Stronger nginx configuration

nginx.conf

@@ -1,9 +1,15 @@
+server_tokens off;
+client_header_buffer_size 512;
+client_max_body_size 512;
+
 server {
     listen 443 ssl;
     listen [::]:443 ipv6only=on ssl;
 
     root /var/www/fic2014-server/htdocs/;
 
+    server_tokens off;
+
     access_log /var/log/nginx/fic.access_log;
     error_log /var/log/nginx/fic.error_log;
 
@@ -17,7 +23,14 @@ server {
     ssl_crl			/var/www/fic2014-server/misc/pki/crl.pem;	
 
     add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
-    
+
+    error_page 400 /errors/400/index.html;
+    error_page 403 /errors/403/index.html;
+    error_page 404 /errors/404/index.html;
+    error_page 413 414 /errors/413/index.html;
+    error_page 500 503 /errors/500/index.html;
+    error_page 502 504 /errors/502/index.html;
+
     location /
     {
 	default_type text/html;
@@ -44,6 +57,11 @@ server {
 	}
     }
 
+    location /errors
+    {
+	root /var/www/fic2014-server/;
+    }
+
     location /connected
     {
         return 403;
@@ -52,6 +70,10 @@ server {
     location /files
     {
         root /var/www/fic2014-server/;
+
+    	aio on;
+    	directio 512;
+    	output_buffers 1 128k;
     }
 
     location ~* \favicon.ico$ {
@@ -75,6 +97,9 @@ server {
     location /submission.php
     {
 	root	      /var/www/fic2014-server/;
+
+    	limit_rate       1k;
+
         include       /etc/nginx/fastcgi.conf;
         fastcgi_pass  unix:/var/run/php-fpm.sock;
 	break;