Syntax: deny address | CIDR | unix: | all; Default: — Context: stream, server Denies access for the specified network or address. If the special value unix: is specified, denies access for all UNIX-domain sockets.

Syntax: geoip_proxy_recursive on | off; Default: geoip_proxy_recursive off; Context: http This directive appeared in versions 1.3.0 and 1.2.1. If recursive search is disabled then instead of the original client address that matches one of the trusted addresses, the last address sent in “X-Forwarded-For” will be used. If recursive search is enabled then instead of the original client address that matches one of the trusted addresses, the last non-trusted address sent in “X-Forward

Syntax: sub_filter_last_modified on | off; Default: sub_filter_last_modified off; Context: http, server, location This directive appeared in version 1.5.1. Allows preserving the “Last-Modified” header field from the original response during replacement to facilitate response caching. By default, the header field is removed as contents of the response are modified during processing.

Syntax: proxy_read_timeout time; Default: proxy_read_timeout 60s; Context: http, server, location Defines a timeout for reading a response from the proxied server. The timeout is set only between two successive read operations, not for the transmission of the whole response. If the proxied server does not transmit anything within this time, the connection is closed.

Beginner’s Guide Starting, Stopping, and Reloading Configuration Configuration File’s Structure Serving Static Content Setting Up a Simple Proxy Server Setting Up FastCGI Proxying This guide gives a basic introduction to nginx and describes some simple tasks that can be done with it. It is supposed that nginx is already installed on the reader’s machine. If it is not, see the Installing nginx page. This guide describes how to start and stop nginx, and reload its configuration, explains the s

Syntax: proxy_cache_methods GET | HEAD | POST ...; Default: proxy_cache_methods GET HEAD; Context: http, server, location This directive appeared in version 0.7.59. If the client request method is listed in this directive then the response will be cached. “GET” and “HEAD” methods are always added to the list, though it is recommended to specify them explicitly. See also the proxy_no_cache directive.

Syntax: proxy_pass address; Default: — Context: server Sets the address of a proxied server. The address can be specified as a domain name or IP address, and a port: proxy_pass localhost:12345; or as a UNIX-domain socket path: proxy_pass unix:/tmp/stream.socket; If a domain name resolves to several addresses, all of them will be used in a round-robin fashion. In addition, an address can be specified as a server group. The address can also be specified using variables (1.1

Syntax: ssl_password_file file; Default: — Context: stream, server Specifies a file with passphrases for secret keys where each passphrase is specified on a separate line. Passphrases are tried in turn when loading the key. Example: stream { ssl_password_file /etc/keys/global.pass; ... server { listen 127.0.0.1:12345; ssl_certificate_key /etc/keys/first.key; } server { listen 127.0.0.1:12346; # named pipe can also be used i

Syntax: source_charset charset; Default: — Context: http, server, location, if in location Defines the source charset of a response. If this charset is different from the charset specified in the charset directive, a conversion is performed.

Syntax: ignore_invalid_headers on | off; Default: ignore_invalid_headers on; Context: http, server Controls whether header fields with invalid names should be ignored. Valid names are composed of English letters, digits, hyphens, and possibly underscores (as controlled by the underscores_in_headers directive). If the directive is specified on the server level, its value is only used if a server is a default one. The value specified also applies to all virtual servers listening on