-
-
Save johanneslamers/079714e5bd21501f37f9090e005bdf8f to your computer and use it in GitHub Desktop.
Revisions
-
ipmb renamed this gist
Nov 13, 2014 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Nov 13, 2014 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Nov 13, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,37 @@ upstream myapp { server 127.0.0.1:8081; } limit_req_zone $binary_remote_addr zone=login:10m rate=1r/s; server { listen 443 ssl spdy; server_name _; ssl on; ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate_key /etc/nginx/ssl/cert.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers AES256+EECDH:AES256+EDH; ssl_session_cache builtin:1000 shared:SSL:5m; ssl_prefer_server_ciphers on; location / { proxy_pass http://myapp; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; } location /account/login/ { # apply rate limiting limit_req zone=login burst=5; # boilerplate copied from location / proxy_pass http://myapp; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; } }