Commit Graph

90 Commits

Author SHA1 Message Date
Sam e9e97f5bcf simplify emoji cache rule 2017-07-20 18:22:59 -04:00
Sam 89f34eb62b attempt to cache all emojis 2017-07-20 17:47:16 -04:00
Matt Palmer c3ca281ea7 Merge pull request #4943 from mpalmer/log-http-host
Include HTTP Host header in nginx logs
2017-06-30 15:16:53 +10:00
Rafael dos Santos Silva 97b6d8664b FIX: Move Referrer Policy header to right location 2017-06-28 14:39:54 -03:00
Rafael dos Santos Silva 095a131163 FEATURE: Add default Referrer Policy header 2017-06-28 02:25:41 -03:00
Matt Palmer 90d654c46c Include HTTP Host header in nginx logs
This is crucial in multisite installations, because otherwise the nginx logs
are fairly useless, however it can also be quite handy to know what
hostnames are being sent to your site.  The variable is quoted, because it
is untrusted input (it is taken directly from the HTTP request), but nginx
helpfully escapes the quoting character automagically, so we don't have to
worry about that.

For now, the log analysis plugin *recognises* the new log format
(and continues to recognise the previous format, for backwards
compatibility), but doesn't do anything with the new log entry field.  This
means your multisite performance plugin data is still broken, but it's no
worse than it was before.
2017-06-28 14:41:02 +10:00
Régis Hanol 94a0d43f31 add 'ico' and 'webp' to image extensions list in order to bypass rails 2017-06-22 12:55:27 +02:00
Jeff Atwood 2fd1c49b88 we don't need this IE 10 tag any more, see
http://stackoverflow.com/questions/26346917/why-use-x-ua-compatible-ie-edge-anymore
2017-03-31 00:12:07 -07:00
Sam 2640b4e173 FEATURE: add hook and asset path variable 2017-03-20 12:12:22 -04:00
Sam Saffron ef08462b33 spaces matter 2017-02-23 17:37:53 -05:00
Sam eee22bf037 FEATURE: Add immutable cache for assets that do not update
This will eliminate revalidation of avatars, css, js and uploads on reloads on supporting browsers (at the moment firefox)
2017-02-23 12:24:47 -05:00
Régis Hanol 5e2545a578 FEATURE: improve support for (whitelisted) SVGs as images 2016-06-20 10:22:13 +02:00
Sam ba8aec2bc3 added comment for brotli support 2016-06-07 16:58:36 +10:00
Jeff Atwood 161170aabe Merge pull request #3928 from jamielinux/nginx204
Return 204 instead of 404 for favicon.ico requests
2016-01-30 01:48:22 -08:00
Guo Xiang Tan 9f05361f14 Allow sites to set HTTP basic authentication through nginx. 2016-01-08 12:49:17 +08:00
Sam 268e0f3b2b remove http 1.1 in case it has side effects 2016-01-05 07:54:12 +11:00
Sam b8471177dc clean up config file 2016-01-04 16:13:44 +11:00
Sam Saffron 0e2ded278d Don't buffer message bus, this allows us to stream 2016-01-04 09:56:30 +11:00
Sam Saffron ab5cd3ad3b allow http 1.1 via proxy 2016-01-04 09:52:11 +11:00
Jamie Nguyen eed86e9afc Do not log favicon.ico requests 2015-12-21 12:14:36 +00:00
Jamie Nguyen e8919df110 Return 204 instead of 404 for favicon.ico requests 2015-12-21 12:13:56 +00:00
Sam c7243bd6a2 Revert "cache cdn assets and strip cookies"
This reverts commit 18abf4f0d6.
2015-11-22 00:59:26 +11:00
Sam 18abf4f0d6 cache cdn assets and strip cookies 2015-11-22 00:33:20 +11:00
Sam 88f1a8f0b1 Merge pull request #3821 from mpalmer/letter-avatar-proxy
Proxy letter avatars by default
2015-11-19 20:02:16 +11:00
Sam Saffron 81bdd2328d FIX: stop sending a blank /favicon.ico
instead have nginx ship a 404 for it.
2015-11-17 19:34:05 +11:00
Matt Palmer 952d07599a More tweaks for the letter avatar proxy config 2015-11-06 14:14:20 +11:00
Matt Palmer c09f345cff Proxy letter avatars by default
On sites that don't otherwise configure an avatar fallback, Discourse will
now tell the client to get its letter avatars from a location which nginx
proxies to the centralised `avatars.discourse.org` service.  This alleviates
privacy concerns, whilst still providing some degree of performance benefit
(no need for every site to delay avatar response by 300ms for image
rendering).

It is still possible to gain the benefits of global image caching and the
lower latency of requesting directly from a CDN, by explicitly changing the
`external_system_avatars_url` site setting to
`https://avatars.discourse.org/letter/{first_letter}/{color}/{size}.png`.
2015-11-06 14:13:44 +11:00
Robin Ward 2866440968 Don't cache urls with `emoji` in them unless they are images 2015-09-08 13:12:32 -04:00
Sam 2c59ad3dd3 FIX: favicon update broken when favicon lived on a CDN 2015-08-25 11:54:23 +10:00
Sam abf269c5df only do magic headers for local assets, don't muck with logster's stuff 2015-08-12 18:48:34 +10:00
Robin Ward 822d77713c Put back `/srv/status` non-logging but include proxy details 2015-07-03 11:44:48 -04:00
Robin Ward 5f59424937 Don't disable logging for /srv/status 2015-07-03 11:02:07 -04:00
Robin Ward cf3aa867ab Don't log `/srv/status` 2015-06-30 12:12:55 -04:00
Sam db274c7969 missing $ 2015-06-16 19:30:29 +10:00
Sam f26eee8431 FEATURE: add username to NGINX logs 2015-06-16 17:43:53 +10:00
Sam dc563b4484 improve log format 2015-06-16 17:43:53 +10:00
Sam 4007484c54 also log user agent in NGINX 2015-06-16 16:43:43 +10:00
Sam a6ac368476 FEATURE: add a custom log format for better analysis 2015-06-16 11:37:08 +10:00
Sam e59d5fd0eb must also hide header so its not cached 2015-05-22 15:57:32 +10:00
Sam de3e48c16e PERF: NGINX caching invalid when server sets cookies 2015-05-22 14:23:47 +10:00
Régis Hanol 9ded21e4c6 FIX: consistent and future-proof upload storage pattern 2015-05-19 12:31:12 +02:00
Sam f58d85edea FEATURE: move stylesheet cache out of the uploads directory 2015-05-05 15:50:13 +10:00
Régis Hanol f036b23be5 FIX: add CORS header for .woff2 2015-03-27 13:30:18 +01:00
Sam a82530012a FEATURE: Allow selection of highlight js languages
PERF: stop loading highlight js on load

To get latest highlight js run bin/rake highlightjs:update
2015-03-13 16:18:59 +11:00
Sam 363fc03ab3 FEATURE: raise min body size to 10m 2015-02-23 10:50:09 +11:00
Jeff Atwood 1591068226 add commented out SSL section to nginx config 2015-01-17 01:26:21 -08:00
Régis Hanol 8d03ff6f82 FIX: cache emojis for 1 year 2014-12-28 11:10:03 +01:00
Sam 5551676fef FIX: cache all public resources registered by plugins.
Plugins are responsible for expiry
2014-12-09 14:49:02 +11:00
Régis Hanol acc62f2ec2 SECURITY: prevent direct download of backups 2014-12-03 12:47:28 +01:00
Sam e222d3d2c8 FIX: add vary encoding to gzip responses
this ensures CDNs work correctly see: http://blog.maxcdn.com/accept-encoding-its-vary-important/
2014-10-23 11:05:56 +11:00