user apache; worker_processes 8; worker_rlimit_nofile 100000; error_log /var/log/nginx/error.log debug; pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; access_log on; sendfile on; tcp_nopush on; tcp_nodelay on; server_tokens on; gzip on; gzip_static on; gzip_comp_level 1; gzip_min_length 1024; #Note, text/html is on by default in nginx gzip_types text/css application/x-javascript text/xml application/rss+xml keepalive_timeout 50; keepalive_requests 100; limit_zone myzone $binary_remote_addr 10m; # Load config files from the /etc/nginx/conf.d directory include /etc/nginx/conf.d/*.conf; server { ## Redirect to Domain if $host does not match www.domain.com listen 80 default_server; server_name _; rewrite ^ http://www.domain.com/vb$request_uri permanent; } server { limit_conn myzone 20; listen 80; server_name www.domain.com; root /var/www/html; index index.php index.html index.shtml index.htm; client_max_body_size 2M; #charset koi8-r; ## Tell browsers to cache these files for 90 days and serve them directly location ~* \.(jpg|jpeg|gif|css|png|ico|js)$ { expires 90d; } location / { ## Enable Server Side Includes for / ssi on; ## If the file exists as a static file serve it directly without ## running all the other rewite tests on it; try_files $uri $uri/ @IndexRewrites; } location @IndexRewrites { rewrite ; } # WordPress single blog rules. # Designed to be included in any server {} block. # Based on http://codex.wordpress.org/Nginx # This order might seem weird - this is attempted to match last if rules below fail. # http://wiki.nginx.org/HttpCoreModule location /blog/ { try_files $uri $uri/ /blog/index.php?$args; # Add trailing slash to */wp-admin requests. rewrite /blog/wp-admin$ $scheme://$host$uri/ permanent; # Uncomment one of the lines below for the appropriate caching plugin (if used). include wordpress-wp-super-cache.conf; } ## Rewriterule to make vBseo forum links work ## Based on http://www.axivo.com/community/threads/proper-vbseo-rewrite-rules-for-vbulletin-3.123 location /vb/ { try_files $uri $uri/ @vbseo; } location @vbseo { fastcgi_pass unix:/dev/shm/php.sock; fastcgi_param SCRIPT_FILENAME $document_root/vb/vbseo.php; fastcgi_param QUERY_STRING vbseourl=$request_uri; include fastcgi_params; internal; } location = /vb/inlinemod.php { fastcgi_pass unix:/dev/shm/php.sock; fastcgi_param SCRIPT_FILENAME $document_root/vb/vbseo.php; fastcgi_param QUERY_STRING vbseourl=$request_uri; include fastcgi_params; } error_page 403 404 /e404.php; # Pass all .php files onto a php-fpm/php-fcgi server. # Based on https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/ location ~ \.php$ { # Zero-day exploit defense. # http://forum.nginx.org/read.php?2,88845,page=3 # Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi. # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine. And then cross your fingers that you won't get hacked. try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; include fastcgi_params; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass unix:/dev/shm/php.sock; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\.ht { deny all; } } }