Syntax: alias path; Default: — Context: location Defines a replacement for the specified location. For example, with the following configuration location /i/ { alias /data/w3/images/; } on request of “/i/top.gif”, the file /data/w3/images/top.gif will be sent. The path value can contain variables, except $document_root and $realpath_root. If alias is used inside a location defined with a regular expression then such regular expression should contain captures and alias s

Syntax: ssl_prefer_server_ciphers on | off; Default: ssl_prefer_server_ciphers off; Context: mail, server Specifies that server ciphers should be preferred over client ciphers when the SSLv3 and TLS protocols are used.

Syntax: proxy_cache_purge string ...; Default: — Context: http, server, location This directive appeared in version 1.5.7. Defines conditions under which the request will be considered a cache purge request. If at least one value of the string parameters is not empty and is not equal to “0” then the cache entry with a corresponding cache key is removed. The result of successful operation is indicated by returning the 204 (No Content) response. If the cache key of a purge request

Syntax: proxy_ssl_certificate_key file; Default: — Context: stream, server Specifies a file with the secret key in the PEM format used for authentication to a proxied server.

Syntax: proxy_next_upstream_timeout time; Default: proxy_next_upstream_timeout 0; Context: http, server, location This directive appeared in version 1.7.5. Limits the time during which a request can be passed to the next server. The 0 value turns off this limitation.

Syntax: ssl_certificate file; Default: — Context: http, server Specifies a file with the certificate in the PEM format for the given virtual server. If intermediate certificates should be specified in addition to a primary certificate, they should be specified in the same file in the following order: the primary certificate comes first, then the intermediate certificates. A secret key in the PEM format may be placed in the same file. Since version 1.11.0, this directive can be sp

Syntax: return code [text];return code URL;return URL; Default: — Context: server, location, if Stops processing and returns the specified code to a client. The non-standard code 444 closes a connection without sending a response header. Starting from version 0.8.42, it is possible to specify either a redirect URL (for codes 301, 302, 303, and 307), or the response body text (for other codes). A response body text and redirect URL can contain variables. As a special case, a redir

Syntax: log_format name [escape=default|json] string ...; Default: log_format combined "..."; Context: http Specifies log format. The escape parameter (1.11.8) allows setting json or default characters escaping in variables, by default, default escaping is used. The log format can contain common variables, and variables that exist only at the time of a log write: $bytes_sent the number of bytes sent to a client $connection connection serial number $connection

Syntax: ntlm; Default: — Context: upstream This directive appeared in version 1.9.2. Allows proxying requests with NTLM Authentication. The upstream connection is bound to the client connection once the client sends a request with the “Authorization” header field value starting with “Negotiate” or “NTLM”. Further client requests will be proxied through the same upstream connection, keeping the authentication context. In order for NTLM authentication to work, it is necessary to e

Syntax: read_ahead size; Default: read_ahead 0; Context: http, server, location Sets the amount of pre-reading for the kernel when working with file. On Linux, the posix_fadvise(0, 0, 0, POSIX_FADV_SEQUENTIAL) system call is used, and so the size parameter is ignored. On FreeBSD, the fcntl(O_READAHEAD, size) system call, supported since FreeBSD 9.0-CURRENT, is used. FreeBSD 7 has to be patched.