API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 8th, 2016
95
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.01 KB | None | 0 0
raw download clone embed print report
  1. ### Config I added that doesn't work. Commented it out to save data ###
  2.  
  3. #server {
  4. #listen 443 ssl;
  5.  
  6. # server_name mail.example.com;
  7.  
  8. # ssl_certificate /etc/letsencrypt/live/mail.example.com/fullchain.pem;
  9. # ssl_certificate_key /etc/letsencrypt/live/mail.example.com/privkey.pem;
  10. # ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  11. # ssl_prefer_server_ciphers on;
  12. # ssl_dhparam /etc/ssl/certs/dhparam.pem;
  13. # ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
  14. # ssl_session_timeout 1d;
  15. # ssl_session_cache shared:SSL:50m;
  16. # ssl_stapling on;
  17. # ssl_stapling_verify on;
  18. # add_header Strict-Transport-Security max-age=15768000;
  19.  
  20.  
  21.  
  22. # client_max_body_size 30m;
  23. # server_name mail.example.com;
  24. # root /usr/share/nginx/html;
  25. # index index.php index.html index.htm;
  26. # port_in_redirect off;
  27.  
  28. # location ~ /.well-known {
  29. # allow all;
  30. # }
  31.  
  32. ### Original File Begins Here ###
  33.  
  34. server {
  35. listen 80 default_server;
  36. listen [::]:80 default_server ipv6only=on;
  37.  
  38. client_max_body_size 40M;
  39.  
  40. root /usr/share/nginx/html;
  41. index index.php index.html index.htm;
  42.  
  43. # Make site accessible from http://localhost/
  44. #server_name localhost;
  45.  
  46. location / {
  47. # First attempt to serve request as file, then
  48. # as directory, then fall back to displaying a 404.
  49. #try_files $uri $uri/ =404;
  50. try_files $uri $uri/ /index.php?$args;
  51. # Uncomment to enable naxsi on this location
  52. # include /etc/nginx/naxsi.rules
  53. }
  54.  
  55. # location ~ /.well-known {
  56. # allow all;
  57. # }
  58.  
  59. location /staff {
  60. auth_basic "Closed Website";
  61. auth_basic_user_file /etc/nginx/staff_pass;
  62. }
  63.  
  64. location /nothingtosee {
  65. allow x.x.x.x;
  66. allow 10.1.1.0/24;
  67. deny all;
  68. auth_basic "Closed Website";
  69. auth_basic_user_file /etc/nginx/pma_pass;
  70. fastcgi_buffer_size 128k;
  71. fastcgi_buffers 256 4k;
  72. fastcgi_busy_buffers_size 256k;
  73. fastcgi_temp_file_write_size 256k;
  74. fastcgi_read_timeout 240;
  75. }
  76.  
  77. location /intranet/v3 {
  78. index index.php index.html index.htm;
  79. try_files $uri $uri/ /index.php?$args;
  80. allow 10.1.1.0/24;
  81. allow 10.1.2.0/24;
  82. allow 10.1.3.0/24;
  83. allow 10.1.4.0/24;
  84. allow 10.1.5.0/24;
  85. allow 10.1.18.0/24;
  86. deny all;
  87. deny 10.1.10.0/24;
  88. deny 10.1.18.0/24;
  89. }
  90.  
  91. location /squirrelmail {
  92. root /usr/share/;
  93. index index.php index.html index.htm;
  94. location ~ ^/squirrelmail/(.+\.php)$ {
  95. try_files $uri =404;
  96. root /usr/share/;
  97. fastcgi_pass 127.0.0.1:9000;
  98. fastcgi_index index.php;
  99. fastcgi_param SCRIPT_FILENAME $request_filename;
  100. include /etc/nginx/fastcgi_params;
  101. fastcgi_param PATH_INFO $fastcgi_script_name;
  102. fastcgi_buffer_size 128k;
  103. fastcgi_buffers 256 4k;
  104. fastcgi_busy_buffers_size 256k;
  105. fastcgi_temp_file_write_size 256k;
  106. fastcgi_intercept_errors on;
  107. }
  108. location ~* ^/squirrelmail/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
  109. root /usr/share/;
  110. }
  111. }
  112. location /webmail {
  113. rewrite ^/* /squirrelmail last;
  114. } }
  115.  
  116. # Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
  117. #location /RequestDenied {
  118. # proxy_pass http://127.0.0.1:8080;
  119. #}
  120.  
  121. #error_page 404 /404.html;
  122.  
  123. # redirect server error pages to the static page /50x.html
  124. #
  125. #error_page 500 502 503 504 /50x.html;
  126. #location = /50x.html {
  127. # root /usr/share/nginx/html;
  128. #}
  129.  
  130. # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  131. #
  132. location ~ \.php$ {
  133. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  134. # # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
  135. #
  136. # # With php5-cgi alone:
  137. fastcgi_pass 127.0.0.1:9000;
  138. # # With php5-fpm:
  139. # fastcgi_pass unix:/var/run/php5-fpm.sock;
  140. fastcgi_index index.php;
  141. include fastcgi_params;
  142. }
  143.  
  144. # deny access to .htaccess files, if Apache's document root
  145. # concurs with nginx's one
  146. #
  147. #location ~ /\.ht {
  148. # deny all;
  149. #}
  150. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!