15 - 防 DOS

 

 


# Sets buffer size for reading client request body.
# In case the request body is larger than the buffer,
# the whole body or only its part is written to a temporary file.
client_body_buffer_size 10K;
# Sets the maximum allowed size of the client request body,
# specified in the “Content-Length” request header field.
# exceed => 413 (Request Entity Too Large)
# Default: 1m
client_max_body_size 8m;

# Sets buffer size for reading client request header.
# Default: 1k
client_header_buffer_size 1k;
# Sets the maximum number and size of buffers used for reading large client request header.
# A request line exceed the size of one buffer => 414 (Request-URI Too Large) error
# A request header field exceed the size of one buffer => 400 (Bad Request) error
large_client_header_buffers 2 1k;

# timeout for reading client request body/header
# send the client a 408("request timed out") if the body/header is not loaded by this time.
# Default 60.

client_body_timeout   32;
client_header_timeout 32;

    
# assigns the timeout for keep-alive connections with the client.
# Nginx will close connections with the client after this period of time.
# default 65

keepalive_timeout 90;

# The send_timeout is a timeout for transmitting a response to the client.
# If the client does not receive anything within this time,
# then the connection will be closed.
# default 60

send_timeout 120;     

# Allow the server to close the connection after a client stops responding
# TCP RST is sent to the client
# Frees up socket-associated memory
# Default: off

reset_timedout_connection on;

 

Creative Commons license icon Creative Commons license icon