Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- server {
- # Listen to HTTP at port 80
- listen [::]:80;
- listen 80;
- # Listen to HTTPS at port 443
- listen [::]:443 ssl http2;
- listen 443 ssl http2;
- # tell users to go to SSL version this time
- if ($ssl_protocol = "") {
- rewrite ^ https://www.ravindrabhargava.com$request_uri? permanent;
- }
- server_name ravindrabhargava.com www.ravindrabhargava.com;
- ssl_certificate /etc/letsencrypt/live/ravindrabhargava.com/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/ravindrabhargava.com/privkey.pem;
- access_log /var/log/nginx/nginx/access.log;
- error_log /var/log/nginx/nginx/error.log;
- root /usr/share/nginx/ravindrabhargava.com/;
- index index.html index.php;
- location / {
- try_files $uri $uri/ /index.php?$args;
- }
- location ~ \.php$ {
- try_files $uri =404;
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
- fastcgi_pass unix:/run/php/php7.4-fpm.sock;
- fastcgi_index index.php;
- include fastcgi_params;
- add_header Content-Security-Policy "img-src * 'self' data: blob: https:; default-src 'self' https://*.googleapis.com https://*.googletagmanager.com https://*.google-analytics.com https://s.ytimg.com https://www.youtube.com https://www.ravindrabhargava.com https://*.googleapis.com https://*.gstatic.com https://*.gravatar.com https://*.w.org data: 'unsafe-inline' 'unsafe-eval';" always;
- add_header X-Xss-Protection "1; mode=block" always;
- add_header X-Frame-Options "SAMEORIGIN" always;
- add_header X-Content-Type-Options "nosniff" always;
- add_header Access-Control-Allow-Origin "https://www.ravindrabhargava.com";
- add_header Referrer-Policy "origin-when-cross-origin" always;
- add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
- }
- }
Add Comment
Please, Sign In to add comment