nginx.conf

user www-data;
worker_processes 1;
pid /run/nginx.pid;

events {
	# optimized to serve multiple clients in each thread, essential for linux
        use epoll;
        
	# determines how many clients will be served per worker
	# max clients = worker_connections * worker_processes
    	# max clients is also limited by the number of socket connections available on the system (~64k)
    	worker_connections 4000;
	 
	# accept as many connections as possible, may flood worker connections if set too low
	multi_accept on;
}

http {
	
	# cache informations about FDs, frequently accessed files
	# can boost performance, but you need to test those values
        open_file_cache max=200000 inactive=20s; 
        open_file_cache_valid 30s; 
        open_file_cache_min_uses 2;
        open_file_cache_errors on;

	
	##
	# Basic Settings
	##
	
	# copies data between one FD and other from within the kernel
	# faster then read() + write()
	sendfile on;
	
	# send headers in one piece, its better than sending them one by one 
	tcp_nopush on;
	
	# don't buffer data sent, good for small data bursts in real time
	tcp_nodelay on;
	
	# server will close connection after this time
	keepalive_timeout 30;
	
	# number of requests client can make over keep-alive -- for testing
	keepalive_requests 100000;
	
	# allow the server to close connection on non responding client, this will free up memory
	reset_timedout_connection on;
	
	# request timed out -- default 60
	client_body_timeout 10;
	
	# if client stop responding, free up memory -- default 60
	send_timeout 2;
	
	types_hash_max_size 2048;
	server_tokens off;
	client_max_body_size 50M;


	 server_names_hash_bucket_size 128;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# Logging Settings
	##
	
	# to boost IO on HDD we can disable access logs
        access_log off;
	
	# only log critical errors
        error_log /var/log/nginx/error.log crit

	##
	# Gzip Settings
	##
	# reduce the data that needs to be sent over network
	gzip on;
	gzip_disable "msie6";

	gzip_vary on;
       #gzip_proxied any;
	gzip_comp_level 6;
	gzip_buffers 16 8k;
	gzip_http_version 1.1;
	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
	
	#Simple DDOS protection
	# limit the number of connections per single IP
	limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;

	# limit the number of requests for a given session
	limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;

	# zone which we want to limit by upper values, we want limit whole server
	#server {
    	#	limit_conn conn_limit_per_ip 10;
    	#	limit_req zone=req_limit_per_ip burst=10 nodelay;
	#}

	# if the request body size is more than the buffer size, then the entire (or partial) request body is written into a temporary file
	client_body_buffer_size  128k;

	# headerbuffer size for the request header from client, its set for testing purpose
	client_header_buffer_size 3m;

	# maximum number and size of buffers for large headers to read from client request
	large_client_header_buffers 4 256k;

	# read timeout for the request body from client, its set for testing purpose
	client_body_timeout   3m;

	# how long to wait for the client to send a request header, its set for testing purpose
	client_header_timeout 3m;

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}


#mail {
#	# See sample authentication script at:
#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#	# auth_http localhost/auth.php;
#	# pop3_capabilities "TOP" "USER";
#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#	server {
#		listen     localhost:110;
#		protocol   pop3;
#		proxy      on;
#	}
# 
#	server {
#		listen     localhost:143;
#		protocol   imap;
#		proxy      on;
#	}
#}