From b343920071cdef03ae421c67ea5b72ca1863cdcf Mon Sep 17 00:00:00 2001
From: Oleg Pudeyev <oleg@bsdpower.com>
Date: Thu, 24 Feb 2011 15:26:06 -0500
Subject: [PATCH 1/2] [ticket/10069] Improvements to sample nginx
 configuration.

Most of these were contributed by burningbunny:

https://github.com/burningbunny

PHPBB3-10069
---
 phpBB/docs/nginx.sample.conf | 33 +++++++++++++++++++++++++--------
 1 file changed, 25 insertions(+), 8 deletions(-)

diff --git a/phpBB/docs/nginx.sample.conf b/phpBB/docs/nginx.sample.conf
index 2a11e057c5..40b6ee76da 100644
--- a/phpBB/docs/nginx.sample.conf
+++ b/phpBB/docs/nginx.sample.conf
@@ -10,14 +10,23 @@ http {
     gzip_vary on;
     gzip_http_version 1.1;
     gzip_min_length 700;
+    
+    # Compression levels over 6 do not give an appreciable improvement
+    # in compression ratio, but take more resources.
     gzip_comp_level 6;
-    gzip_disable "MSIE [1-6]\.";
+    
+    # IE 6 and lower do not support gzip with Vary correctly.
+    gzip_disable "msie6";
+    # Before nginx 0.7.63:
+    #gzip_disable "MSIE [1-6]\.";
 
     # Catch-all server for requests to invalid hosts.
     # Also catches vulnerability scanners probing IP addresses.
-    # Should be first.
     server {
-        listen 80;
+        # default specifies that this block is to be used when
+        # no other block matches.
+        listen 80 default;
+
         server_name bogus;
         return 444;
         root /var/empty;
@@ -26,14 +35,20 @@ http {
     # If you have domains with and without www prefix,
     # redirect one to the other.
     server {
-        listen 80;
+        # Default port is 80.
+        #listen 80;
+
         server_name myforums.com;
-        rewrite ^(.*)$ http://www.myforums.com$1 permanent;
+
+        # A trick from http://wiki.nginx.org/Pitfalls#Taxing_Rewrites:
+        rewrite ^ http://www.myforums.com$request_uri permanent;
+        # Equivalent to:
+        #rewrite ^(.*)$ http://www.myforums.com$1 permanent;
     }
 
     # The actual board domain.
     server {
-        listen 80;
+        #listen 80;
         server_name www.myforums.com;
 
         root /path/to/phpbb;
@@ -45,8 +60,10 @@ http {
 
         # Deny access to internal phpbb files.
         location ~ /(config\.php|common\.php|includes|cache|files|store|images/avatars/upload) {
-            internal;
             deny all;
+            # deny was ignored before 0.8.40 for connections over IPv6.
+            # Use internal directive to prohibit access on older versions.
+            internal;
         }
 
         # Pass the php scripts to fastcgi server specified in upstream declaration.
@@ -60,8 +77,8 @@ http {
 
         # Deny access to version control system directories.
         location ~ /\.svn|/\.git {
-            internal;
             deny all;
+            internal;
         }
     }
 

From a229dd98965457fe24eaf1b7b10d9d0c3997ce9a Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Mon, 7 Mar 2011 16:43:39 +0100
Subject: [PATCH 2/2] [ticket/10079] Add gallery avatars to .gitignore.

PHPBB3-10079
---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index c417bf01c1..22a3124b69 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,6 +3,7 @@ phpunit.xml
 phpBB/cache/*.php
 phpBB/config.php
 phpBB/files/*
+phpBB/images/avatars/gallery/*
 phpBB/images/avatars/upload/*
 phpBB/store/*
 tests/phpbb_unit_tests.sqlite2