Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- server {
- listen 443 default ssl;
- root /var/www/beta.com;
- index index.php index.html index.htm;
- server_name beta.com;
- ssl_protocols TLSv1.2;
- ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-GCM
- -SHA384:DHE-RSA-AES256-GCM-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
- ssl_prefer_server_ciphers on;
- ssl_session_cache shared:SSL:2m;
- ssl_dhparam /etc/ssl/private/dhparam4096.pem;
- add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
- ssl_stapling on;
- ssl_stapling_verify on;
- resolver 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844];
- ssl_certificate /etc/ssl/private/beta.com.crt;
- ssl_certificate_key /etc/ssl/private/beta.com.key;
- ssl_trusted_certificate /etc/ssl/private/intermediateca.pem;
- location / {
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header HOST $http_host;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_pass http://127.0.0.1:2368;
- }
- access_log /var/log/nginx/beta.com.log;
- error_page 404 /404.html;
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root /usr/share/nginx/html;
- }
- location ~ \.php$ {
- try_files $uri =404;
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
- fastcgi_pass unix:/var/run/php5-fpm.sock;
- fastcgi_index index.php;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- include fastcgi_params;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
