- 
      
- 
        Save seungmanlee/a7a83b940dfff7b45b057c15877224fc to your computer and use it in GitHub Desktop. 
Revisions
- 
        denji revised this gist Oct 22, 2016 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -37,10 +37,10 @@ events { # max clients is also limited by the number of socket connections available on the system (~64k) worker_connections 4000; # optmized to serve many clients with each thread, essential for linux -- for testing environment use epoll; # accept as many connections as possible, may flood worker connections if set too low -- for testing environment multi_accept on; } 
- 
        denji revised this gist Sep 25, 2016 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -90,12 +90,14 @@ keepalive_requests 100000; Now you can save config and run bottom command ``` nginx -s reload /etc/init.d/nginx start|restart ``` If you wish to test config first you can run ``` nginx -t /etc/init.d/nginx configtest ``` 
- 
        denji revised this gist Sep 25, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -80,7 +80,7 @@ client_body_timeout 10; # if client stop responding, free up memory -- default 60 send_timeout 2; # server will close connection after this time -- default 75 keepalive_timeout 30; # number of requests client can make over keep-alive -- for testing environment 
- 
        denji revised this gist Sep 16, 2016 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -143,11 +143,13 @@ client_header_timeout 3m; Now you can do again test config ```bash nginx -t /etc/init.d/nginx configtest ``` And then reload or restart your nginx ``` nginx -s reload /etc/init.d/nginx restart|reload ``` 
- 
        denji revised this gist Sep 6, 2016 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -182,3 +182,4 @@ Happy Hacking! * https://nginx.org/r/pcre_jit * https://nginx.org/r/ssl_engine (`openssl engine -t `) * https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/ * https://www.nginx.com/blog/tuning-nginx/ 
- 
        denji revised this gist Aug 30, 2016 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -68,8 +68,8 @@ tcp_nodelay on; gzip on; gzip_min_length 10240; gzip_proxied expired no-cache no-store private auth; gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/json application/xml; gzip_disable msie6; # allow the server to close connection on non responding client, this will free up memory reset_timedout_connection on; 
- 
        denji revised this gist Aug 30, 2016 . 1 changed file with 4 additions and 4 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -83,7 +83,7 @@ send_timeout 2; # server will close connection after this time keepalive_timeout 30; # number of requests client can make over keep-alive -- for testing environment keepalive_requests 100000; ``` @@ -127,16 +127,16 @@ server { # if the request body size is more than the buffer size, then the entire (or partial) request body is written into a temporary file client_body_buffer_size 128k; # headerbuffer size for the request header from client -- for testing environment client_header_buffer_size 3m; # maximum number and size of buffers for large headers to read from client request large_client_header_buffers 4 256k; # read timeout for the request body from client -- for testing environment client_body_timeout 3m; # how long to wait for the client to send a request header -- for testing environment client_header_timeout 3m; ``` 
- 
        denji revised this gist Aug 30, 2016 . 1 changed file with 4 additions and 3 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -127,16 +127,16 @@ server { # if the request body size is more than the buffer size, then the entire (or partial) request body is written into a temporary file client_body_buffer_size 128k; # headerbuffer size for the request header from client -- for testing client_header_buffer_size 3m; # maximum number and size of buffers for large headers to read from client request large_client_header_buffers 4 256k; # read timeout for the request body from client -- for testing client_body_timeout 3m; # how long to wait for the client to send a request header -- for testing client_header_timeout 3m; ``` @@ -181,3 +181,4 @@ Happy Hacking! * https://www.nginx.com/blog/performing-a-b-testing-nginx-plus/ * https://nginx.org/r/pcre_jit * https://nginx.org/r/ssl_engine (`openssl engine -t `) * https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/ 
- 
        denji revised this gist Aug 30, 2016 . 1 changed file with 3 additions and 3 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -64,9 +64,6 @@ tcp_nopush on; # don't buffer data sent, good for small data bursts in real time tcp_nodelay on; # reduce the data that needs to be sent over network gzip on; gzip_min_length 10240; @@ -83,6 +80,9 @@ client_body_timeout 10; # if client stop responding, free up memory -- default 60 send_timeout 2; # server will close connection after this time keepalive_timeout 30; # number of requests client can make over keep-alive -- for testing keepalive_requests 100000; ``` 
- 
        denji revised this gist Aug 30, 2016 . 1 changed file with 8 additions and 8 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -67,8 +67,12 @@ tcp_nodelay on; # server will close connection after this time keepalive_timeout 30; # reduce the data that needs to be sent over network gzip on; gzip_min_length 10240; gzip_proxied expired no-cache no-store private auth; gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml; gzip_disable "MSIE [1-6]\."; # allow the server to close connection on non responding client, this will free up memory reset_timedout_connection on; @@ -79,12 +83,8 @@ client_body_timeout 10; # if client stop responding, free up memory -- default 60 send_timeout 2; # number of requests client can make over keep-alive -- for testing keepalive_requests 100000; ``` Now you can save config and run bottom command 
- 
        denji revised this gist Aug 29, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -9,7 +9,7 @@ You must understand that this config is used in testing environment and not in p * [Stable version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#stable) * [Mainline version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#mainline) First, you will need to install nginx ```bash yum install nginx 
- 
        denji revised this gist Aug 29, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -9,7 +9,7 @@ You must understand that this config is used in testing environment and not in p * [Stable version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#stable) * [Mainline version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#mainline) First, you will need to install nginx, my way to install nginx is compiling it from source, but for now we will use `apt-get` (`apt`) / `yum` ```bash yum install nginx 
- 
        denji revised this gist Aug 29, 2016 . 1 changed file with 2 additions and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -12,7 +12,8 @@ You must understand that this config is used in testing environment and not in p First, you will need to install nginx, my way to install nginx is compiling it from source, but for now we will use `apt-get` ```bash yum install nginx apt install nginx ``` Backup your original configs and you can start reconfigure your configs. You will need to open your `nginx.conf` at `/etc/nginx/nginx.conf` with your favorite editor. 
- 
        denji revised this gist Aug 29, 2016 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -6,8 +6,8 @@ Generally, properly configured nginx can handle up to 400,000 to 500,000 request You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers. * [Stable version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#stable) * [Mainline version NGINX (deb/rpm)](https://nginx.org/en/linux_packages.html#mainline) First, you will need to install nginx, my way to install nginx is compiling it from source, but for now we will use `apt-get` 
- 
        denji revised this gist Aug 29, 2016 . 1 changed file with 3 additions and 0 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -6,6 +6,9 @@ Generally, properly configured nginx can handle up to 400,000 to 500,000 request You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers. * [Stable version NGINX](https://nginx.org/en/linux_packages.html#stable) * [Mainline version NGINX](https://nginx.org/en/linux_packages.html#mainline) First, you will need to install nginx, my way to install nginx is compiling it from source, but for now we will use `apt-get` ```bash 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ NGINX Tuning For Best Performance -- For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx. 
- 
        denji revised this gist Aug 25, 2016 . No changes.There are no files selected for viewing
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -176,4 +176,4 @@ Happy Hacking! * https://www.nginx.com/blog/socket-sharding-nginx-release-1-9-1/ * https://www.nginx.com/blog/performing-a-b-testing-nginx-plus/ * https://nginx.org/r/pcre_jit * https://nginx.org/r/ssl_engine (`openssl engine -t `) 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 3 additions and 0 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -174,3 +174,6 @@ Happy Hacking! * https://github.com/h5bp/server-configs-nginx * https://www.nginx.com/blog/thread-pools-boost-performance-9x/ * https://www.nginx.com/blog/socket-sharding-nginx-release-1-9-1/ * https://www.nginx.com/blog/performing-a-b-testing-nginx-plus/ * https://nginx.org/r/pcre_jit * https://nginx.org/r/ssl_engine 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,7 +2,7 @@ Nginx Tuning For Best Performance -- For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx. Generally, properly configured nginx can handle up to 400,000 to 500,000 requests per second (clustered), most what i saw is 50,000 to 80,000 (non-clustered) requests per second and 30% CPU load, course, this was `2 x Intel Xeon` with HyperThreading enabled, but it can work without problem on slower machines. You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers. 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,7 +2,7 @@ Nginx Tuning For Best Performance -- For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx. Generally, properly configured nginx can handle up to 400,000 to 500,000 requests per second (clustered), most what i saw is 50,000 to 80,000 (non-clustered) requests per second and 30% CPU load, course, this was `2 x Intel Xeon` [with HT](http://blog.regehr.org/archives/1416) enabled, but it can work without problem on slower machines. You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers. 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -149,7 +149,7 @@ And then reload or restart your nginx You can test this configuration with `tsung` and when you are satisfied with result you can hit `Ctrl+C` because it can run for hours. DoS [HTTP/1.1 and above: Range Requests](https://tools.ietf.org/html/rfc7233#section-6.1) -- By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited. DoS attacks can many Range-Requests (Impact on stability I/O). 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -149,10 +149,10 @@ And then reload or restart your nginx You can test this configuration with `tsung` and when you are satisfied with result you can hit `Ctrl+C` because it can run for hours. DoS [HTTP/1.1+: Range Requests](https://tools.ietf.org/html/rfc7233#section-6.1) -- By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited. DoS attacks can many Range-Requests (Impact on stability I/O). Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+) -- 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -149,10 +149,10 @@ And then reload or restart your nginx You can test this configuration with `tsung` and when you are satisfied with result you can hit `Ctrl+C` because it can run for hours. DoS [HTTP/1.1 Range Requests](https://tools.ietf.org/html/rfc7233#section-6.1) -- By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited. DoS attacks can many Rage-Requests (Impact on stability I/O). Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+) -- 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -149,10 +149,10 @@ And then reload or restart your nginx You can test this configuration with `tsung` and when you are satisfied with result you can hit `Ctrl+C` because it can run for hours. DoS [HTTP/1.1 Range Requests](https://tools.ietf.org/html/rfc7233) -- By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited. DoS attacks can many rage (Impact on stability I/O). Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+) -- 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -164,7 +164,7 @@ Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+) [Thread Pools](https://nginx.org/r/thread_pool) in NGINX Boost Performance 9x! (Linux) -- [Multi-threaded](https://nginx.org/r/aio) sending of files is currently supported only Linux. Without [`sendfile_max_chunk`](https://nginx.org/r/sendfile_max_chunk) limit, one fast connection may seize the worker process entirely. Happy Hacking! 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -152,7 +152,7 @@ You can test this configuration with `tsung` and when you are satisfied with res HTTP/1.1: Range Requests [RFC7233](https://tools.ietf.org/html/rfc7233) -- By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited. DoS attacks can multipline rage attack (Impact on stability I/O). Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+) -- 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -151,7 +151,7 @@ You can test this configuration with `tsung` and when you are satisfied with res HTTP/1.1: Range Requests [RFC7233](https://tools.ietf.org/html/rfc7233) -- By default [`max_ranges`](https://nginx.org/r/max_ranges) is not limited. DoS attacks can multipline rage attack (Impact on stability Disk I/O). Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+) @@ -165,7 +165,7 @@ Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+) [Thread Pools](https://nginx.org/r/thread_pool) in NGINX Boost Performance 9x! (Linux) -- [Multi-threaded](https://nginx.org/r/aio) sending of files is only supported on Linux. Without [`sendfile_max_chunk`](https://nginx.org/r/sendfile_max_chunk) limit, one fast connection may seize the worker process entirely. Happy Hacking! -- 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -151,7 +151,7 @@ You can test this configuration with `tsung` and when you are satisfied with res HTTP/1.1: Range Requests [RFC7233](https://tools.ietf.org/html/rfc7233) -- By default [max_ranges](https://nginx.org/r/max_ranges) is not limited. DoS attacks can multipline rage attack (Impact on stability Disk I/O). Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+) 
- 
        denji revised this gist Aug 25, 2016 . 1 changed file with 6 additions and 1 deletion.There are no files selected for viewingThis file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -149,6 +149,11 @@ And then reload or restart your nginx You can test this configuration with `tsung` and when you are satisfied with result you can hit `Ctrl+C` because it can run for hours. HTTP/1.1: Range Requests [RFC7233](https://tools.ietf.org/html/rfc7233) -- By default [https://nginx.org/r/max_ranges] is not limited. DoS attacks can multipline rage attack (Impact on stability Disk I/O). Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+) -- | | Latency (ms) | Latency stdev (ms) | CPU Load | @@ -160,7 +165,7 @@ Socket Sharding in NGINX 1.9.1+ (DragonFly BSD and Linux 3.9+) [Thread Pools](https://nginx.org/r/thread_pool) in NGINX Boost Performance 9x! (Linux) -- [Multi-threaded](https://nginx.org/r/aio) sending of files is only supported on Linux. Without [sendfile_max_chunk](https://nginx.org/r/sendfile_max_chunk) limit, one fast connection may seize the worker process entirely. Happy Hacking! -- 
NewerOlder