Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $ sudo nginx -v
- nginx version: nginx/1.10.3
- $ sudo php -v
- PHP 7.0.30-0+deb9u1 (cli) (built: Jun 14 2018 13:50:25) ( NTS )
- Copyright (c) 1997-2017 The PHP Group
- Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
- with Zend OPcache v7.0.30-0+deb9u1, Copyright (c) 1999-2017, by Zend Technologies
- server {
- listen 80;
- server_name example.com www.example.com;
- error_log /var/log/nginx/error.log;
- access_log /var/log/nginx/access.log;
- include global/restrictions.conf;
- # Root
- location / {
- root /var/www/root/html;
- index index.php index.htm index.html index.nginx-debian.html;
- try_files $uri $uri/ =404;
- # pass the PHP scripts to FastCGI server
- include global/root.conf;
- }
- # WordPress
- location /blog/ {
- root /var/www/blog/html;
- # pass the PHP scripts to FastCGI server
- include global/wordpress.conf;
- }
- # DokuWiKi
- location /wiki/ {
- root /var/www/wiki/html;
- index index.php index.htm index.html;
- try_files $uri $uri/ =404;
- # pass the PHP scripts to FastCGI server
- include global/wiki.conf;
- }
- # NextCloud
- # location /drive/ {
- # root /var/www/drive/html;
- # pass the PHP scripts to FastCGI server
- # include global/.conf;
- # }
- }
- location ~ .php$ {
- include snippets/fastcgi-php.conf;
- fastcgi_pass unix:/var/run/php7.0-fpm.sock;
- }
- location ~ /.ht {
- deny all;
- }
- # WordPress single site rules. Designed to be included in any
- # server {} block.
- # This order might seem weird - this is attempted to match last if
- # rules below fail. http://wiki.nginx.org/HttpCoreModule
- location /blog/ {
- try_files $uri $uri/ /index.php?$args;
- }
- # Add trailing slash to */wp-admin requests.
- rewrite /wp-admin$ $scheme://$host$uri/ permanent;
- # Directives to send expires headers and turn off 404 error
- # logging.
- location ~*
- ^.+.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$
- {
- access_log off; log_not_found off; expires max;
- }
- # Uncomment one of the lines below for the appropriate caching
- #plugin (if used). include global/wordpress-wp-super-cache.conf;
- #include global/wordpress-w3-total-cache.conf;
- # Pass all .php files onto a php-fpm/php-fcgi server.
- location ~ [^/].php(/|$) {
- fastcgi_split_path_info ^(.+?.php)(/.*)$;
- if (!-f $document_root$fastcgi_script_name) {
- return 404;
- }
- # This is a robust solution for path info security issue and
- # works with "cgi.fix_pathinfo = 1" in /etc/php.ini (default)
- include fastcgi_params;
- fastcgi_index index.php;
- fastcgi_param SCRIPT_FILENAME
- $document_root$fastcgi_script_name;
- # fastcgi_intercept_errors on;
- fastcgi_pass unix:/var/run/php7.0-fpm.sock;
- }
- # Deny all attempts to access hidden files such as .htaccess,
- # .htpasswd, .DS_Store (Mac). Keep logging the requests to parse
- # later (or to pass to firewall utilities such as fail2ban)
- location ~ /. {
- deny all;
- }
- # Deny access to any files with a .php extension in the uploads
- # directory Works in sub-directory installs and also in multisite
- # network Keep logging the requests to parse later (or to pass to
- # firewall utilities such as fail2ban)
- location ~* /(?:uploads|files)/.*.php$ {
- deny all;
- }
Add Comment
Please, Sign In to add comment