In my first transition to nginx I wrote that I was happy about the speed increase I got for my Horde webmail setup. Afterwards I converted a Gallery v2 installation (yes, old, not under active development anymore, but internal and still working). There I have not seen any obvious speed difference.
I did not convert all .htaccess rewrite rules, the one for the “easy and beautiful” URL names was too complex for the converter for rewrite I found. As it is just for internal use, I just switched back to the not so nice “technical” URL names.
The important part of the apache 2.2 installation:
ExpiresActive On
ExpiresDefault "now plus 1 hour"
ExpiresByType image/* "now plus 1 month"
ExpiresByType text/javascript "now plus 1 month"
ExpiresByType application/x-javascript "now plus 1 month"
ExpiresByType text/css "now plus 1 month"
<Location />
# Insert filter
SetOutputFilter DEFLATE
# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Don't compress images
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|png|gz|bz2|zip|pdf)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary
</Location>
The nginx config:
worker_processes 1;
error_log <filename>;
events {
worker_connections 1024;
use kqueue;
}
http {
include mime.types;
default_type application/octet-stream;
access_log <filename>;
sendfile on;
keepalive_timeout 15;
client_body_timeout 300;
client_header_timeout 12;
send_timeout 300;
client_body_in_file_only clean;
client_body_buffer_size 128k;
client_max_body_size 40M;
gzip on;
gzip_min_length 1000;
gzip_types text/plain text/xml text/css application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript;
gzip_disable "msie6";
include blacklist.conf;
server {
listen 80;
server_name <hostname>;
add_header x-frame-options "sameorigin";
add_header x-xss-protection "1; mode=block";
add_header x-content-type-options "nosniff";
charset utf-8;
#access_log logs/host.access.log main;
if ($bad_client) { return 403; }
location / {
root /usr/local/www/gallery2;
index index.php;
location ~ \.php {
# Zero-day exploit defense.
# http://forum.nginx.org/read.php?2,88845,page=3
# Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
# Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine. And then cross your fingers that you won't get hacked.
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_keep_conn on;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/var/run/php.fcgi;
}
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/www/nginx-dist;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
location ~ \.(inc|class)$ {
deny all;
}
location ^~ /lib/tools/po/ {
deny all;
}
}
}