2016-10-29 01:35:15 +08:00
http {
2019-03-29 06:32:51 +08:00
include /etc/nginx/proxy.conf;
2016-10-29 01:35:15 +08:00
limit_req_zone $binary_remote_addr zone=one:10m rate=5r/s;
2019-03-29 06:32:51 +08:00
server_tokens off;
2016-10-29 01:35:15 +08:00
sendfile on;
2021-03-18 10:00:36 +08:00
# Adjust keepalive_timeout to the lowest possible value that makes sense
# for your use case.
keepalive_timeout 29;
2016-10-29 01:35:15 +08:00
client_body_timeout 10; client_header_timeout 10; send_timeout 10;
2020-05-30 19:48:33 +08:00
upstream helloapp{
2021-04-02 05:34:54 +08:00
2016-10-29 01:35:15 +08:00
server {
2021-03-18 10:00:36 +08:00
listen 443 ssl http2;
listen [::]:443 ssl http2;
2020-10-30 20:45:46 +08:00
server_name example.com *.example.com;
2019-03-29 06:32:51 +08:00
ssl_certificate /etc/ssl/certs/testCert.crt;
ssl_certificate_key /etc/ssl/certs/testCert.key;
2021-03-18 10:00:36 +08:00
ssl_session_timeout 1d;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
2019-03-29 06:32:51 +08:00
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
2021-03-18 10:00:36 +08:00
ssl_stapling off;
2016-10-29 01:35:15 +08:00
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
#Redirects all traffic
location / {
2020-05-30 19:48:33 +08:00
proxy_pass http://helloapp;
2019-03-29 06:32:51 +08:00
limit_req zone=one burst=10 nodelay;
2016-10-29 01:35:15 +08:00