The php.ini used by fpm (/etc/php5/fpm/php.ini) is very important. If it is not changed, there will be security holes.
cgi.fix_pathinfo=0
Remove anti-syn flood attack (under high concurrency, apache requests will be actively blocked, resulting in apr_socket_recv: Connection reset by peer (104) under ab test)
Reference: http://xmarker.blog.163.com/blog/static/226484057201462263815783/
##vi /etc/sysctl.confnet.ipv4.tcp_syncookies=0Look at the ulimit numberulimit -SnAdd ulimit to 30000 How to modify Baidu, different Linux distributions seem to be differentnginx Modifying the sock mode of
worker_processes 12; worker_rlimit_nofile 100000; events { use epoll; worker_connections 65535; }
process.max = 65536 (This seems useless)PM the next 4, change it to a larger size, and calculate it according to a process occupying 30M memory. pm.max_requests = 50000 (This seems to be useless)Select under nginx web server configuration
fastcgi_pass 127.0.0.1:9000;