log_format  main  '$remote_addr - $remote_user [$time_local] "$request"'
                  '$status $body_bytes_sent "$host" "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for"';

access_log  /var/log/nginx/access.log  main;

server_tokens off;
sendfile        on;
#tcp_nopush     on;
keepalive_timeout  65;

#gzip  on;
gzip_types text/plain text/css application/javascript application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

include       /etc/nginx/mime.types;
default_type  application/octet-stream;

# Mitigate httpoxy attack
proxy_set_header Proxy "";

# If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
# scheme used to connect to this server
#map $http_x_forwarded_proto $proxy_x_forwarded_proto {
#  default $http_x_forwarded_proto;
#  ''      $scheme;
#}

# If we receive X-Forwarded-Port, pass it through; otherwise, pass along the
# server port the client connected to
#map $http_x_forwarded_port $proxy_x_forwarded_port {
#  default $http_x_forwarded_port;
#  ''      $server_port;
#}

# Set appropriate X-Forwarded-Ssl header
#map $scheme $proxy_x_forwarded_ssl {
#  default off;
#  https on;
#}

# If we receive Upgrade, set Connection to "upgrade"; otherwise, delete any
# Connection header that may have been passed to this server
map $http_upgrade $proxy_connection {
  default upgrade;
  '' close;
}

map $remote_addr $remote_addr_16 {
  default 0.0.0.0;
  ~^(?P<ip_16>\d+\.\d+)\.\d+\.\d+$ $ip_16;
}

map $remote_addr $remote_addr_24 {
  default 0.0.0.0;
  ~^(?P<ip_24>\d+\.\d+\.\d+)\.\d+$ $ip_24;
}