X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/10079fbba9eb376a1f0aeaf24ff4484bde0a726d..832e7a6729ac5028eda43fe93c9dfe4409f60426:/config/nginx.conf diff --git a/config/nginx.conf b/config/nginx.conf index a78e1dc70..5071a260b 100644 --- a/config/nginx.conf +++ b/config/nginx.conf @@ -136,8 +136,19 @@ http { } # Placeholder for blocking abuse + include /etc/nginx/blocked_hosts; allow all; - + + # Block some bulk download agents + if ($http_user_agent ~* LWP::Simple|downloadosm|BBBike) { + return 403; + } + + # Block some robots + if ($http_user_agent ~* msnbot|twiceler) { + return 403; + } + # Map api.openstreetmap/0.n/... to api.openstreetmap/api/0.n/... if ($host ~* ^api\.) { rewrite ^/(0\.[0-9]+)/(.*)$ /api/$1/$2; @@ -146,7 +157,22 @@ http { # Strip asset tags location ~ ^/(images|javascripts|openlayers|stylesheets|user/image)/ { + # Strip asset tags rewrite ^/(.*)/[0-9]+$ /$1; + + # Set expiry to the maximum - the asset tag will change + # when there is a new version + expires max; + + # Only cache OpenLayers for seven days though + if ($uri ~ ^/openlayers/) { + expires 7d; + } + } + + # Cache the embedded map page for seven days + location ~ ^/export/embed.html$ { + expires 7d; } # Include fastcgi configuration @@ -194,17 +220,6 @@ http { return 404; } - # Handle Special Case Expiry - location ~ ^/openlayers/ { - expires 7d; - } - location ~ ^/export/embed.html$ { - expires 7d; - } - location ~ ^/(images|javascripts|stylesheets)/ { - expires max; - } - # Send everything else to the web backend unless it exists # in the rails public tree location / { @@ -228,5 +243,13 @@ http { text/x-cross-domain-policy xml; } } + + # Give munin access to some statistics + location /server-status { + stub_status on; + access_log off; + allow 127.0.0.1; + deny all; + } } }