Syntax: limit_conn zone number; Default: — Context: stream, server Sets the shared memory zone and the maximum allowed number of connections for a given key value. When this limit is exceeded, the server will close the connection. For example, the directives limit_conn_zone $binary_remote_addr zone=addr:10m; server { ... limit_conn addr 1; } allow only one connection per an IP address at a time. When several limit_conn directives are specified, any configured limit w

Syntax: pcre_jit on | off; Default: pcre_jit off; Context: main This directive appeared in version 1.1.12. Enables or disables the use of “just-in-time compilation” (PCRE JIT) for the regular expressions known by the time of configuration parsing. PCRE JIT can speed up processing of regular expressions significantly. The JIT is available in PCRE libraries starting from version 8.20 built with the --enable-jit configuration parameter. When the PCRE library is built with nginx (

Syntax: proxy_next_upstream on | off; Default: proxy_next_upstream on; Context: stream, server When a connection to the proxied server cannot be established, determines whether a client connection will be passed to the next server. Passing a connection to the next server can be limited by the number of tries and by time.

Syntax: ssl_ecdh_curve curve; Default: ssl_ecdh_curve auto; Context: http, server This directive appeared in versions 1.1.0 and 1.0.6. Specifies a curve for ECDHE ciphers. When using OpenSSL 1.0.2 or higher, it is possible to specify multiple curves (1.11.0), for example: ssl_ecdh_curve prime256v1:secp384r1; The special value auto (1.11.0) instructs nginx to use a list built into the OpenSSL library when using OpenSSL 1.0.2 or higher, or prime256v1 with older versions. Pr

Syntax: proxy_ssl_verify on | off; Default: proxy_ssl_verify off; Context: stream, server Enables or disables verification of the proxied server certificate.

Syntax: gzip_disable regex ...; Default: — Context: http, server, location This directive appeared in version 0.6.23. Disables gzipping of responses for requests with “User-Agent” header fields matching any of the specified regular expressions. The special mask “msie6” (0.7.12) corresponds to the regular expression “MSIE [4-6]\.”, but works faster. Starting from version 0.8.11, “MSIE 6.0; ... SV1” is excluded from this mask.

Syntax: worker_cpu_affinity cpumask ...;worker_cpu_affinity auto [cpumask]; Default: — Context: main Binds worker processes to the sets of CPUs. Each CPU set is represented by a bitmask of allowed CPUs. There should be a separate set defined for each of the worker processes. By default, worker processes are not bound to any specific CPUs. For example, worker_processes 4; worker_cpu_affinity 0001 0010 0100 1000; binds each worker process to a separate CPU, while worker_pr

Syntax: ssl_session_cache off | none | [builtin[:size]] [shared:name:size]; Default: ssl_session_cache none; Context: stream, server Sets the types and sizes of caches that store session parameters. A cache can be of any of the following types: off the use of a session cache is strictly prohibited: nginx explicitly tells a client that sessions may not be reused. none the use of a session cache is gently disallowed: nginx tells a client that sessions may be reus

Syntax: fastcgi_hide_header field; Default: — Context: http, server, location By default, nginx does not pass the header fields “Status” and “X-Accel-...” from the response of a FastCGI server to a client. The fastcgi_hide_header directive sets additional fields that will not be passed. If, on the contrary, the passing of fields needs to be permitted, the fastcgi_pass_header directive can be used.

Syntax: ssi_last_modified on | off; Default: ssi_last_modified off; Context: http, server, location This directive appeared in version 1.5.1. Allows preserving the “Last-Modified” header field from the original response during SSI processing to facilitate response caching. By default, the header field is removed as contents of the response are modified during processing and may contain dynamically generated elements or parts that are changed independently of the original respons