Syntax: uwsgi_cache_lock on | off; Default: uwsgi_cache_lock off; Context: http, server, location This directive appeared in version 1.1.12. When enabled, only one request at a time will be allowed to populate a new cache element identified according to the uwsgi_cache_key directive by passing a request to a uwsgi server. Other requests of the same cache element will either wait for a response to appear in the cache or the cache lock for this element to be released, up to the time

Syntax: ssl_ciphers ciphers; Default: ssl_ciphers HIGH:!aNULL:!MD5; Context: stream, server Specifies the enabled ciphers. The ciphers are specified in the format understood by the OpenSSL library, for example: ssl_ciphers ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; The full list can be viewed using the “openssl ciphers” command.

Syntax: gunzip on | off; Default: gunzip off; Context: http, server, location Enables or disables decompression of gzipped responses for clients that lack gzip support. If enabled, the following directives are also taken into account when determining if clients support gzip: gzip_http_version, gzip_proxied, and gzip_disable. See also the gzip_vary directive.

Syntax: ssl_trusted_certificate file; Default: — Context: http, server This directive appeared in version 1.3.7. Specifies a file with trusted CA certificates in the PEM format used to verify client certificates and OCSP responses if ssl_stapling is enabled. In contrast to the certificate set by ssl_client_certificate, the list of these certificates will not be sent to clients.

Syntax: proxy_ssl_certificate_key file; Default: — Context: stream, server Specifies a file with the secret key in the PEM format used for authentication to a proxied server.

Syntax: ssl_password_file file; Default: — Context: mail, server This directive appeared in version 1.7.3. Specifies a file with passphrases for secret keys where each passphrase is specified on a separate line. Passphrases are tried in turn when loading the key. Example: mail { ssl_password_file /etc/keys/global.pass; ... server { server_name mail1.example.com; ssl_certificate_key /etc/keys/first.key; } server { server_name mail2.

Syntax: server { ... } Default: — Context: http Sets configuration for a virtual server. There is no clear separation between IP-based (based on the IP address) and name-based (based on the “Host” request header field) virtual servers. Instead, the listen directives describe all addresses and ports that should accept connections for the server, and the server_name directive lists all server names. Example configurations are provided in the “How nginx processes a request” document.

Syntax: proxy_cache_methods GET | HEAD | POST ...; Default: proxy_cache_methods GET HEAD; Context: http, server, location This directive appeared in version 0.7.59. If the client request method is listed in this directive then the response will be cached. “GET” and “HEAD” methods are always added to the list, though it is recommended to specify them explicitly. See also the proxy_no_cache directive.

Syntax: state file; Default: — Context: upstream This directive appeared in version 1.9.7. Specifies a file that keeps the state of the dynamically configurable group. Examples: state /var/lib/nginx/state/servers.conf; # path for Linux state /var/db/nginx/state/servers.conf; # path for FreeBSD The state is currently limited to the list of servers with their parameters. The file is read when parsing the configuration and is updated each time the upstream configuration is cha

Syntax: image_filter_webp_quality quality; Default: image_filter_webp_quality 80; Context: http, server, location This directive appeared in version 1.11.6. Sets the desired quality of the transformed WebP images. Acceptable values are in the range from 1 to 100. Lesser values usually imply both lower image quality and less data to transfer. Parameter value can contain variables.