API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 30th, 2024
13
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.26 KB | None | 0 0
raw download clone embed print report
  1. server {
  2. listen 80;
  3. listen 443 ssl;
  4. listen 443 quic reuseport;
  5. http2 on;
  6. http3 on;
  7. quic_gso on;
  8. quic_retry off;
  9.  
  10. server_name catpdf.org www.catpdf.org;
  11. index index.php index.html index.htm default.php default.htm default.html;
  12. root /www/wwwroot/catpdf.org;
  13.  
  14. # SSL 配置
  15. ssl_certificate /www/server/panel/vhost/cert/catpdf.org/fullchain.pem;
  16. ssl_certificate_key /www/server/panel/vhost/cert/catpdf.org/privkey.pem;
  17. ssl_protocols TLSv1.2 TLSv1.3;
  18. ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';
  19. ssl_prefer_server_ciphers on;
  20. ssl_session_cache shared:SSL:10m;
  21. ssl_session_timeout 1h;
  22. ssl_early_data on;
  23. ssl_stapling on;
  24. ssl_stapling_verify on;
  25.  
  26. # HTTP重定向至HTTPS
  27. if ($server_port !~ 443) {
  28. return 301 https://$host$request_uri;
  29. }
  30.  
  31. # Proxy headers
  32. proxy_set_header Host $host;
  33. proxy_set_header X-Real-IP $remote_addr;
  34. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  35. proxy_set_header Upgrade $http_upgrade;
  36. proxy_set_header Connection "Upgrade";
  37. proxy_buffering off;
  38. proxy_http_version 1.1;
  39. proxy_read_timeout 600s;
  40.  
  41. # HTTP/3 headers
  42. add_header Alt-Svc 'h3=":443"; ma=2592000';
  43. add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload";
  44.  
  45. # Error pages
  46. error_page 497 https://$host$request_uri;
  47.  
  48. # PHP 配置
  49. include enable-php-00.conf;
  50.  
  51. # Rewrite rules
  52. include /www/server/panel/vhost/rewrite/catpdf.org.conf;
  53.  
  54. # 禁止访问的文件或目录
  55. location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md) {
  56. return 404;
  57. }
  58.  
  59. # 一键申请SSL证书验证目录相关设置
  60. location ~ \.well-known {
  61. allow all;
  62. }
  63.  
  64. # Static file handling
  65. location ~* \.(gif|jpg|jpeg|png|bmp|swf)$ {
  66. expires 30d;
  67. access_log off;
  68. }
  69.  
  70. location ~* \.(js|css)?$ {
  71. expires 12h;
  72. access_log off;
  73. }
  74.  
  75. # Logging
  76. access_log /www/wwwlogs/catpdf.org.log;
  77. error_log /www/wwwlogs/catpdf.org.error.log;
  78. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!