This directive appeared in version 1.19.4.

If enabled, SSL handshakes in the server block will be rejected.

For example, in the following configuration, SSL handshakes with server names other than example.com are rejected:

server {
    listen               443 ssl default_server;
    ssl_reject_handshake on;
}

server {
    listen              443 ssl;
    server_name         example.com;
    ssl_certificate     example.com.crt;
    ssl_certificate_key example.com.key;
}

对于正常小图的访问不限制，把正常图的大小限定为 100K 以内，超出时就进行限速，速度限定为最大 100k/s

location ~ .*\.(gif|jpg|jpeg|png|bmp)$
 {     
   expires 30d;
   limit_rate_after 100k;
   limit_rate 100k;
}

- 阅读剩余部分 -

LNMP无法删除或更改权限，显示：rm: cannot remove `.user.ini': Operation not permitted
无法删除“.user.ini”文件解决方法,运行后删除即可

chattr -i /home/wwwroot/yoursite/.user.ini
如果是需要修改文件，记得修改完以后运行：

chattr +i /home/wwwroot/yoursite/.user.ini

openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048

server
{
listen 80 default_server;
server_name _;
return 444;
}