Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Ideal Configurations
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Ideal Configurations

BlueVMBlueVM Member
edited April 2013 in General

Alright so I'm looking for some configuration files for:

  • Nginx
  • PHP
  • MySQL

Preferably these configurations would be your "perfect config" for maintaining multiple websites while still being RAM efficient. I'd like to compare them with my current configs and see if there's anything that can be tweaked.

Pastebin/Pastie when appropriate and if you can tell me the RAM usage for that config (or series of configs) that'd be great.

Why do I want these configs? I'm developing a single user, multiple domain control panel (Neon) and while it currently has it's own configs, I'd like to see some other people's examples so I can improve mine...

Comments

  • MunMun Member

    All depends on the load you are doing.

  • RalliasRallias Member

    Nginx + MyBB on PHP-FPM: http://pastebin.com/PFFuKP8U

    The MyBB config has rules to block a DDoS that I've seen multiple times with POST against /index.php causing a bitch of a load to MySQL. It also allows for seamless integration of MyBB's native "pretty-url's" and the Google SEO URL's plugin.

  • erhwegesrgsrerhwegesrgsr Member

    I use Debian 6.0 Minimal 32-bit template with untouched MySQL, dotdeb nginx and php running ~5 websites at only 85MB used.

  • krokro Member

    Reading the docs is going to give you the best insight n understanding.

  • marcmmarcm Member

    @BlueVM - For Nginx you should read this: http://www.phoenixvps.com/guides/2013/04/nginx-configuration-examples

  • pubcrawlerpubcrawler Banned

    The MyBB config has rules to block a DDoS that I've seen multiple times with POST against /index.php

    I actually use this strategy heavily and have for eons on a number of projects. Haven't read config in total detail, but caching that index.php page for set time should eliminate other GET style attacks from piling/hitting MySQL.

    Caching is everyones friend. Well at least for index/home pages, normally.

  • WintereiseWintereise Member

    That's developer incompetency though. If your stuff is vulnerable over a certain request method,

    a) The obvious step should be to fix said vulnerability.
    b) If that's impossible, filtering with something like $_SERVER['REQUEST_METHOD'] should be implemented, in the very least.

  • AdducAdduc Member

    Some directives I find particularly useful for nginx:

    if ($request_method !~ ^(GET|HEAD|POST|OPTIONS)$ ) {
        return 444;
}

if ($http_user_agent = "-") {
        return 444;
}

if ($http_user_agent ~ ApacheBench|JoeDog) {
        return 444;
}

location ~ (\.sql|\.bak|\.inc|\.tem\.php|\.old|\.ini)$  {
    return 403;
}

# Prevent access to sensitive data.
location ~ /\.ht {
    return 403;
}
  • RalliasRallias Member
    edited April 2013

    @Adduc said: Some directives I find particularly useful for nginx:

    `if ($request_method !~ ^(GET|HEAD|POST|OPTIONS)$ ) {

    return 444;
    }`

    http://wiki.nginx.org/IfIsEvil

    limit_except GET HEAD POST OPTIONS { return 444; }

  • AdducAdduc Member

    From http://wiki.nginx.org/IfIsEvil, it used request_method for an example of what's acceptable:

    There are cases where you simply cannot avoid using an if, for example if you need to test a variable which has no equivalent directive.

    if ($request_method = POST ) {
 return 405;
}

    I will look into limit_except, though. Thanks for pointing it out.

  • RalliasRallias Member

    @Adduc said: From http://wiki.nginx.org/IfIsEvil, it used request_method for an example of what's acceptable:

    Still best to avoid if at all possible.

Sign In or Register to comment.