent;
+        # Equivalent to:
+        #rewrite ^(.*)$ http://www.myforums.com$1 permanent;
     }
 
     # The actual board domain.
     server {
-        listen 80;
+        #listen 80;
         server_name www.myforums.com;
 
         root /path/to/phpbb;
@@ -45,8 +60,10 @@ http {
 
         # Deny access to internal phpbb files.
         location ~ /(config\.php|common\.php|includes|cache|files|store|images/avatars/upload) {
-            internal;
             deny all;
+            # deny was ignored before 0.8.40 for connections over IPv6.
+            # Use internal directive to prohibit access on older versions.
+            internal;
         }
 
         # Pass the php scripts to fastcgi server specified in upstream declaration.
@@ -60,8 +77,8 @@ http {
 
         # Deny access to version control system directories.
         location ~ /\.svn|/\.git {
-            internal;
             deny all;
+            internal;
         }
     }
author	Oleg Pudeyev <oleg@bsdpower.com>	2011-02-24 15:26:06 -0500
committer	Oleg Pudeyev <oleg@bsdpower.com>	2011-03-06 18:22:13 -0500
commit	b343920071cdef03ae421c67ea5b72ca1863cdcf (patch)
tree	a0e0289836a71ff518879e903cc803dd24d61cf5
parent	f08cbc73de208dab29737ab53db3af8a6a2d97fc (diff)
download	forums-b343920071cdef03ae421c67ea5b72ca1863cdcf.tar forums-b343920071cdef03ae421c67ea5b72ca1863cdcf.tar.gz forums-b343920071cdef03ae421c67ea5b72ca1863cdcf.tar.bz2 forums-b343920071cdef03ae421c67ea5b72ca1863cdcf.tar.xz forums-b343920071cdef03ae421c67ea5b72ca1863cdcf.zip