Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- server {
- listen [::]:443 443 ssl http2;
- server_name домен;
- resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4;
- root /usr/share/nginx/html;
- include /etc/nginx/default.d/*.conf;
- location / {
- root /usr/share/nginx/html;
- index index.php index.html index.htm;
- }
- error_page 404 /404.html;
- location = /404.html {
- root /usr/share/nginx/html;
- }
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root /usr/share/nginx/html;
- }
- ssl_stapling on;
- ssl on;
- ssl_certificate /etc/letsencrypt/live/домен/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/домен/privkey.pem;
- ssl_trusted_certificate /etc/letsencrypt/live/домен/chain.pem;
- ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
- ssl_session_timeout 24h;
- ssl_session_cache shared:SSL:2m;
- ssl_protocols TLSv1.3 TLSv1.2;
- ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;
- ssl_prefer_server_ciphers on;
- add_header Strict-Transport-Security "max-age=31536000;";
- add_header Content-Security-Policy-Report-Only "default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report";
- location ~ \.php$ {
- root /usr/share/nginx/html;
- fastcgi_pass 127.0.0.1:9000;
- fastcgi_index index.php;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- include fastcgi_params;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement