Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- server {
- listen 80;
- server_name www.onyour6designs.com;
- rewrite ^ http://onyour6designs.com$request_uri?;
- }
- server {
- listen 80;
- listen 66.228.55.78:443 default ssl;
- ssl on;
- ssl_prefer_server_ciphers on;
- ssl_protocols TLSv1 SSLv3;
- ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
- ssl_session_cache shared:WEB:10m;
- ssl_certificate /etc/nginx/ssl/onyour6bundle.crt;
- ssl_certificate_key /etc/nginx/ssl/onyour6designs.com.key;
- root /home/onyour6/public/onyour6designs.com/public/;
- index index.php;
- server_name onyour6designs.com;
- access_log /var/log/nginx/onyour6designs.com.access.log;
- error_log /var/log/nginx/onyour6designs.com.error.log;
- location / {
- try_files $uri $uri/ /index.php?q=$uri&$args @memcached;
- }
- location ~ \.php$ {
- fastcgi_pass unix:/var/run/php5-fpm.sock;
- fastcgi_index index.php;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param SCRIPT_NAME $fastcgi_script_name;
- include /etc/nginx/fastcgi_params;
- fastcgi_connect_timeout 10;
- fastcgi_send_timeout 180;
- fastcgi_read_timeout 180;
- fastcgi_buffer_size 512k;
- fastcgi_buffers 4 256k;
- fastcgi_busy_buffers_size 512k;
- fastcgi_temp_file_write_size 512k;
- fastcgi_intercept_errors on;
- fastcgi_split_path_info ^(.+\.php)(/.*)$;
- fastcgi_keep_conn on;
- fastcgi_param QUERY_STRING $query_string;
- fastcgi_param REQUEST_METHOD $request_method;
- fastcgi_param CONTENT_TYPE $content_type;
- fastcgi_param CONTENT_LENGTH $content_length;
- fastcgi_param REQUEST_URI $request_uri;
- fastcgi_param DOCUMENT_URI $document_uri;
- fastcgi_param DOCUMENT_ROOT $document_root;
- fastcgi_param SERVER_PROTOCOL $server_protocol;
- fastcgi_param GATEWAY_INTERFACE CGI/1.1;
- fastcgi_param SERVER_SOFTWARE nginx;
- fastcgi_param REMOTE_ADDR $remote_addr;
- fastcgi_param REMOTE_PORT $remote_port;
- fastcgi_param SERVER_ADDR $server_addr;
- fastcgi_param SERVER_PORT $server_port;
- fastcgi_param SERVER_NAME $server_name;
- fastcgi_param PATH_INFO $fastcgi_path_info;
- fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
- fastcgi_param REDIRECT_STATUS 200;
- }
- # try to get result from memcached
- location @memcached {
- default_type text/html;
- set $memcached_key data-$scheme://$host$request_uri;
- set $memcached_request 1;
- # exceptions
- # avoid cache serve of POST requests
- if ($request_method = POST ) {
- set $memcached_request 0;
- }
- # avoid cache serve of wp-admin-like pages, starting with "wp-"
- if ( $uri ~ "/wp-" ) {
- set $memcached_request 0;
- }
- if ($http_cookie ~* "comment_author_|wordpressuser_|wp-postpass_|wordpress_logged_in_" ) {
- set $memcached_request 0;
- }
- if ( $memcached_request = 1) {
- add_header X-Cache-Engine "WP-FFPC with memcached via nginx";
- memcached_pass memcached-servers;
- error_page 404 = @rewrites;
- }
- if ( $memcached_request = 0) {
- rewrite ^ /index.php last;
- }
- }
- location ~/\.ht {
- deny all;
- }
- ## rewrite rules
- location @rewrites {
- add_header X-Cache-Engine "";
- rewrite ^ /index.php last;
- }
- # BEGIN iThemes Security
- # BEGIN Tweaks
- # Rules to block access to WordPress specific files and wp-includes
- location ~ /\.ht { deny all; }
- location ~ wp-config.php { deny all; }
- location ~ readme.html { deny all; }
- location ~ readme.txt { deny all; }
- location ~ /install.php { deny all; }
- location ^wp-includes/(.*).php { deny all; }
- location ^/wp-admin/includes(.*)$ { deny all; }
- # Rules to disable XML-RPC
- location ~ xmlrpc.php { deny all; }
- # Rules to prevent php execution in uploads
- location ^(.*)/uploads/(.*).php(.?){ deny all; }
- # Rules to block unneeded HTTP methods
- if ($request_method ~* "^(TRACE|DELETE|TRACK)"){ return 403; }
- # Rules to block foreign characters in URLs
- if ($args ~* "(%0|%A|%B|%C|%D|%E|%F)") { return 403; }
- # Rules to help reduce spam
- location /wp-comments-post.php {
- valid_referers jetpack.wordpress.com/jetpack-comment/ *.onyour6designs.com;
- set $rule_0 0;
- if ($request_method ~ "POST"){ set $rule_0 1$rule_0; }
- if ($invalid_referer) { set $rule_0 2$rule_0; }
- if ($http_user_agent ~ "^$"){ set $rule_0 3$rule_0; }
- if ($rule_0 = "3210") { return 403; }
- }
- # END Tweaks
- # END iThemes Security
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement