Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- server {
- listen [::]:80 default_server ipv6only=off;
- server_name mysite.com *.mysite.com;
- root /usr/share/nginx/sitedivision;
- index index.php index.html index.htm;
- location / {
- try_files $uri $uri/ /index.php?$args ;
- }
- location ~ /favicon.ico {
- access_log off;
- log_not_found off;
- }
- location ~ \.php$ {
- try_files $uri /index.php;
- include fastcgi_params;
- fastcgi_pass unix:/var/run/php5-fpm.sock;
- }
- access_log /var/log/nginx/$host-access.log;
- error_log /var/log/nginx/wpms-error.log;
- # ? See: http://nginx.org/en/docs/http/ngx_http_core_module.html#etag
- # This reduces load on your server by supporting the If-Modified-Since header,
- # since by browsers for static resources.
- etag on;
- expires 7d;
- if_modified_since before;
- # ? See: http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip
- # This enables GZIP compression in Nginx, making all static
- # resources load faster in browsers.
- gzip on;
- gzip_vary on;
- gzip_comp_level 6;
- gzip_types text/plain text/xml image/svg+xml # text/html in core already.
- application/rss+xml application/atom+xml application/xhtml+xml
- text/css application/json application/x-javascript
- application/font-otf application/font-ttf;
- # ? See: http://davidwalsh.name/cdn-fonts
- # This prevents cross-domain security issues related to fonts.
- # Only needed if you use Static CDN Filters in ZenCache.
- # ? This is optional, but suggested. It's a flag to tell ZenCache
- # that you completed this Nginx configuration.
- location ~* \.php$ {
- fastcgi_param WP_NGINX_CONFIG done;
- }
- }
- server {
- listen 443 ssl;
- server_name mysite.com;
- ssl on;
- ssl_certificate /etc/nginx/ssl/ssl-bundle.crt;
- ssl_certificate_key /etc/nginx/ssl/mysite.com.key;
- root /usr/share/nginx/sitedivision;
- index index.php index.html index.htm;
- location / {
- try_files $uri $uri/ /index.php?$args ;
- }
- location ~ /favicon.ico {
- access_log off;
- log_not_found off;
- }
- location ~ \.php$ {
- try_files $uri /index.php;
- include fastcgi_params;
- fastcgi_pass unix:/var/run/php5-fpm.sock;
- }
- location ~* \.(txt|xml|js)$ {
- expires 8d;
- }
- location ~* \.(css)$ {
- expires 8d;
- }
- location ~* \.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav|mp4|m4v|ogg|webm|aac)$ {
- expires 8d;
- }
- location ~* \.(jpg|jpeg|png|gif|swf|webp)$ {
- expires 8d;
- }
- access_log /var/log/nginx/$host-access.log;
- error_log /var/log/nginx/wpms-error.log;
- #enables all versions of TLS, but not SSLv2 or 3 which are weak and now deprecated.
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
- #Disables all weak ciphers
- ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
- ssl_prefer_server_ciphers on;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement