Syntax: deny address | CIDR | unix: | all; Default: — Context: stream, server Denies access for the specified network or address. If the special value unix: is specified, denies access for all UNIX-domain sockets.

Syntax: scgi_store on | off | string; Default: scgi_store off; Context: http, server, location Enables saving of files to a disk. The on parameter saves files with paths corresponding to the directives alias or root. The off parameter disables saving of files. In addition, the file name can be set explicitly using the string with variables: scgi_store /data/www$original_uri; The modification time of files is set according to the received “Last-Modified” response he

Syntax: proxy_ssl_certificate file; Default: — Context: stream, server Specifies a file with the certificate in the PEM format used for authentication to a proxied server.

Syntax: uwsgi_cache_lock on | off; Default: uwsgi_cache_lock off; Context: http, server, location This directive appeared in version 1.1.12. When enabled, only one request at a time will be allowed to populate a new cache element identified according to the uwsgi_cache_key directive by passing a request to a uwsgi server. Other requests of the same cache element will either wait for a response to appear in the cache or the cache lock for this element to be released, up to the time

Syntax: open_log_file_cache max=N [inactive=time] [min_uses=N] [valid=time];open_log_file_cache off; Default: open_log_file_cache off; Context: stream, server Defines a cache that stores the file descriptors of frequently used logs whose names contain variables. The directive has the following parameters: max sets the maximum number of descriptors in a cache; if the cache becomes full the least recently used (LRU) descriptors are closed inactive sets the time after which the c

Syntax: secure_link_secret word; Default: — Context: location Defines a secret word used to check authenticity of requested links. The full URI of a requested link looks as follows: /prefix/hash/link where hash is a hexadecimal representation of the MD5 hash computed for the concatenation of the link and secret word, and prefix is an arbitrary string without slashes. If the requested link passes the authenticity check, the $secure_link variable is set to the link extracted

Syntax: geoip_country file; Default: — Context: http Specifies a database used to determine the country depending on the client IP address. The following variables are available when using this database: $geoip_country_code two-letter country code, for example, “RU”, “US”. $geoip_country_code3 three-letter country code, for example, “RUS”, “USA”. $geoip_country_name country name, for example, “Russian Federation”, “United States”.

Syntax: min_delete_depth number; Default: min_delete_depth 0; Context: http, server, location Allows the DELETE method to remove files provided that the number of elements in a request path is not less than the specified number. For example, the directive min_delete_depth 4; allows removing files on requests /users/00/00/name /users/00/00/name/pic.jpg /users/00/00/page.html and denies the removal of /users/00/00

Syntax: fastcgi_cache_lock on | off; Default: fastcgi_cache_lock off; Context: http, server, location This directive appeared in version 1.1.12. When enabled, only one request at a time will be allowed to populate a new cache element identified according to the fastcgi_cache_key directive by passing a request to a FastCGI server. Other requests of the same cache element will either wait for a response to appear in the cache or the cache lock for this element to be released, up to

Syntax: xslt_stylesheet stylesheet [parameter=value ...]; Default: — Context: location Defines the XSLT stylesheet and its optional parameters. A stylesheet is compiled at the configuration stage. Parameters can either be specified separately, or grouped in a single line using the “:” delimiter. If a parameter includes the “:” character, it should be escaped as “%3A”. Also, libxslt requires to enclose parameters that contain non-alphanumeric characters into single or dou