Welcome! Log In Create A New Profile

Advanced

Correct Implementation of Ddos protection

Previous Message Next Message
Forum List Message List New Topic Print View
neodjandre
November 23, 2020 11:17AM
may main /etc/nginx/nginx.conf file reads:

user www-data;
worker_processes 2;
pid /run/nginx.pid;
worker_rlimit_nofile 100000;

events {
worker_connections 2048;
multi_accept on;
}

http {

##
# Basic Settings
##

client_header_buffer_size 2k;
large_client_header_buffers 2 1k;

client_body_buffer_size 10M;
client_max_body_size 10M;

client_body_timeout 12;
client_header_timeout 12;
keepalive_timeout 15;
send_timeout 10;

limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=50r/s;

server {
limit_conn conn_limit_per_ip 10;
limit_req zone=req_limit_per_ip burst=10 nodelay;
}

sendfile on;
tcp_nopush on;
tcp_nodelay on;
types_hash_max_size 2048;
server_tokens off;

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# Virtual Host Configs
##

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;

}

My websites server blocks are included within: include /etc/nginx/sites-enabled/*;

Is the server block defined above going to supersede the server blocks in my sites-enabled so that DDOS protection will work as expected?

many thanks
Andrew
Reply Quote
RSS
Subject Author Posted

Correct Implementation of Ddos protection

neodjandre November 23, 2020 11:17AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 280
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready