API tools faq
paste
Advertisement
riespandi

nginx_essential.conf

riespandi
Jun 10th, 2017
97
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Nginx 1.22 KB | None | 0 0
raw download clone embed print report
  1. location ~ /\.ht { deny all; }
  2. location ~ /.well-known { allow all; }
  3. location = /wp-config.php  { log_not_found off; deny all; }
  4. location = /favicon.ico { log_not_found off; access_log off; allow all; }
  5. location = /robots.txt  { log_not_found off; access_log off; allow all; }
  6. location ~* \.(css|gif|ico|jpeg|jpg|js|png|bmp|mp3|aac|ogg|mp4|mkv)$ { expires max; log_not_found off; }
  7. index index.php index.html default.html;
  8. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  9. ssl_prefer_server_ciphers on;
  10. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
  11. ssl_ecdh_curve secp384r1;
  12. ssl_session_cache shared:SSL:10m;
  13. ssl_session_timeout 10m;
  14. ssl_session_tickets off;
  15. ssl_stapling on;
  16. ssl_stapling_verify on;
  17. resolver 208.67.222.222 208.67.220.220 valid=300s;
  18. resolver_timeout 5s;
  19. add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
  20. add_header X-Frame-Options DENY;
  21. add_header X-Content-Type-Options nosniff;
  22. ssl_dhparam /etc/ssl/certs/dhparam.pem;
  23. if ($http_host !~* "HOSTNAME") { rewrite ^/myadmin(.*)$ http://HOSTNAME/myadmin/$1 redirect; }
  24. if ($http_host !~* "HOSTNAME") { rewrite ^/status(.*)$ http://HOSTNAME/status/$1 redirect; }
  25. location ~* /phpinfo$ { return http://HOSTNAME/infophp.php; }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!