user www-data;
worker_processes auto;
worker_rlimit_nofile 260000;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
        worker_connections  2048;
        accept_mutex off;
        accept_mutex_delay 200ms;
        use epoll;
        #multi_accept on;
}

http {
        include       /etc/nginx/mime.types;
        default_type  application/octet-stream;

        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

        #Disable IFRAME
        add_header X-Frame-Options SAMEORIGIN;

        #Prevent Cross-site scripting (XSS) attacks
        add_header X-XSS-Protection "1; mode=block";

        #Prevent MIME-sniffing
        add_header X-Content-Type-Options nosniff;

        access_log  off;
        sendfile on;
        tcp_nopush on;
        tcp_nodelay off;
        types_hash_max_size 2048;
        server_tokens off;
        server_names_hash_bucket_size 128;
        client_max_body_size 0;
        client_body_buffer_size 256k;
        client_body_in_file_only off;
        client_body_timeout 60s;
        client_header_buffer_size 256k;
        client_header_timeout  20s;
        large_client_header_buffers 8 256k;
        keepalive_timeout 10;
        keepalive_disable msie6;
        reset_timedout_connection on;
        send_timeout 60s;

        gzip on;
        gzip_static on;
        gzip_disable "msie6";
        gzip_vary on;
        gzip_proxied any;
        gzip_comp_level 6;
        gzip_buffers 16 8k;
        gzip_http_version 1.1;
        gzip_types text/plain text/css application/json text/javascript application/javascript text/xml application/xml application/xml+rss;

        include /etc/nginx/conf.d/*.conf;
}