Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- server {
- listen 80;
- server_name domain-name.org;
- root /var/www/html;
- index index.php index.html index.htm;
- location /.well-known/acme-challenge {
- default_type "text/plain";
- root /var/www/certbot;
- }
- # Forces all other requests to HTTPS
- location / {
- return 301 https://$host$request_uri;
- }
- }
- server {
- listen 443 ssl http2;
- server_name domain-name.org;
- root /var/www/html;
- index index.php index.html index.htm;
- ssl on;
- ssl_certificate /etc/letsencrypt/live/domain-name.org/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/domain-name.org/privkey.pem;
- ssl_protocols TLSv1.2;
- ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
- ssl_prefer_server_ciphers on;
- keepalive_timeout 70;
- add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
- location / {
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto http;
- proxy_set_header Host $http_host;
- proxy_pass http://127.0.0.1:5080/;
- proxy_redirect off;
- break;
- }
- location /orig/ {
- auth_basic "Restricted";
- auth_basic_user_file /etc/nginx/.htpasswdadm;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto http;
- proxy_set_header Host $http_host;
- proxy_pass http://localhost:5080/;
- proxy_redirect off;
- break;
- }
- location ~ /madmin(.*)$ {
- auth_basic "Restricted";
- auth_basic_user_file /etc/nginx/.htpasswdadm;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $remote_addr;
- proxy_set_header X-Forwarded-Proto https;
- proxy_set_header X-Script-Name /madmin;
- proxy_set_header Host $host;
- proxy_pass http://127.0.0.1:8050$1$is_args$args;
- client_max_body_size 100M;
- }
- location ~ \.php$ {
- include snippets/fastcgi-php.conf;
- fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
- }
- location /phpmyadmin {
- auth_basic "Restricted";
- auth_basic_user_file /etc/nginx/.htpasswdadm;
- }
- location /mitm {
- auth_basic "Restricted";
- auth_basic_user_file /etc/nginx/.htpasswddev;
- rewrite /mitm(.*) /$1 break;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_pass http://127.0.0.1:8000;
- }
- location /ws {
- auth_basic "Restricted";
- auth_basic_user_file /etc/nginx/.htpasswddev;
- proxy_redirect off;
- proxy_set_header Host $http_host;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_pass http://127.0.0.1:8080;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "Upgrade";
- }
- }
- server {
- listen 127.0.0.1:80;
- server_name 127.0.0.1;
- location /nginx_status {
- stub_status on;
- allow 127.0.0.1;
- deny all;
- }
- }
- ~
- ~
- ~
- ~
- ~
- ~
- ~
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement