virtualserver-nginx.conf

1. server {
2. listen 8080 default_server;
3. root /home/yourdomain/magento;
4. #set $/home/yourdomain/magento /path/to/your/website;
5. index index.php index.html index.htm;
6.  
7. server_name yourdomain.com www.yourdomain.com;
8.  
9. location / {
10. try_files $uri $uri/ /index.php;
11. }
12.  
13.  
14.  
15. location ~ \.php$ {
16. try_files $uri =404;
17. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
18. include fastcgi_params;
19. fastcgi_pass unix:/var/run/php5-fpm.sock;
20. }
21. #phpMyadmin
22. location /phpmyadmin {
23. root /usr/share/;
24. index index.php index.html index.htm;
25. location ~ ^/phpmyadmin/(.+\.php)$ {
26. try_files $uri =404;
27. root /usr/share/;
28. fastcgi_pass unix:/var/run/php5-fpm.sock;
29. fastcgi_index index.php;
30. fastcgi_param SCRIPT_FILENAME $request_filename;
31. include /etc/nginx/fastcgi_params;
32. fastcgi_param PATH_INFO $fastcgi_script_name;
33. fastcgi_buffer_size 128k;
34. fastcgi_buffers 256 4k;
35. fastcgi_busy_buffers_size 256k;
36. fastcgi_temp_file_write_size 256k;
37. fastcgi_intercept_errors on;
38. }
39. location ~ ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
40. root /usr/share/;
41. }
42. }
43.  
44. #Add Stuff Here
45.  
46. # PHP entry point for setup application
47. location ~* ^/setup($|/) {
48. root /home/yourdomain.com;
49. location ~ ^/setup/index.php {
50. fastcgi_pass unix:/var/run/php5-fpm.sock;
51. fastcgi_index index.php;
52. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
53. include fastcgi_params;
54. }
55.  
56. location ~ ^/setup/(?!pub/). {
57. deny all;
58. }
59.  
60. location ~ ^/setup/pub/ {
61. add_header X-Frame-Options "SAMEORIGIN";
62. }
63. }
64.  
65. # PHP entry point for update application
66. location ~* ^/update($|/) {
67. root /home/yourdomain.com;
68.  
69. location ~ ^/update/index.php {
70. fastcgi_split_path_info ^(/update/index.php)(/.+)$;
71. fastcgi_pass unix:/var/run/php5-fpm.sock;
72. fastcgi_index index.php;
73. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
74. fastcgi_param PATH_INFO $fastcgi_path_info;
75. include fastcgi_params;
76. }
77.  
78. # Deny everything but index.php
79. location ~ ^/update/(?!pub/). {
80. deny all;
81. }
82.  
83. location ~ ^/update/pub/ {
84. add_header X-Frame-Options "SAMEORIGIN";
85. }
86. }
87.  
88. location /pub/ {
89. location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
90. deny all;
91. }
92. alias /home/yourdomain.com/pub/;
93. add_header X-Frame-Options "SAMEORIGIN";
94. }
95.  
96. location /static/ {
97. # Uncomment the following line in production mode
98. # expires max;
99.  
100. # Remove signature of the static files that is used to overcome the browser cache
101. location ~ ^/static/version {
102. rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
103. }
104.  
105. location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
106. add_header Cache-Control "public";
107. add_header X-Frame-Options "SAMEORIGIN";
108. expires +1y;
109.  
110. if (!-f $request_filename) {
111. rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
112. }
113. }
114. location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
115. add_header Cache-Control "no-store";
116. add_header X-Frame-Options "SAMEORIGIN";
117. expires off;
118.  
119. if (!-f $request_filename) {
120. rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
121. }
122. }
123. if (!-f $request_filename) {
124. rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
125. }
126. add_header X-Frame-Options "SAMEORIGIN";
127. }
128.  
129. location /media/ {
130. try_files $uri $uri/ /get.php?$args;
131.  
132. location ~ ^/media/theme_customization/.*\.xml {
133. deny all;
134. }
135.  
136. location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
137. add_header Cache-Control "public";
138. add_header X-Frame-Options "SAMEORIGIN";
139. expires +1y;
140. try_files $uri $uri/ /get.php?$args;
141. }
142. location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
143. add_header Cache-Control "no-store";
144. add_header X-Frame-Options "SAMEORIGIN";
145. expires off;
146. try_files $uri $uri/ /get.php?$args;
147. }
148. add_header X-Frame-Options "SAMEORIGIN";
149. }
150.  
151. location /media/customer/ {
152. deny all;
153. }
154.  
155. location /media/downloadable/ {
156. deny all;
157. }
158.  
159. location /media/import/ {
160. deny all;
161. }
162.  
163. # PHP entry point for main application
164. location ~ (index|get|static|report|404|503)\.php$ {
165. try_files $uri =404;
166. fastcgi_pass unix:/var/run/php5-fpm.sock;
167. fastcgi_buffers 1024 4k;
168.  
169. fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
170. fastcgi_param PHP_VALUE "memory_limit=768M \n max_execution_time=600";
171. fastcgi_read_timeout 600s;
172. fastcgi_connect_timeout 600s;
173.  
174. fastcgi_index index.php;
175. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
176. include fastcgi_params;
177. }
178.  
179. gzip on;
180. gzip_disable "msie6";
181.  
182. gzip_comp_level 6;
183. gzip_min_length 1100;
184. gzip_buffers 16 8k;
185. gzip_proxied any;
186. gzip_types
187. text/plain
188. text/css
189. text/js
190. text/xml
191. text/javascript
192. application/javascript
193. application/x-javascript
194. application/json
195. application/xml
196. application/xml+rss
197. image/svg+xml;
198. gzip_vary on;
199.  
200. # Banned locations (only reached if the earlier PHP entry point regexes don't match)
201. location ~* (\.php$|\.htaccess$|\.git) {
202. deny all;
203. }
204. }