Syntax: ssl_verify_client on | off | optional | optional_no_ca; Default: ssl_verify_client off; Context: mail, server This directive appeared in version 1.7.11. Enables verification of client certificates. The verification result is passed in the “Auth-SSL-Verify” header of the authentication request. The optional parameter requests the client certificate and verifies it if the certificate is present. The optional_no_ca parameter requests the client certificate but do

Syntax: return code [text];return code URL;return URL; Default: — Context: server, location, if Stops processing and returns the specified code to a client. The non-standard code 444 closes a connection without sending a response header. Starting from version 0.8.42, it is possible to specify either a redirect URL (for codes 301, 302, 303, and 307), or the response body text (for other codes). A response body text and redirect URL can contain variables. As a special case, a redir

Syntax: proxy_ssl_name name; Default: proxy_ssl_name host from proxy_pass; Context: stream, server Allows overriding the server name used to verify the certificate of the proxied server and to be passed through SNI when establishing a connection with the proxied server. The server name can also be specified using variables (1.11.3). By default, the host part of the proxy_pass address is used.

Syntax: proxy_next_upstream_tries number; Default: proxy_next_upstream_tries 0; Context: stream, server Limits the number of possible tries for passing a connection to the next server. The 0 value turns off this limitation.

Syntax: least_time connect | first_byte | last_byte; Default: — Context: upstream Specifies that a group should use a load balancing method where a connection is passed to the server with the least average time and least number of active connections, taking into account weights of servers. If there are several such servers, they are tried in turn using a weighted round-robin balancing method. If the connect parameter is specified, time to connect to the upstream server

Syntax: merge_slashes on | off; Default: merge_slashes on; Context: http, server Enables or disables compression of two or more adjacent slashes in a URI into a single slash. Note that compression is essential for the correct matching of prefix string and regular expression locations. Without it, the “//scripts/one.php” request would not match location /scripts/ { ... } and might be processed as a static file. So it gets converted to “/scripts/one.php”. Turning the comp

Syntax: sendfile on | off; Default: sendfile off; Context: http, server, location, if in location Enables or disables the use of sendfile(). Starting from nginx 0.8.12 and FreeBSD 5.2.1, aio can be used to pre-load data for sendfile(): location /video/ { sendfile on; tcp_nopush on; aio on; } In this configuration, sendfile() is called with the SF_NODISKIO flag which causes it not to block on disk I/O, but, instead, report back that the data ar

Syntax: uninitialized_variable_warn on | off; Default: uninitialized_variable_warn on; Context: http, server, location, if Controls whether warnings about uninitialized variables are logged.

Syntax: map_hash_bucket_size size; Default: map_hash_bucket_size 32|64|128; Context: http Sets the bucket size for the map variables hash tables. Default value depends on the processor’s cache line size. The details of setting up hash tables are provided in a separate document.

Syntax: index file ...; Default: index index.html; Context: http, server, location Defines files that will be used as an index. The file name can contain variables. Files are checked in the specified order. The last element of the list can be a file with an absolute path. Example: index index.$geo.html index.0.html /index.html; It should be noted that using an index file causes an internal redirect, and the request can be processed in a different location. For example, with the