H2O HTTP/2 web server and Bludit
Posted: Wed Oct 18, 2017 3:43 pm
I'm moved on H2O web server few time ago. This software takes full advantage of HTTP/2 features, do it much better than Nginx and works fast as hell.
There is typical settings for Bludit CMS installation (works via php-fpm).
Some additional info about H2O configure you may find in my blog by H2O tag (in russian). Hope it will be usefull for Bludit community.
There is typical settings for Bludit CMS installation (works via php-fpm).
Code: Select all
# see https://h2o.examp1e.net/ for detailed documentation
# see h2o --help for command-line options and settings
user: www
pid-file: /var/run/h2o.pid
access-log:
path: /var/log/h2o/h2o-access.log
format: "%h %v %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\""
error-log: /var/log/h2o/h2o-error.log
expires: off
compress: on
file.dirlisting: off
file.send-compressed: on
file.index: [ 'index.html', 'index.php' ]
file.mime.addtypes:
"application/x-font-ttf": ".ttf"
"application/x-font-opentype": ".otf"
file.custom-handler:
extension: .php
fastcgi.connect:
host: 127.0.0.1
port: 9000
type: tcp
listen:
port: 80
listen:
port: 443
ssl:
cipher-suite: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
cipher-preference: server
dh-file: /path/to/dhparams.pem
certificate-file: /path/to/my.domain/fullchain.cur.pem
key-file: /path/to/my.domain/privkey.cur.pem
hosts:
"my.domain":
paths:
"/":
mruby.handler: |
acl {
deny { path.match("^bl-content/(.*)\.txt$") }
}
file.dir: /path/to/my.domain/bludit
redirect:
url: /index.php
internal: yes
status: 307