API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 5th, 2016
145
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.84 KB | None | 0 0
raw download clone embed print report
  1. #x# HTTPS-DEFAULT
  2. server {
  3.  
  4. server_name mydomain.com www.mydomain.com;
  5. return 302 https://$server_name$request_uri;
  6. include /usr/local/nginx/conf/staticfiles-hsts.conf;
  7. }
  8.  
  9. server {
  10. listen 443 ssl http2;
  11. server_name mydomain.com www.mydomain.com;
  12.  
  13. include /usr/local/nginx/conf/ssl/mydomain.com/mydomain.com.crt.key.conf;
  14. include /usr/local/nginx/conf/ssl_include.conf;
  15.  
  16. http2_max_field_size 16k;
  17. http2_max_header_size 32k;
  18. # mozilla recommended
  19. ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
  20. ssl_prefer_server_ciphers on;
  21. #add_header Alternate-Protocol 443:npn-spdy/3;
  22.  
  23. # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
  24. add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
  25. #add_header X-Frame-Options SAMEORIGIN;
  26. #add_header X-Xss-Protection "1; mode=block" always;
  27. #add_header X-Content-Type-Options "nosniff" always;
  28. #spdy_headers_comp 5;
  29. ssl_buffer_size 1369;
  30. ssl_session_tickets on;
  31.  
  32. # enable ocsp stapling
  33. resolver 8.8.8.8 8.8.4.4 valid=10m;
  34. resolver_timeout 10s;
  35. ssl_stapling on;
  36. ssl_stapling_verify on;
  37.  
  38. # ngx_pagespeed & ngx_pagespeed handler
  39. #include /usr/local/nginx/conf/pagespeed.conf;
  40. #include /usr/local/nginx/conf/pagespeedhandler.conf;
  41. #include /usr/local/nginx/conf/pagespeedstatslog.conf;
  42.  
  43. # limit_conn limit_per_ip 16;
  44. # ssi on;
  45.  
  46. access_log /home/nginx/domains/mydomain.com/log/access.log main_ext buffer=256k flush=60m;
  47. error_log /home/nginx/domains/mydomain.com/log/error.log;
  48.  
  49. include /usr/local/nginx/conf/autoprotect/mydomain.com/autoprotect-mydomain.com.conf;
  50. root /home/nginx/domains/mydomain.com/public;
  51. # uncomment cloudflare.conf include if using cloudflare for
  52. # server and/or vhost site
  53. #include /usr/local/nginx/conf/cloudflare.conf;
  54. #include /usr/local/nginx/conf/503include-main.conf;
  55.  
  56. location / {
  57. #include /usr/local/nginx/conf/503include-only.conf;
  58.  
  59. # block common exploits, sql injections etc
  60. include /usr/local/nginx/conf/block.conf;
  61.  
  62. # Enables directory listings when index file not found
  63. #autoindex on;
  64.  
  65. # Shows file listing times as local time
  66. #autoindex_localtime on;
  67.  
  68. # Enable for vBulletin usage WITHOUT vbSEO installed
  69. try_files $uri $uri/ /index.php;
  70.  
  71. }
  72.  
  73. include /usr/local/nginx/conf/staticfiles-hsts.conf;
  74. #include /usr/local/nginx/conf/staticfiles.conf;
  75. include /usr/local/nginx/conf/php.conf;
  76. include /usr/local/nginx/conf/drop.conf;
  77. #include /usr/local/nginx/conf/errorpage.conf;
  78. include /usr/local/nginx/conf/vts_server.conf;
  79. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!