Advertisement
Guest User

Untitled

a guest
Dec 5th, 2019
1,002
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.58 KB | None | 0 0
  1. server {
  2. listen 80;
  3. server_name domain-name.org;
  4. root /var/www/html;
  5. index index.php index.html index.htm;
  6. location /.well-known/acme-challenge {
  7. default_type "text/plain";
  8. root /var/www/certbot;
  9. }
  10.  
  11. # Forces all other requests to HTTPS
  12. location / {
  13. return 301 https://$host$request_uri;
  14. }
  15. }
  16.  
  17. server {
  18. listen 443 ssl http2;
  19. server_name domain-name.org;
  20. root /var/www/html;
  21. index index.php index.html index.htm;
  22. ssl on;
  23. ssl_certificate /etc/letsencrypt/live/domain-name.org/fullchain.pem;
  24. ssl_certificate_key /etc/letsencrypt/live/domain-name.org/privkey.pem;
  25. ssl_protocols TLSv1.2;
  26. ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
  27. ssl_prefer_server_ciphers on;
  28. keepalive_timeout 70;
  29. add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
  30.  
  31. location / {
  32. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  33. proxy_set_header X-Forwarded-Proto http;
  34. proxy_set_header Host $http_host;
  35. proxy_pass http://127.0.0.1:5080/;
  36. proxy_redirect off;
  37. break;
  38. }
  39.  
  40. location /orig/ {
  41. auth_basic "Restricted";
  42. auth_basic_user_file /etc/nginx/.htpasswdadm;
  43. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  44. proxy_set_header X-Forwarded-Proto http;
  45. proxy_set_header Host $http_host;
  46. proxy_pass http://localhost:5080/;
  47. proxy_redirect off;
  48. break;
  49. }
  50.  
  51. location ~ /madmin(.*)$ {
  52. auth_basic "Restricted";
  53. auth_basic_user_file /etc/nginx/.htpasswdadm;
  54. proxy_set_header X-Real-IP $remote_addr;
  55. proxy_set_header X-Forwarded-For $remote_addr;
  56. proxy_set_header X-Forwarded-Proto https;
  57. proxy_set_header X-Script-Name /madmin;
  58. proxy_set_header Host $host;
  59. proxy_pass http://127.0.0.1:8050$1$is_args$args;
  60. client_max_body_size 100M;
  61. }
  62.  
  63. location ~ \.php$ {
  64. include snippets/fastcgi-php.conf;
  65. fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
  66. }
  67.  
  68. location /phpmyadmin {
  69. auth_basic "Restricted";
  70. auth_basic_user_file /etc/nginx/.htpasswdadm;
  71. }
  72.  
  73. location /mitm {
  74. auth_basic "Restricted";
  75. auth_basic_user_file /etc/nginx/.htpasswddev;
  76. rewrite /mitm(.*) /$1 break;
  77. proxy_http_version 1.1;
  78. proxy_set_header Upgrade $http_upgrade;
  79. proxy_set_header Connection "upgrade";
  80. proxy_set_header Host $host;
  81. proxy_set_header X-Real-IP $remote_addr;
  82. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  83. proxy_pass http://127.0.0.1:8000;
  84. }
  85.  
  86. location /ws {
  87. auth_basic "Restricted";
  88. auth_basic_user_file /etc/nginx/.htpasswddev;
  89. proxy_redirect off;
  90. proxy_set_header Host $http_host;
  91. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  92. proxy_set_header X-Real-IP $remote_addr;
  93.  
  94. proxy_pass http://127.0.0.1:8080;
  95. proxy_http_version 1.1;
  96. proxy_set_header Upgrade $http_upgrade;
  97. proxy_set_header Connection "Upgrade";
  98. }
  99. }
  100.  
  101. server {
  102. listen 127.0.0.1:80;
  103. server_name 127.0.0.1;
  104. location /nginx_status {
  105. stub_status on;
  106. allow 127.0.0.1;
  107. deny all;
  108. }
  109. }
  110.  
  111. ~
  112. ~
  113. ~
  114. ~
  115. ~
  116. ~
  117. ~
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement