API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 23rd, 2017
60
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.89 KB | None | 0 0
raw download clone embed print report
  1. # If using Ubuntu this file should be placed in:
  2. # /etc/nginx/sites-available/
  3. #
  4. # If using CentOS this file should be placed in:
  5. # /etc/nginx/conf.d/
  6. #
  7. server {
  8. listen 80;
  9. server_name quinjoes.spitservers.eu;
  10. return 301 https://$server_name$request_uri;
  11. }
  12.  
  13. server {
  14. listen 443 ssl http2;
  15. server_name quinjoes.spitservers.eu;
  16.  
  17. root /var/www/html/pterodactyl/public;
  18. index index.php;
  19.  
  20. access_log /var/log/nginx/pterodactyl.app-access.log;
  21. error_log /var/log/nginx/pterodactyl.app-error.log error;
  22.  
  23. # allow larger file uploads and longer script runtimes
  24. client_max_body_size 100m;
  25. client_body_timeout 120s;
  26.  
  27. sendfile off;
  28.  
  29. # strengthen ssl security
  30. ssl_certificate /etc/letsencrypt/live/quinjoes.spitservers.eu/fullchain.pem;
  31. ssl_certificate_key /etc/letsencrypt/live/quinjoes.spitservers.eu/privkey.pem;
  32. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  33. ssl_prefer_server_ciphers on;
  34. ssl_session_cache shared:SSL:10m;
  35. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
  36.  
  37. # See the link below for more SSL information:
  38. # https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
  39. #
  40. # ssl_dhparam /etc/ssl/certs/dhparam.pem;
  41.  
  42. # Add headers to serve security related headers
  43. add_header Strict-Transport-Security "max-age=15768000; preload;";
  44. add_header X-Content-Type-Options nosniff;
  45. add_header X-XSS-Protection "1; mode=block";
  46. add_header X-Robots-Tag none;
  47. add_header Content-Security-Policy "frame-ancestors 'self'";
  48.  
  49. location / {
  50. try_files $uri $uri/ /index.php?$query_string;
  51. }
  52.  
  53. location ~ \.php$ {
  54. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  55. # the fastcgi_pass path needs to be changed accordingly when using CentOS
  56. fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
  57. fastcgi_index index.php;
  58. include fastcgi_params;
  59. fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
  60. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  61. fastcgi_param HTTP_PROXY "";
  62. fastcgi_intercept_errors off;
  63. fastcgi_buffer_size 16k;
  64. fastcgi_buffers 4 16k;
  65. fastcgi_connect_timeout 300;
  66. fastcgi_send_timeout 300;
  67. fastcgi_read_timeout 300;
  68. include /etc/nginx/fastcgi_params;
  69. }
  70.  
  71. location ~ /\.ht {
  72. deny all;
  73. }
  74. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!