Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- server {
- listen 80 default_server;
- listen [::]:80 default_server;
- server_name example.com;
- return 301 https://$host$request_uri;
- }
- server {
- listen 443 ssl http2 default_server;
- listen [::]:443 ssl http2 default_server;
- server_name example.com;
- ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- resolver 209.222.18.222 209.222.18.218 valid=300s;
- resolver_timeout 5s;
- add_header X-Frame-Options SAMEORIGIN;
- add_header X-Content-Type-Options nosniff;
- ssl_dhparam /etc/ssl/certs/dhparam4096.pem;
- ssl_ecdh_curve secp384r1;
- ssl_session_tickets off;
- ssl_stapling on;
- ssl_stapling_verify on;
- root /var/www/html;
- index index.html index.html /_h5ai/public/index.php;
- error_page 403 404 /404.html;
- location / {
- try_files $uri $uri/ =404;
- }
- location ~ \.php$ {
- include snippets/fastcgi-php.conf;
- fastcgi_pass unix:/run/php/php7.0-fpm.sock;
- }
- location ~ /\.ht {
- deny all;
- }
- location ^~ /.well-known/acme-challenge/ {
- autoindex on;
- }
- location /unifi {
- return 302 /manage;
- }
- location /manage {
- proxy_pass https://127.0.0.1:8443/manage;
- proxy_ssl_verify off;
- include /etc/nginx/proxy_params;
- }
- location /status {
- proxy_pass https://127.0.0.1:8443/status;
- proxy_ssl_verify off;
- include /etc/nginx/proxy_params;
- }
- location /api {
- proxy_pass https://127.0.0.1:8443/api;
- proxy_ssl_verify off;
- include /etc/nginx/proxy_params;
- }
- location /wss {
- proxy_pass https://127.0.0.1:8443/wss;
- proxy_ssl_verify off;
- include /etc/nginx/proxy_params;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
