#
# Nginx Error Pages
#

#
# HTTP Client Errors
#

# 400 Bad Request
# 401 Unauthorized (RFC 7235)
# 402 Payment Required
# 403 Forbidden
# 404 Not Found
# 406 Not Acceptable
# 407 Proxy Authentication Required (RFC 7235)
# 408 Request Time-out
# 409 Conflict
# 410 Gone
# 411 Length Required
# 412 Precondition Failed (RFC 7232)
# 413 Payload Too Large (RFC 7231)
# 414 URI Too Long (RFC 7231)
# 415 Unsupported Media Type
# 416 Range Not Satisfiable (RFC 7233)
# 417 Expectation Failed
# 418 I'm a teapot (RFC 2324)
# 421 Misdirected Request (RFC 7540)
# 422 Unprocessable Entity (WebDAV; RFC 4918)
# 423 Locked (WebDAV; RFC 4918)
# 424 Failed Dependency (WebDAV; RFC 4918)
# 426 Upgrade Required
# 428 Precondition Required (RFC 6585)
# 431 Request Header Fields Too Large (RFC 6585)
# 444 No Response (Nginx)
# 449 Retried after appropriate action (MS Exchange)
# 450 Blocked by Windows Parental Controls (Microsoft)
# 451 Unavailable For Legal Reasons (Fahrenheit 451)
# 495 SSL Certificate Error (Nginx)
# 496 SSL Certificate Required (Nginx)
# 497 HTTP Request Sent to HTTPS Port (Nginx)
# 499 Client Closed Request (Nginx, unsupported)

error_page
    400 401 402 403 404 406 407 408 409 410
    411 412 413 414 415 416 417 418 421 422
    423 424 426 428 431 444 449 450 451 495
    496 497
    @http_error_4xx;
location @http_error_4xx {
    root /usr/local/share/nginx/http/error;
    allow all;
    ssi on;
    try_files $uri /error-$status.html /error-4xx.html =400;
}

#
# Client Errors who need special handling
# Send additional headers etc.

# 405 Method Not Allowed
error_page 405 @http_error_405;
location @http_error_405 {
    root /usr/local/share/nginx/http/error;
    allow all;
    ssi on;
    add_header Access-Control-Allow-Methods "GET, HEAD, POST" always;
    try_files $uri /error-405.html =405;
}

# 429 Too Many Requests (RFC 6585)
error_page 429 @http_error_429;
location @http_error_429 {
    root /usr/local/share/nginx/http/error;
    allow all;
    ssi on;
    set $ip_req_rate_limit 100;
    set $ip_conn_limit 512;
    add_header X-RateLimit-Limit "100r/s" always;
    add_header Retry-After: 300 always;
    try_files $uri /error-429.html =429;
}


#
# HTTP Server Errors
#

# 500 Internal Server Error
# 501 Not Implemented
# 502 Bad Gateway
# 504 Gateway Time-out
# 505 HTTP Version Not Supported
# 506 Variant Also Negotiates (RFC 2295)
# 507 Insufficient Storage (WebDAV; RFC 4918)
# 508 Loop Detected (WebDAV; RFC 5842)
# 509 Bandwidth Limit Exceeded (Apache Web Server/cPanel)
# 510 Not Extended (RFC 2774)
# 511 Network Authentication Required (RFC 6585)
# 520 Unknown Error (Cloudflare)
# 521 Web Server Is Down (Cloudflare)
# 522 Connection Timed Out (Cloudflare)
# 523 Origin Is Unreachable (Cloudflare)
# 524 A Timeout Occurred (Cloudflare)
# 525 SSL Handshake Failed (Cloudflare)
# 526 Invalid SSL Certificate (Cloudflare)
# 527 Railgun Error (Cloudflare)
# 599 Network connect timeout error
error_page
    500 501 502 504 505 506 507 508 509 510
    511 520 521 522 523 524 525 526 527 599
    @http_error_5xx;
location @http_error_5xx {
    root /usr/local/share/nginx/http/error;
    allow all;
    ssi on;
    try_files $uri /error-$status.html /error-5xx.html =500;
}

#
# Server Errors who need special handling
# Send additional headers etc.

# 503 Service Unavailable
error_page 503 @http_error_503;
location @http_error_503 {
    root /usr/local/share/nginx/http/error;
    allow all;
    ssi on;
    add_header Retry-After: 1800 always;
    try_files $uri /error-503.html =503;
}

#
# Location for assets included in error page (css, js, fonts, etc.)
location ^~ /http_assets {
    alias /usr/local/share/nginx/http/assets;
    allow all;
}