nginx.conf

# Riverside Fortress security configuration
# Main nginx config

# author: Sergey Serov

user www-data;
worker_processes 8;
pid /var/run/nginx.pid;

error_log /var/log/nginx/error.log;

events {
  worker_connections 1024;
}

http {
  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  sendfile on;
  sendfile_max_chunk 1m;
  client_max_body_size 24m;
  client_body_buffer_size 128k;

  # proxy settings
  proxy_set_header Host $host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

  keepalive_timeout 65;

  gzip on;

  gzip_types
    text/css
    text/xml
    image/svg+xml
    application/json
    application/xhtml+xml
    application/javascript;

  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
  log_format defense_log '$remote_addr $remote_user [$time_local] "$request" status:$status bytes_sent:$bytes_sent gzip_ratio:$gzip_ratio connection_requests:$connection_requests request_length:$request_length connection-serial-number:$connection request_time:$request_time "$http_user_agent" "$http_referer"';
  log_format request_body_log '$remote_addr $remote_user [$time_local] "$request" status:$status bytes_sent:$bytes_sent gzip_ratio:$gzip_ratio connection_requests:$connection_requests request_length:$request_length connection-serial-number:$connection request_time:$request_time "$http_user_agent" "$http_referer" request_body:"$request_body"';

  include /etc/nginx/conf.d/*.conf;
}