Chinaunix首页 | 论坛 | 博客
  • 博客访问: 796298
  • 博文数量: 127
  • 博客积分: 3662
  • 博客等级: 中校
  • 技术积分: 1371
  • 用 户 组: 普通用户
  • 注册时间: 2010-08-02 12:36
个人简介

Linux&MySQL&PHP&Nginx&Apache&MSSQL&Shell

文章分类

全部博文(127)

文章存档

2016年(1)

2015年(8)

2014年(14)

2013年(26)

2012年(17)

2011年(28)

2010年(33)

分类: PHP

2015-08-25 14:14:38



user              nginx nginx;
worker_processes  8;
worker_rlimit_nofile 8192;


error_log         /ngames/data/nginx/logs/error.log;
pid               /var/run/nginx.pid;


events {
    worker_connections  8192;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;


    log_format  main  '$remote_addr [$time_local] $request '
                      '"$status" $body_bytes_sent*$gzip_ratio "$http_referer" '
                      '"$http_user_agent"';
    log_format  proxy  '$remote_addr [$time_local] $request '
                      '"$status" $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" $upstream_addr[$upstream_response_time]$upstream_cache_status';
    open_log_file_cache max=1000 inactive=20s min_uses=2 valid=1m;


    server_tokens   off;
    sendfile        on;
    tcp_nopush      on;


    keepalive_timeout  5;
    large_client_header_buffers 4 8k;


    gzip                on;
    gzip_min_length     1100;
    gzip_buffers        4 8k;
    #gzip_http_version   1.0;
    gzip_comp_level     1;
    #gzip_proxied        any;
    gzip_types          text/plain text/css text/javascript text/xml
                        application/x-javascript application/xml application/xml+rss;


    include /etc/nginx/conf.d/*.conf;


   


   #upstream mic_net {
       # server 172.31.16.222:9000 weight=10 max_fails=3 fail_timeout=30s; # php01
       # server 172.31.24.169:9000 weight=15 max_fails=3 fail_timeout=30s; # ngx02
       # server 172.31.30.180:9000 weight=10 max_fails=3 fail_timeout=30s; # ngx01
       # server 172.31.18.171:9000 weight=5 max_fails=3 fail_timeout=30s; # nfs01
   #}


   #upstream forums_mic_net {
#server 172.31.16.222:8082 weight=10 max_fails=3 fail_timeout=30s; # php01
    #}


   # upstream track_mic_com {
   #     server 172.31.16.222:9000 weight=10 max_fails=3 fail_timeout=30s; # php01
   # }
   # upstream track_sakura_com {
   #     server 172.31.16.222:9000 weight=10 max_fails=3 fail_timeout=30s; # php01
   # }


    upstream track_gaara_la {
        server 172.31.16.222:9000 weight=10 max_fails=3 fail_timeout=30s; # php01
    }
    upstream payments_mic_com {
        server 172.31.16.222:9000 weight=10 max_fails=3 fail_timeout=30s; # php01
    }


    fastcgi_cache_path      /ngaara/data/nginx/fcgi/cache levels=2:2  keys_zone=cache:1024m inactive=12h max_size=50g;
    fastcgi_temp_path       /ngaara/data/nginx/fcgi/tmp 1 2;
    fastcgi_cache_key       $request_uri;
    fastcgi_cache_valid     400 401 403 404 1m;
    fastcgi_cache_valid     500 501 502 503 504 505 1s;
    fastcgi_cache_min_uses  1;
    fastcgi_cache_use_stale error timeout invalid_header http_500;
    fastcgi_ignore_headers  Cache-Control Expires;
    #fastcgi_no_cache        $cookie_nocache $arg_nocache;






    fastcgi_connect_timeout 300s;
    fastcgi_send_timeout 300s;
    fastcgi_read_timeout 300s;
    fastcgi_buffer_size 128k;
    fastcgi_buffers 8 128k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;


    fastcgi_index               index.php;
    fastcgi_ignore_client_abort on;
    fastcgi_intercept_errors    on;
    include                     /etc/nginx/fastcgi.conf;


    geoip_country /ngaara/sites/mic/configs/GeoIP.dat;
    fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;
    fastcgi_param GEOIP_COUNTRY_CODE3 $geoip_country_code3;
    fastcgi_param GEOIP_COUNTRY_NAME $geoip_country_name;
    map $geoip_country_code $blocked {
default no;
JP yes;
    }
    fastcgi_param IP_BLOCKED $blocked;

    server {
listen *:80;
    listen *:8060;


    access_log  /ngaara/data/nginx/logs/localhost.access.log  main;
    error_log    /ngaara/data/nginx/logs/localhost.error.log  error;


# auth_basic "input you user name and password";   
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;   
        location / {
            root   /usr/share/nginx/html;
            index  index.html index.htm;
        }


        error_page  404              /404.html;
        location = /404.html {
            root   /usr/share/nginx/html;
        }


        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }


        location /server-status {
            stub_status on;
            access_log  on;
        }


        location /php-fpm-status {
            fastcgi_pass 127.0.0.1:9000;
            break;
        }


        location ~ \.php$ {
            fastcgi_pass 127.0.0.1:9000;
            break;
        }


        location ~ /\.ht {
            deny  all;
        }


        location ~ /_ {
            deny  all;
        }


    }
 
   
    server {
        listen      *:80;
listen      *:8191;


        server_name assets-cdn.mic.com assets.mic.com assets-https.mic.com static.mic.com assets-cdn.mic.net assets.mic.net assets-https.mic.net static.mic.net;
        access_log  /ngaara/data/nginx/logs/assets.mic.com.access.log main;
        error_log   /ngaara/data/nginx/logs/assets.mic.com.error.log error;
        root        /ngaara/sites/mic/webroot/assets.mic.com/html;
        index       index.html index.php;


#        auth_basic "input you user name and password";
#        auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
        location / {
            if (-f $document_root/maintenance.html) {
                return 503;
            }
        }

 #       location ~ /purge(/.*) {
 #           fastcgi_cache_purge cache $1;
 #       }


        location ~ \.php$ {
            deny  all;
        }
        location ~ /\.ht {
            deny  all;
        }


        location ~* \.(jpg|jpeg|gif|css|png|js|ico)$ {
            expires     7d;
            break;
        }


        location = /_.gif {
            empty_gif;
        }




        error_page  403               /403.html;
        location = /403.html {
            root   /usr/share/nginx/html;
        }


        error_page  404              /404.html;
        location = /404.html {
            root   /usr/share/nginx/html;
        }


        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }
}
server {
        listen      *:443;


        server_name assets-cdn.mic.com assets.mic.com assets-https.mic.com static.mic.com assets-cdn.mic.net assets.mic.net assets-https.mic.net static.mic.net;
        access_log  /ngaara/data/nginx/logs/assets.mic.com.access.log main;
        error_log   /ngaara/data/nginx/logs/assets.mic.com.error.log error;
        root        /ngaara/sites/mic/webroot/assets.mic.com/html;
        index       index.html index.php;


ssl on;
        ssl_certificate /ngaara/sites/mic/configs/ssl/bundle.crt;
        ssl_certificate_key /ngaara/sites/mic/configs/ssl/mic.KEY;
        ssl_session_timeout 5m;
ssl_protocols SSLv2 TLSv1.2 TLSv1.1 TLSv1;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;


#        auth_basic "input you user name and password";
#        auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;


        location / {
            if (-f $document_root/maintenance.html) {
                return 503;
            }
        }

 #       location ~ /purge(/.*) {
 #           fastcgi_cache_purge cache $1;
 #       }


        location ~ \.php$ {
            deny  all;
        }
        location ~ /\.ht {
            deny  all;
        }


        location ~* \.(jpg|jpeg|gif|css|png|js|ico)$ {
            expires     7d;
            break;
        }


        location = /_.gif {
            empty_gif;
        }




        error_page  403               /403.html;
        location = /403.html {
            root   /usr/share/nginx/html;
        }


        error_page  404              /404.html;
        location = /404.html {
            root   /usr/share/nginx/html;
        }


        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }
 }


 server {
listen      *:443;


server_name mic.com passport.mic.com store.mic.com apis.mic.com apps.mic.com manage.mic.com fb.mic.com fbs.mic.com startrek.mic.com passport.mic.net payments.mic.net fb.mic.net fbs.mic.net store.mic.net  manage.mic.net mic.net startrek.mic.net rainbow.mic.com startrekaliendomain.com;


ssl on;
       ssl_certificate /ngaara/sites/mic/configs/ssl/bundle.crt;
        ssl_certificate_key /ngaara/sites/mic/configs/ssl/mic.KEY;
       ssl_session_timeout 5m;
       ssl_protocols SSLv2 TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;

access_log  /ngaara/data/nginx/logs/mic.com.access.log  main;  
error_log   /ngaara/data/nginx/logs/mic.com.error.log error;
set $host_path "/ngaara/sites/mic/webroot/mic.com/html";
root   $host_path;  
index  index.php index.html index.htm; 
add_header    Cache-Control  no-store;
add_header    Expires -1;
        #auth_basic "input you user name and password";
        #auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;




        if ($host = '') {
rewrite ^(.*) last;
        }
        if ($host = 'startrekaliendomain.com') {
rewrite ^(.*) last;
        } 
        if ($host = '') {
                 rewrite ^/default/index$ http:// permanent;
        }
        if ($host = '') {
                 rewrite ^/default/index$ http:// permanent;
        }
if ($host = 'passport.mic.net') {
                 rewrite ^/default/index$ permanent;
        }
# if ($blocked = yes) {
#                return 404;
#         }




# BEGIN restrictions.conf
# Disable logging for favicon
# location / {  
#    if (!-e $request_filename){  
# rewrite ^/(.*) /index.php last;  
#    }  
# } 
location = /favicon.ico {
log_not_found off;
access_log off;
}


# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}


# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf


# Typically I create a yiiframework.conf file that I then include across all of my yii vhosts
#include conf.d/yiiframework.conf;
# I've included the content of my yiiframework.conf in-line for this example


# BEGIN yiiframework.conf
# Block access to protected, framework, and nbproject (artifact from Netbeans)
location ~ /(protected|framework|nbproject) {
deny all;
access_log off;
log_not_found off;
}


# Attempt the uri, uri+/, then fall back to yii's index.php with args included
# Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
location / {
try_files $uri $uri/ /index.php?$args;
}
# END yiiframework.conf


# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}


# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
set_real_ip_from   178.18.205.254;
real_ip_header     X-Real-IP;
try_files $uri =404;


# Fix for server variables that behave differently under nginx/php-fpm than typically expected
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Include the standard fastcgi_params file included with nginx
include fastcgi_params;
fastcgi_param  PATH_INFO        $fastcgi_path_info;
fastcgi_index index.php;
# Override the SCRIPT_FILENAME variable set by fastcgi_params
fastcgi_param  SCRIPT_FILENAME  $host_path$fastcgi_script_name;
# Pass to upstream PHP-FPM; This must match whatever you name your upstream connection
fastcgi_pass mic_net;
}


 }  
 server {
listen      *:80;
listen      *:8192;
server_name mic.com passport.mic.com store.mic.com apis.mic.com apps.mic.com manage.mic.com fb.mic.com fbs.mic.com startrek.mic.com passport.mic.net payments.mic.net fb.mic.net fbs.mic.net store.mic.net  manage.mic.net mic.net startrek.mic.net rainbow.mic.com startrekaliendomain.com;

access_log  /ngaara/data/nginx/logs/mic.com.access.log  main;  
error_log   /ngaara/data/nginx/logs/mic.com.error.log error;
set $host_path "/ngaara/sites/mic/webroot/mic.com/html";
root   $host_path;  
index  index.php index.html index.htm; 
add_header    Cache-Control  no-store;
add_header    Expires -1;
        #auth_basic "input you user name and password";
        #auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;




        if ($host = '') {
rewrite ^(.*) last;
        }
        if ($host = 'startrekaliendomain.com') {
rewrite ^(.*) last;
        } 
        if ($host = '') {
                 rewrite ^/default/index$ http:// permanent;
        }
        if ($host = '') {
                 rewrite ^/default/index$ http:// permanent;
        }
if ($host = 'passport.mic.net') {
                 rewrite ^/default/index$ permanent;
        }
# if ($blocked = yes) {
#                return 404;
#         }




# BEGIN restrictions.conf
# Disable logging for favicon
# location / {  
#    if (!-e $request_filename){  
# rewrite ^/(.*) /index.php last;  
#    }  
# } 
location = /favicon.ico {
log_not_found off;
access_log off;
}


# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}


# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf


# Typically I create a yiiframework.conf file that I then include across all of my yii vhosts
#include conf.d/yiiframework.conf;
# I've included the content of my yiiframework.conf in-line for this example


# BEGIN yiiframework.conf
# Block access to protected, framework, and nbproject (artifact from Netbeans)
location ~ /(protected|framework|nbproject) {
deny all;
access_log off;
log_not_found off;
}


# Attempt the uri, uri+/, then fall back to yii's index.php with args included
# Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
location / {
try_files $uri $uri/ /index.php?$args;
}
# END yiiframework.conf


# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}


# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
set_real_ip_from   10.10.1.110;
real_ip_header     X-Real-IP;
try_files $uri =404;


# Fix for server variables that behave differently under nginx/php-fpm than typically expected
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Include the standard fastcgi_params file included with nginx
include fastcgi_params;
fastcgi_param  PATH_INFO        $fastcgi_path_info;
fastcgi_index index.php;
# Override the SCRIPT_FILENAME variable set by fastcgi_params
fastcgi_param  SCRIPT_FILENAME  $host_path$fastcgi_script_name;
# Pass to upstream PHP-FPM; This must match whatever you name your upstream connection
fastcgi_pass mic_net;
}


}   


server {
listen      *:80;
listen      *:8193;


server_name  forums.mic.com forum.mic.com forums.mic.net forum.mic.net;
access_log  /ngaara/data/nginx/logs/forums.mic.com.access.log proxy;
error_log   /ngaara/data/nginx/logs/forums.mic.com.error.log error;
root        /ngaara/sites/mic/webroot/forums.mic.com/html;
index       index.php index.html index.htm;


#        auth_basic "input you user name and password";
#        auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
rewrite ^/forum$ /> rewrite ^/register http:///#reg;
rewrite ^/faq.php /> if ($blocked = yes) {
   return 404;
}
if ($host ~* forum\.gaara\.la) {
   rewrite ^/(.*)$ permanent ;
}
if ($http_user_agent ~* LWP::Simple|BBBike|wget) {
   return 403;
}


location ~* /store/.*\.php$ {
   return 403;
}


location ~ /\.ht {
   deny  all;
}


location ~* \.(jpg|jpeg|gif|css|png|js|ico)$ {
   root                /ngaara/sites/mic/webroot/forums.mic.com/html;
   access_log          off;
   expires             7d;
   break;
}


location = /clear.gif {
   empty_gif;
}
location = /_.gif {
   empty_gif;
}


location / {
   proxy_pass />    proxy_redirect off;
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_connect_timeout 150;
   proxy_send_timeout 100;
   proxy_read_timeout 100;
   proxy_buffers 4 32k;
   client_max_body_size 8m;
   client_body_buffer_size 128k;
}


error_page 503 @maintenance;
location @maintenance {
   rewrite ^(.*)$ /maintenance.html break;
}


error_page  403               /403.html;
location = /403.html {
   root   /ngaara/sites/mic/webroot/forums.mic.com/html/errors;
}


error_page  404               /404.html;
location = /404.html {
   root   /ngaara/sites/mic/webroot/forums.mic.com/html/errors;
}


error_page  500 502 503 504   /50x.html;
location = /50x.html {
   root   /ngaara/sites/mic/webroot/forums.mic.com/html/errors;
}


    }
    server {
        listen      *:80;
        listen      *:8195;
        server_name track.mic.com;
        server_name track-st.mic.com;


        access_log  /ngaara/data/nginx/logs/track.mic.com.access.log main;
        error_log    /ngaara/data/nginx/logs/track.mic.com.error.log  error;
        set $host_path "/ngaara/sites/mic/webroot/track.mic.com/html";
        root   $host_path;


        index  index.php index.html index.htm;
        add_header    Cache-Control  no-store;
        add_header    Expires -1;
location ~ ^/backend/ {
              rewrite ^/backend/(.*)$ permanent;
     
}
#        auth_basic "input you user name and password";
#        auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;


        # BEGIN restrictions.conf
        # Disable logging for favicon
#       location / {
#           if (!-e $request_filename){
#               rewrite ^/(.*) /index.php last;
#           }
#       }
location / {
                        client_max_body_size 100m;
                        if (-f $request_filename) {
                                break;
                        }


                        if (!-f $request_filename) {
                                rewrite ^/([a-z0-9\-_]+)\.html?$        /click.php?tag=$1&$query_string last;
                                rewrite ^/$     /click.php?link_id=1&$query_string last;
                        }
                        root   /home/track.mic.com/html;
                        index  index.html index.htm index.php;
                        access_log      off;
}
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }


        # Disable logging for robots.txt
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }


        # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
        location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
        }
        # END restrictions.conf


        # Tell browser to cache image files for 24 hours, do not log missing images
        # I typically keep this after the yii rules, so that there is no conflict with content served by Yii
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires 3h;
                log_not_found off;
        }


        # Block for processing PHP files
        # Specifically matches URIs ending in .php
        location ~ \.php$ {
root   $host_path;
                fastcgi_pass track_mic_com;
        }


     }
     server {
        listen      *:80;
        listen      *:8198;
        server_name analyst.mic.com;


        access_log  /ngaara/data/nginx/logs/track.mic.com.access.log main;
        error_log    /ngaara/data/nginx/logs/track.mic.com.error.log  error;
        set $host_path "/ngaara/sites/mic/webroot/track.mic.com/html/backend/";
        root   $host_path;


        index  index.php index.html index.htm;
        add_header    Cache-Control  no-store;
        add_header    Expires -1;


#        auth_basic "input you user name and password";
#        auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;


        # BEGIN restrictions.conf
        # Disable logging for favicon
#       location / {
#           if (!-e $request_filename){
#               rewrite ^/(.*) /index.php last;
#           }
#       }
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }


        # Disable logging for robots.txt
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }


        # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
        location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
        }
        # END restrictions.conf


        # Tell browser to cache image files for 24 hours, do not log missing images
        # I typically keep this after the yii rules, so that there is no conflict with content served by Yii
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires 3h;
                log_not_found off;
        }


        # Block for processing PHP files
        # Specifically matches URIs ending in .php
        location ~ \.php$ {
root   $host_path;
                fastcgi_pass track_mic_com;
        }


     }
    server {
        listen      *:80;
        listen      *:8200;
        server_name track.gaara.la;
        server_name track.narutosaga.gaara.la;
        server_name track.ultimatenaruto.gaara.la;



access_log  /ngaara/data/nginx/logs/track.gaara.la.access.log main;
        error_log    /ngaara/data/nginx/logs/track.gaara.com.error.log  error;
        set $host_path "/ngaara/sites/mic/webroot/track.gaara.la/html/";
        root   $host_path;


        index  index.php index.html index.htm;
        add_header    Cache-Control  no-store;
        add_header    Expires -1;

                location / {
                        client_max_body_size 100m;
                        if (-f $request_filename) {
                                break;
                        }


                        if (!-f $request_filename) {
                                rewrite ^/([a-z0-9\-_]+)\.html?$        /click.php?tag=$1&$query_string last;
                                rewrite ^/$     /click.php?link_id=1&$query_string last;
                        }
                        root   /home/track.gaara.la/html;
                        index  index.html index.htm index.php;
                        access_log      off;
                }
# Disable logging for robots.txt
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }


        # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
        location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
        }
        # END restrictions.conf


        # Tell browser to cache image files for 24 hours, do not log missing images
        # I typically keep this after the yii rules, so that there is no conflict with content served by Yii
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires 3h;
                log_not_found off;
        }


        # Block for processing PHP files
        # Specifically matches URIs ending in .php
        location ~ \.php$ {
                root   $host_path;
                fastcgi_pass track_gaara_la;
        }


     }
 
     server {
        listen      *:80;
        listen      *:8201;
        server_name analyst.gaara.la;
server_name aws-analyst.gaara.la;


        access_log  /ngaara/data/nginx/logs/analyst.gaara.la.access.log main;
        error_log    /ngaara/data/nginx/logs/analyst.gaara.la.error.log  error;
        set $host_path "/ngaara/sites/mic/webroot/track.gaara.la/html/backend/";
        root   $host_path;


        index  index.php index.html index.htm;
        add_header    Cache-Control  no-store;
        add_header    Expires -1;


#        auth_basic "input you user name and password";
#        auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;


        # BEGIN restrictions.conf
        # Disable logging for favicon
#       location / {
#           if (!-e $request_filename){
#               rewrite ^/(.*) /index.php last;
#           }
#       }
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }


        # Disable logging for robots.txt
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }


        # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
        location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
        }
        # END restrictions.conf


        # Tell browser to cache image files for 24 hours, do not log missing images
        # I typically keep this after the yii rules, so that there is no conflict with content served by Yii
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires 3h;
                log_not_found off;
        }


        # Block for processing PHP files
        # Specifically matches URIs ending in .php
        location ~ \.php$ {
                root   $host_path;
                fastcgi_pass track_gaara_la;
        }


     }
     server {
        listen      *:80;
        listen      *:8196;
        server_name track.sakura.com;
#       server_name go.sakura.com;
        server_name aws-track.sakura.com;
        server_name aws-go.sakura.com;
                server_name     jump.sakura.com;
                server_name     go.sakura.com;
                server_name     go.ngaara.com;
                server_name     go.pockiepirates.ngaara.com;
                server_name     go.pockiepirates.sakura.com;
                server_name     go.leagueofangels.sakura.com;
                server_name     go.warfare.sakura.com;
                server_name     go.cybermonster2.sakura.com;
                server_name     go.wartune.sakura.com;
                server_name     go.pockiesaints.sakura.com;
                server_name     go.pockiedefense.sakura.com;
                server_name     go.grandvoyage.sakura.com;
                server_name     go.talesofsolaris.sakura.com;
                server_name     go.ddtank.sakura.com;
                server_name     go.pockiekingdom.sakura.com;
                server_name     go.ageofcivilization.sakura.com;


        access_log  /ngaara/data/nginx/logs/track.sakura.com.access.log main;
        error_log    /ngaara/data/nginx/logs/track.sakura.com.error.log  error;
        set $host_path "/ngaara/sites/mic/webroot/track.sakura.com/html";
        root   $host_path;


        index  index.php index.html index.htm;
        add_header    Cache-Control  no-store;
        add_header    Expires -1;
        location ~ ^/backend/ {
#              rewrite ^/backend/(.*)$ permanent;
              location ~ \.php$ {
                     fastcgi_pass  track_sakura_com;
                     root  /ngaara/sites/mic/webroot/track.sakura.com/html;
                     break;
              }
# auth_basic "input you user name and password";
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd_for_ngaara;
        }
#        auth_basic "input you user name and password";
#        auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;


        # BEGIN restrictions.conf
        # Disable logging for favicon
#       location / {
#           if (!-e $request_filename){
#               rewrite ^/(.*) /index.php last;
#           }
#       }
location / {
                        client_max_body_size 100m;
                        if (-f $request_filename) {
                                break;
                        }


                        if (!-f $request_filename) {
                                rewrite ^/lp(\d+)/([a-z0-9\-_]+)\.html?$        /click.php?lp=$1&tag=$2&$query_string last;
                                rewrite ^/([a-z0-9\-_]+)\.html?$        /click.php?tag=$1&$query_string last;
                                rewrite ^/$     /click.php?link_id=1&$query_string last;
                        }
                        root   /ngaara/sites/mic/webroot/track.sakura.com/html;
                        index  index.html index.htm index.php;
                        #access_log     off;
                }
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }


        # Disable logging for robots.txt
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }


        # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
        location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
        }
        # END restrictions.conf


        # Tell browser to cache image files for 24 hours, do not log missing images
        # I typically keep this after the yii rules, so that there is no conflict with content served by Yii
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires 3h;
                log_not_found off;
        }


        # Block for processing PHP files
        # Specifically matches URIs ending in .php
        location ~ \.php$ {
root   $host_path;
                fastcgi_pass track_sakura_com;
        }


     }
     server {
        listen      *:80;
        listen      *:8197;
        server_name aws-analyst.sakura.com;
        server_name analyst.sakura.com;


        access_log  /ngaara/data/nginx/logs/track.sakura.com.access.log main;
        error_log    /ngaara/data/nginx/logs/track.sakura.com.error.log  error;
        set $host_path "/ngaara/sites/mic/webroot/track.sakura.com/html/backend/";
        root   $host_path;


        index  index.php index.html index.htm;
        add_header    Cache-Control  no-store;
        add_header    Expires -1;


#        auth_basic "input you user name and password";
#        auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;


        # BEGIN restrictions.conf
        # Disable logging for favicon
#       location / {
#           if (!-e $request_filename){
#               rewrite ^/(.*) /index.php last;
#           }
#       }
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }


        # Disable logging for robots.txt
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }


        # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
        location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
        }
        # END restrictions.conf


        # Tell browser to cache image files for 24 hours, do not log missing images
        # I typically keep this after the yii rules, so that there is no conflict with content served by Yii
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires 3h;
                log_not_found off;
        }


        # Block for processing PHP files
        # Specifically matches URIs ending in .php
        location ~ \.php$ {
                root   $host_path;
                fastcgi_pass track_sakura_com;
        }


     } 


    server {
        listen      *:80;
        listen      *:8199;
        server_name payments.mic.com;


        access_log  /ngaara/data/nginx/logs/payments.mic.com.access.log  main;  
        error_log   /ngaara/data/nginx/logs/payments.mic.com.error.log error;
        set $host_path "/ngaara/sites/mic/webroot/payments.mic.com/html";
        root   $host_path;  
        index  index.php index.html index.htm; 
        add_header    Cache-Control  no-store;
        add_header    Expires -1;
        #auth_basic "input you user name and password";
        #auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;




        if ($host = 'payments.mic.com') {
                 rewrite ^/default/index$ permanent;
        }
#        if ($blocked = yes) {
#                return 404;
#         }




        # BEGIN restrictions.conf
        # Disable logging for favicon
#       location / {  
#           if (!-e $request_filename){  
#               rewrite ^/(.*) /index.php last;  
#           }  
#       } 
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }


        # Disable logging for robots.txt
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }


        # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
        location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
        }
        # END restrictions.conf


        # Typically I create a yiiframework.conf file that I then include across all of my yii vhosts
        #include conf.d/yiiframework.conf;
        # I've included the content of my yiiframework.conf in-line for this example


        # BEGIN yiiframework.conf
        # Block access to protected, framework, and nbproject (artifact from Netbeans)
        location ~ /(protected|framework|nbproject) {
                deny all;
                access_log off;
                log_not_found off;
        }


        # Attempt the uri, uri+/, then fall back to yii's index.php with args included
        # Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
        location / {
                try_files $uri $uri/ /index.php?$args;
        }
        # END yiiframework.conf


        # Tell browser to cache image files for 24 hours, do not log missing images
        # I typically keep this after the yii rules, so that there is no conflict with content served by Yii
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires 3h;
                log_not_found off;
        }


        # Block for processing PHP files
        # Specifically matches URIs ending in .php
        location ~ \.php$ {
                set_real_ip_from   10.10.1.110;
                real_ip_header     X-Real-IP;
                try_files $uri =404;


                # Fix for server variables that behave differently under nginx/php-fpm than typically expected
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                # Include the standard fastcgi_params file included with nginx
                include fastcgi_params;
                fastcgi_param  PATH_INFO        $fastcgi_path_info;
                fastcgi_index index.php;
                # Override the SCRIPT_FILENAME variable set by fastcgi_params
                fastcgi_param  SCRIPT_FILENAME  $host_path$fastcgi_script_name;
                # Pass to upstream PHP-FPM; This must match whatever you name your upstream connection
                fastcgi_pass payments_mic_com;
        }


     }
server {
        listen      *:443;
        server_name payments.mic.com;


        access_log  /ngaara/data/nginx/logs/payments.mic.com.access.log  main;  
        error_log   /ngaara/data/nginx/logs/payments.mic.com.error.log error;
        set $host_path "/ngaara/sites/mic/webroot/payments.mic.com/html";
        root   $host_path;  
        index  index.php index.html index.htm; 
        add_header    Cache-Control  no-store;
        add_header    Expires -1;


ssl on;
        ssl_certificate /ngaara/sites/mic/configs/ssl/bundle.crt;
        ssl_certificate_key /ngaara/sites/mic/configs/ssl/mic.KEY;
        ssl_session_timeout 5m;
        ssl_protocols SSLv2 TLSv1.2 TLSv1.1 TLSv1;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;

        #auth_basic "input you user name and password";
        #auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;




        if ($host = 'payments.mic.com') {
                 rewrite ^/default/index$ permanent;
        }
#        if ($blocked = yes) {
#                return 404;
#         }




        # BEGIN restrictions.conf
        # Disable logging for favicon
#       location / {  
#           if (!-e $request_filename){  
#               rewrite ^/(.*) /index.php last;  
#           }  
#       } 
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }


        # Disable logging for robots.txt
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }


        # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
        location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
        }
        # END restrictions.conf


        # Typically I create a yiiframework.conf file that I then include across all of my yii vhosts
        #include conf.d/yiiframework.conf;
        # I've included the content of my yiiframework.conf in-line for this example


        # BEGIN yiiframework.conf
        # Block access to protected, framework, and nbproject (artifact from Netbeans)
        location ~ /(protected|framework|nbproject) {
                deny all;
                access_log off;
                log_not_found off;
        }


        # Attempt the uri, uri+/, then fall back to yii's index.php with args included
        # Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
        location / {
                try_files $uri $uri/ /index.php?$args;
        }
        # END yiiframework.conf


        # Tell browser to cache image files for 24 hours, do not log missing images
        # I typically keep this after the yii rules, so that there is no conflict with content served by Yii
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires 3h;
                log_not_found off;
        }


        # Block for processing PHP files
        # Specifically matches URIs ending in .php
        location ~ \.php$ {
                set_real_ip_from   10.10.1.110;
                real_ip_header     X-Real-IP;
                try_files $uri =404;


                # Fix for server variables that behave differently under nginx/php-fpm than typically expected
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                # Include the standard fastcgi_params file included with nginx
                include fastcgi_params;
                fastcgi_param  PATH_INFO        $fastcgi_path_info;
                fastcgi_index index.php;
                # Override the SCRIPT_FILENAME variable set by fastcgi_params
                fastcgi_param  SCRIPT_FILENAME  $host_path$fastcgi_script_name;
                # Pass to upstream PHP-FPM; This must match whatever you name your upstream connection
                fastcgi_pass payments_mic_com;
        }


     }


}


阅读(1086) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~