Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- location ~ /\.ht { deny all; }
- location ~ /.well-known { allow all; }
- location = /wp-config.php { log_not_found off; deny all; }
- location = /favicon.ico { log_not_found off; access_log off; allow all; }
- location = /robots.txt { log_not_found off; access_log off; allow all; }
- location ~* \.(css|gif|ico|jpeg|jpg|js|png|bmp|mp3|aac|ogg|mp4|mkv)$ { expires max; log_not_found off; }
- index index.php index.html default.html;
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
- ssl_prefer_server_ciphers on;
- ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
- ssl_ecdh_curve secp384r1;
- ssl_session_cache shared:SSL:10m;
- ssl_session_timeout 10m;
- ssl_session_tickets off;
- ssl_stapling on;
- ssl_stapling_verify on;
- resolver 208.67.222.222 208.67.220.220 valid=300s;
- resolver_timeout 5s;
- add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
- add_header X-Frame-Options DENY;
- add_header X-Content-Type-Options nosniff;
- ssl_dhparam /etc/ssl/certs/dhparam.pem;
- if ($http_host !~* "HOSTNAME") { rewrite ^/myadmin(.*)$ http://HOSTNAME/myadmin/$1 redirect; }
- if ($http_host !~* "HOSTNAME") { rewrite ^/status(.*)$ http://HOSTNAME/status/$1 redirect; }
- location ~* /phpinfo$ { return http://HOSTNAME/infophp.php; }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement