pid /var/run/nginx.pid;    
user nginx nginx;    
worker_processes 10;    
events {    
worker_connections 1024;    
}    
http {    
## MIME types    
#include /etc/nginx_mime.types;    
default_type application/octet-stream;    
## Size Limits    
client_body_buffer_size 128K;    
client_header_buffer_size 128K;    
client_max_body_size 1M;    
large_client_header_buffers 1 1k;    
## Timeouts    
client_body_timeout 60;    
client_header_timeout 60;    
expires 24h;    
keepalive_timeout 60 60;    
send_timeout 60;    
## General Options    
ignore_invalid_headers on;    
keepalive_requests 100;    
limit_zone gulag $binary_remote_addr 5m;    
recursive_error_pages on;    
sendfile on;    
server_name_in_redirect off;    
server_tokens off;    
## TCP options    
tcp_nodelay on;    
tcp_nopush on;    
## Compression    
gzip on;    
gzip_buffers 16 8k;    
gzip_comp_level 6;    
gzip_http_version 1.0;    
gzip_min_length 0;    
gzip_types text/plain text/css p_w_picpath/x-icon application/x-perl    
application/x-httpd-cgi;    
gzip_vary on;    
## Log Format    
log_format main '$remote_addr $host $remote_user [$time_local]    
"$request" '    
'$status $body_bytes_sent "$http_referer" "$http_user_agent" '    
'"$gzip_ratio"';    
## Proxy options    
proxy_buffering on;    
proxy_cache_min_uses 3;    
proxy_cache_path /usr/local/nginx/proxy_temp/ levels=1:2    
keys_zone=cache:10m inactive=10m max_size=1000M;    
proxy_cache_valid any 10m;    
proxy_ignore_client_abort off;    
proxy_intercept_errors on;    
proxy_next_upstream error timeout invalid_header;    
proxy_redirect off;    
proxy_set_header X-Forwarded-For $remote_addr;    
proxy_connect_timeout 60;    
proxy_send_timeout 60;    
proxy_read_timeout 60;    
## Backend servers (web1 is the primary and web2 will    
come up if web1 is down)    
upstream webbackend {    
server web1.domain.lan weight=10 max_fails=3 fail_timeout=30s;    
server web2.domain.lan weight=1 backup;    
}    
server {    
access_log /var/log/nginx/access.log main;    
error_log /var/log/nginx/error.log;    
index index.html;    
limit_conn gulag 50;    
listen 127.0.0.1:80 default;    
root /usr/local/nginx/html;    
server_name _;    
## Only requests to our Host are allowed    
if ($host !~ ^(mydomain.com|www.mydomain.com)$ ) {    
return 444;    
}    
## Only allow these request methods    
if ($request_method !~ ^(GET|HEAD|POST)$ ) {    
return 444;    
}    
## Only allow these file types to document root    
location / {    
if ($request_uri ~* (^\/|\.html|\.jpg|\.pl|\.png|\.css|\.
ico|robots\.txt)$ ) {    
break;    
}    
return 444;    
}    
## PROXY - Forum        
location /forum/ {    
proxy_pass http://forum.domain.lan/forum/;    
}    
## PROXY - Data    
location /files/ {    
proxy_pass http://data.domain.lan/;    
}    
## PROXY - Web    
location / {    
proxy_pass http://webbackend;    
proxy_cache cache;    
proxy_cache_valid 200 24h;    
proxy_cache_use_stale error timeout invalid_header updating    
http_500 http_502 http_503 http_504;    
proxy_ignore_headers Expires Cache-Control;    
}    
## All other errors get the generic error page    
error_page 400 401 402 403 404 405 406 407 408 409 410 411    
412 413 414 415 416 417    
500 501 502 503 504 505 506 507 /error_page.html;    
location /error_page.html {    
internal;    
}    
}    
}