armeo · September 19, 2016 14:53 · Sep 16, 2016 · Sep 6, 2016 · Aug 30, 2016 · Aug 30, 2016
diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -143,11 +143,13 @@ client_header_timeout 3m;
 Now you can do again test config
 
 ```bash
+nginx -t
 /etc/init.d/nginx configtest
 ```
 And then reload or restart your nginx
 
 ```
+nginx -s reload
 /etc/init.d/nginx restart|reload
 ```
 

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -182,3 +182,4 @@ Happy Hacking!
 * https://nginx.org/r/pcre_jit
 * https://nginx.org/r/ssl_engine (`openssl engine -t `)
 * https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/
+* https://www.nginx.com/blog/tuning-nginx/
diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -68,8 +68,8 @@ tcp_nodelay on;
 gzip on;
 gzip_min_length 10240;
 gzip_proxied expired no-cache no-store private auth;
-gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
-gzip_disable "MSIE [1-6]\.";
+gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/json application/xml;
+gzip_disable msie6;
 
 # allow the server to close connection on non responding client, this will free up memory
 reset_timedout_connection on;

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -83,7 +83,7 @@ send_timeout 2;
 # server will close connection after this time
 keepalive_timeout 30;
 
-# number of requests client can make over keep-alive -- for testing
+# number of requests client can make over keep-alive -- for testing environment
 keepalive_requests 100000;
 ```
 
@@ -127,16 +127,16 @@ server {
 # if the request body size is more than the buffer size, then the entire (or partial) request body is written into a temporary file
 client_body_buffer_size  128k;
 
-# headerbuffer size for the request header from client -- for testing
+# headerbuffer size for the request header from client -- for testing environment
 client_header_buffer_size 3m;
 
 # maximum number and size of buffers for large headers to read from client request
 large_client_header_buffers 4 256k;
 
-# read timeout for the request body from client -- for testing
+# read timeout for the request body from client -- for testing environment
 client_body_timeout   3m;
 
-# how long to wait for the client to send a request header -- for testing
+# how long to wait for the client to send a request header -- for testing environment
 client_header_timeout 3m;
 ```
 

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -127,16 +127,16 @@ server {
 # if the request body size is more than the buffer size, then the entire (or partial) request body is written into a temporary file
 client_body_buffer_size  128k;
 
-# headerbuffer size for the request header from client, its set for testing purpose
+# headerbuffer size for the request header from client -- for testing
 client_header_buffer_size 3m;
 
 # maximum number and size of buffers for large headers to read from client request
 large_client_header_buffers 4 256k;
 
-# read timeout for the request body from client, its set for testing purpose
+# read timeout for the request body from client -- for testing
 client_body_timeout   3m;
 
-# how long to wait for the client to send a request header, its set for testing purpose
+# how long to wait for the client to send a request header -- for testing
 client_header_timeout 3m;
 ```
 
@@ -181,3 +181,4 @@ Happy Hacking!
 * https://www.nginx.com/blog/performing-a-b-testing-nginx-plus/
 * https://nginx.org/r/pcre_jit
 * https://nginx.org/r/ssl_engine (`openssl engine -t `)
+* https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/
diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -64,9 +64,6 @@ tcp_nopush on;
 # don't buffer data sent, good for small data bursts in real time
 tcp_nodelay on;
 
-# server will close connection after this time
-keepalive_timeout 30;
-
 # reduce the data that needs to be sent over network
 gzip on;
 gzip_min_length 10240;
@@ -83,6 +80,9 @@ client_body_timeout 10;
 # if client stop responding, free up memory -- default 60
 send_timeout 2;
 
+# server will close connection after this time
+keepalive_timeout 30;
+
 # number of requests client can make over keep-alive -- for testing
 keepalive_requests 100000;
 ```

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -67,8 +67,12 @@ tcp_nodelay on;
 # server will close connection after this time
 keepalive_timeout 30;
 
-# number of requests client can make over keep-alive -- for testing
-keepalive_requests 100000;
+# reduce the data that needs to be sent over network
+gzip on;
+gzip_min_length 10240;
+gzip_proxied expired no-cache no-store private auth;
+gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
+gzip_disable "MSIE [1-6]\.";
 
 # allow the server to close connection on non responding client, this will free up memory
 reset_timedout_connection on;
@@ -79,12 +83,8 @@ client_body_timeout 10;
 # if client stop responding, free up memory -- default 60
 send_timeout 2;
 
-# reduce the data that needs to be sent over network
-gzip on;
-gzip_min_length 10240;
-gzip_proxied expired no-cache no-store private auth;
-gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
-gzip_disable "MSIE [1-6]\.";
+# number of requests client can make over keep-alive -- for testing
+keepalive_requests 100000;
 ```
 
 Now you can save config and run bottom command

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -9,7 +9,7 @@ You must understand that this config is used in testing environment and not in p
 * [Stable version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#stable)
 * [Mainline version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#mainline)
 
-First, you will need to install nginx, my way to install nginx is compiling it from source, but for now we will use `apt-get` (`apt`) / `yum`
+First, you will need to install nginx
 
 ```bash
 yum install nginx

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -9,7 +9,7 @@ You must understand that this config is used in testing environment and not in p
 * [Stable version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#stable)
 * [Mainline version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#mainline)
 
-First, you will need to install nginx, my way to install nginx is compiling it from source, but for now we will use `apt-get`
+First, you will need to install nginx, my way to install nginx is compiling it from source, but for now we will use `apt-get` (`apt`) / `yum`
 
 ```bash
 yum install nginx

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -12,7 +12,8 @@ You must understand that this config is used in testing environment and not in p
 First, you will need to install nginx, my way to install nginx is compiling it from source, but for now we will use `apt-get`
 
 ```bash
-apt-get install nginx
+yum install nginx
+apt install nginx
 ```
 
 Backup your original configs and you can start reconfigure your configs. You will need to open your `nginx.conf` at `/etc/nginx/nginx.conf` with your favorite editor.

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -6,8 +6,8 @@ Generally, properly configured nginx can handle up to 400,000 to 500,000 request
 
 You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.
 
-* [Stable version NGINX](https://nginx.org/en/linux_packages.html#stable)
-* [Mainline version NGINX](https://nginx.org/en/linux_packages.html#mainline)
+* [Stable version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#stable)
+* [Mainline version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#mainline)
 
 First, you will need to install nginx, my way to install nginx is compiling it from source, but for now we will use `apt-get`
 

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -6,6 +6,9 @@ Generally, properly configured nginx can handle up to 400,000 to 500,000 request
 
 You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.
 
+* [Stable version NGINX](https://nginx.org/en/linux_packages.html#stable)
+* [Mainline version NGINX](https://nginx.org/en/linux_packages.html#mainline)
+
 First, you will need to install nginx, my way to install nginx is compiling it from source, but for now we will use `apt-get`
 
 ```bash

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -1,4 +1,4 @@
-Nginx Tuning For Best Performance
+NGINX Tuning For Best Performance
 --
 For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.
 

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -176,4 +176,4 @@ Happy Hacking!
 * https://www.nginx.com/blog/socket-sharding-nginx-release-1-9-1/
 * https://www.nginx.com/blog/performing-a-b-testing-nginx-plus/
 * https://nginx.org/r/pcre_jit
-* https://nginx.org/r/ssl_engine
+* https://nginx.org/r/ssl_engine (`openssl engine -t `)
diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -174,3 +174,6 @@ Happy Hacking!
 * https://github.com/h5bp/server-configs-nginx
 * https://www.nginx.com/blog/thread-pools-boost-performance-9x/
 * https://www.nginx.com/blog/socket-sharding-nginx-release-1-9-1/
+* https://www.nginx.com/blog/performing-a-b-testing-nginx-plus/
+* https://nginx.org/r/pcre_jit
+* https://nginx.org/r/ssl_engine
diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -2,7 +2,7 @@ Nginx Tuning For Best Performance
 --
 For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.
 
-Generally, properly configured nginx can handle up to 400,000 to 500,000 requests per second (clustered), most what i saw is 50,000 to 80,000 (non-clustered) requests per second and 30% CPU load, course, this was `2 x Intel Xeon` [with HT](http://blog.regehr.org/archives/1416) enabled, but it can work without problem on slower machines.
+Generally, properly configured nginx can handle up to 400,000 to 500,000 requests per second (clustered), most what i saw is 50,000 to 80,000 (non-clustered) requests per second and 30% CPU load, course, this was `2 x Intel Xeon` with HyperThreading enabled, but it can work without problem on slower machines.
 
 You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.
 

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -2,7 +2,7 @@ Nginx Tuning For Best Performance
 --
 For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.
 
-Generally, properly configured nginx can handle up to 400,000 to 500,000 requests per second (clustered), most what i saw is 50,000 to 80,000 (non-clustered) requests per second and 30% CPU load, course, this was 2xIntel Xeon with HT enabled, but it can work without problem on slower machines.
+Generally, properly configured nginx can handle up to 400,000 to 500,000 requests per second (clustered), most what i saw is 50,000 to 80,000 (non-clustered) requests per second and 30% CPU load, course, this was `2 x Intel Xeon` [with HT](http://blog.regehr.org/archives/1416) enabled, but it can work without problem on slower machines.
 
 You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.
 

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -149,7 +149,7 @@ And then reload or restart your nginx
 
 You can test this configuration with `tsung` and when you are satisfied with result you can hit `Ctrl+C` because it can run for hours.
 
-DoS [HTTP/1.1+: Range Requests](https://tools.ietf.org/html/rfc7233#section-6.1)
+DoS [HTTP/1.1 and above: Range Requests](https://tools.ietf.org/html/rfc7233#section-6.1)
 --
 By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited.
 DoS attacks can many Range-Requests (Impact on stability I/O).

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -149,10 +149,10 @@ And then reload or restart your nginx
 
 You can test this configuration with `tsung` and when you are satisfied with result you can hit `Ctrl+C` because it can run for hours.
 
-DoS [HTTP/1.1 Range Requests](https://tools.ietf.org/html/rfc7233#section-6.1)
+DoS [HTTP/1.1+: Range Requests](https://tools.ietf.org/html/rfc7233#section-6.1)
 --
 By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited.
-DoS attacks can many Rage-Requests (Impact on stability I/O).
+DoS attacks can many Range-Requests (Impact on stability I/O).
 
 Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 --

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -149,10 +149,10 @@ And then reload or restart your nginx
 
 You can test this configuration with `tsung` and when you are satisfied with result you can hit `Ctrl+C` because it can run for hours.
 
-DoS [HTTP/1.1 Range Requests](https://tools.ietf.org/html/rfc7233)
+DoS [HTTP/1.1 Range Requests](https://tools.ietf.org/html/rfc7233#section-6.1)
 --
 By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited.
-DoS attacks can many rage (Impact on stability I/O).
+DoS attacks can many Rage-Requests (Impact on stability I/O).
 
 Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 --

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -149,10 +149,10 @@ And then reload or restart your nginx
 
 You can test this configuration with `tsung` and when you are satisfied with result you can hit `Ctrl+C` because it can run for hours.
 
-HTTP/1.1: Range Requests [RFC7233](https://tools.ietf.org/html/rfc7233)
+DoS [HTTP/1.1 Range Requests](https://tools.ietf.org/html/rfc7233)
 --
 By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited.
-DoS attacks can multipline rage attack (Impact on stability I/O).
+DoS attacks can many rage (Impact on stability I/O).
 
 Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 --

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -164,7 +164,7 @@ Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 
 [Thread Pools](https://nginx.org/r/thread_pool) in NGINX Boost Performance 9x! (Linux)
 --
-[Multi-threaded](https://nginx.org/r/aio) sending of files is only supported on Linux.
+[Multi-threaded](https://nginx.org/r/aio) sending of files is currently supported only Linux.
 Without [`sendfile_max_chunk`](https://nginx.org/r/sendfile_max_chunk) limit, one fast connection may seize the worker process entirely.
 
 Happy Hacking!

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -152,7 +152,7 @@ You can test this configuration with `tsung` and when you are satisfied with res
 HTTP/1.1: Range Requests [RFC7233](https://tools.ietf.org/html/rfc7233)
 --
 By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited.
-DoS attacks can multipline rage attack (Impact on stability Disk I/O).
+DoS attacks can multipline rage attack (Impact on stability I/O).
 
 Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 --

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -151,7 +151,7 @@ You can test this configuration with `tsung` and when you are satisfied with res
 
 HTTP/1.1: Range Requests [RFC7233](https://tools.ietf.org/html/rfc7233)
 --
-By default [max_ranges](https://nginx.org/r/max_ranges) is not limited.
+By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited.
 DoS attacks can multipline rage attack (Impact on stability Disk I/O).
 
 Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
@@ -165,7 +165,7 @@ Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 [Thread Pools](https://nginx.org/r/thread_pool) in NGINX Boost Performance 9x! (Linux)
 --
 [Multi-threaded](https://nginx.org/r/aio) sending of files is only supported on Linux.
-Without [sendfile_max_chunk](https://nginx.org/r/sendfile_max_chunk) limit, one fast connection may seize the worker process entirely.
+Without [`sendfile_max_chunk`](https://nginx.org/r/sendfile_max_chunk) limit, one fast connection may seize the worker process entirely.
 
 Happy Hacking!
 --

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -151,7 +151,7 @@ You can test this configuration with `tsung` and when you are satisfied with res
 
 HTTP/1.1: Range Requests [RFC7233](https://tools.ietf.org/html/rfc7233)
 --
-By default [https://nginx.org/r/max_ranges] is not limited.
+By default [max_ranges](https://nginx.org/r/max_ranges) is not limited.
 DoS attacks can multipline rage attack (Impact on stability Disk I/O).
 
 Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -149,6 +149,11 @@ And then reload or restart your nginx
 
 You can test this configuration with `tsung` and when you are satisfied with result you can hit `Ctrl+C` because it can run for hours.
 
+HTTP/1.1: Range Requests [RFC7233](https://tools.ietf.org/html/rfc7233)
+--
+By default [https://nginx.org/r/max_ranges] is not limited.
+DoS attacks can multipline rage attack (Impact on stability Disk I/O).
+
 Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 --
 |                  | Latency (ms) | Latency stdev (ms) | CPU Load |
@@ -160,7 +165,7 @@ Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 [Thread Pools](https://nginx.org/r/thread_pool) in NGINX Boost Performance 9x! (Linux)
 --
 [Multi-threaded](https://nginx.org/r/aio) sending of files is only supported on Linux.
-Without [sendfile_max_chunk](http://nginx.org/r/sendfile_max_chunk) limit, one fast connection may seize the worker process entirely.
+Without [sendfile_max_chunk](https://nginx.org/r/sendfile_max_chunk) limit, one fast connection may seize the worker process entirely.
 
 Happy Hacking!
 --

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -159,7 +159,7 @@ Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 
 [Thread Pools](https://nginx.org/r/thread_pool) in NGINX Boost Performance 9x! (Linux)
 --
-[Multi-threaded](https://nginx.org/r/aio) sending of files is only supported on Linux
+[Multi-threaded](https://nginx.org/r/aio) sending of files is only supported on Linux.
 Without [sendfile_max_chunk](http://nginx.org/r/sendfile_max_chunk) limit, one fast connection may seize the worker process entirely.
 
 Happy Hacking!

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -160,6 +160,7 @@ Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 [Thread Pools](https://nginx.org/r/thread_pool) in NGINX Boost Performance 9x! (Linux)
 --
 [Multi-threaded](https://nginx.org/r/aio) sending of files is only supported on Linux
+Without [sendfile_max_chunk](http://nginx.org/r/sendfile_max_chunk) limit, one fast connection may seize the worker process entirely.
 
 Happy Hacking!
 --

diff --git a/nginx-tuning.md b/nginx-tuning.md
@@ -157,7 +157,7 @@ Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+)
 | accept_mutex off | 15.59        | 26.48              | 10       |
 | reuseport        | 12.35        | 3.15               | 0.3      |
 
-[Thread Pools](https://nginx.org/r/thread_pool) in NGINX Boost Performance 9x! (Multi-threaded sending of files is only supported on Linux)
+[Thread Pools](https://nginx.org/r/thread_pool) in NGINX Boost Performance 9x! (Linux)
 --
 [Multi-threaded](https://nginx.org/r/aio) sending of files is only supported on Linux