SHARE
TWEET

lytrips.blog.conf

a guest Jan 22nd, 2018 72 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. server {
  2.         listen   443 ssl http2;
  3.         server_name www.lytrips.blog;
  4.  
  5.         # SSL
  6.         ssl_certificate /etc/letsencrypt/live/lytrips.blog/fullchain.pem;
  7.         ssl_certificate_key /etc/letsencrypt/live/lytrips.blog/privkey.pem;
  8.         ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  9.         ssl_prefer_server_ciphers on;
  10.         ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
  11.         rewrite ^(.*) https://lytrips.blog$1 permanent;
  12. }
  13.  
  14. server {
  15.         listen 127.0.0.1:8080;
  16.  
  17.         server_name lytrips.blog www.lytrips.blog;
  18.         rewrite ^(.*) https://lytrips.blog$1 permanent;
  19. }
  20.  
  21. server {
  22.         listen 443 ssl http2;
  23.  
  24.         # access_log off;
  25.         access_log /home/lytrips.blog/logs/access.log;
  26.         # error_log off;
  27.         error_log /home/lytrips.blog/logs/error.log;
  28.  
  29.         root /home/lytrips.blog/public_html;
  30.         index index.php index.html index.htm;
  31.         server_name lytrips.blog;
  32.  
  33.         location / {
  34.             proxy_pass http://127.0.0.1:80;
  35.             proxy_set_header X-Real-IP  $remote_addr;
  36.             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  37.             proxy_set_header X-Forwarded-Proto https;
  38.             proxy_set_header X-Forwarded-Port 443;
  39.             proxy_set_header Host $host;
  40.         }
  41.  
  42.         # SSL
  43.         ssl_certificate /etc/letsencrypt/live/lytrips.blog/fullchain.pem;
  44.         ssl_certificate_key /etc/letsencrypt/live/lytrips.blog/privkey.pem;
  45.         ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  46.         ssl_prefer_server_ciphers on;
  47.         ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
  48.  
  49.         # Improve HTTPS performance with session resumption
  50.         ssl_session_cache shared:SSL:50m;
  51.         ssl_session_timeout 1d;
  52.  
  53.         # DH parameters
  54.         ssl_dhparam /etc/nginx/ssl/dhparam.pem;
  55.         # Enable HSTS
  56.         add_header Strict-Transport-Security "max-age=31536000" always;
  57.  
  58.  
  59.         # Custom configuration
  60.         include /home/lytrips.blog/public_html/*.conf;
  61.  
  62.         location ~ \.php$ {
  63.                 fastcgi_split_path_info ^(.+\.php)(/.+)$;
  64.                 include /etc/nginx/fastcgi_params;
  65.                 fastcgi_pass 127.0.0.1:9000;
  66.                 fastcgi_index index.php;
  67.                 fastcgi_connect_timeout 1000;
  68.                 fastcgi_send_timeout 1000;
  69.                 fastcgi_read_timeout 1000;
  70.                 fastcgi_buffer_size 256k;
  71.                 fastcgi_buffers 4 256k;
  72.                 fastcgi_busy_buffers_size 256k;
  73.                 fastcgi_temp_file_write_size 256k;
  74.                 fastcgi_intercept_errors on;
  75.                 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  76.         }
  77.  
  78.         location /nginx_status {
  79.                 stub_status on;
  80.                 access_log   off;
  81.                 allow 127.0.0.1;
  82.                 allow 198.13.53.38;
  83.                 deny all;
  84.         }
  85.  
  86.         location /php_status {
  87.                 fastcgi_pass 127.0.0.1:9000;
  88.                 fastcgi_index index.php;
  89.                 fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
  90.                 include /etc/nginx/fastcgi_params;
  91.                 allow 127.0.0.1;
  92.                 allow 198.13.53.38;
  93.                 deny all;
  94.         }
  95.  
  96.         # Disable .htaccess and other hidden files
  97.         location ~ /\.(?!well-known).* {
  98.                 deny all;
  99.                 access_log off;
  100.                 log_not_found off;
  101.         }
  102.  
  103.         location = /favicon.ico {
  104.                 log_not_found off;
  105.                 access_log off;
  106.         }
  107.  
  108.         location = /robots.txt {
  109.                 allow all;
  110.                 log_not_found off;
  111.                 access_log off;
  112.         }
  113.  
  114.         location ~* \.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|eot|svg|ttf|woff)$ {
  115.                 gzip_static off;
  116.                 add_header Pragma public;
  117.                 add_header Cache-Control "public, must-revalidate, proxy-revalidate";
  118.                 access_log off;
  119.                 expires 30d;
  120.                 break;
  121.         }
  122.  
  123.         location ~* \.(txt|js|css)$ {
  124.                 add_header Pragma public;
  125.                 add_header Cache-Control "public, must-revalidate, proxy-revalidate";
  126.                 access_log off;
  127.                 expires 30d;
  128.                 break;
  129.         }
  130. }
  131.  
  132. server {
  133.         listen 2313;
  134.  
  135.         access_log off;
  136.         log_not_found off;
  137.         error_log /home/lytrips.blog/logs/nginx_error.log;
  138.  
  139.         root /home/lytrips.blog/private_html;
  140.         index index.php index.html index.htm;
  141.         server_name lytrips.blog;
  142.  
  143.         auth_basic "Restricted";
  144.         auth_basic_user_file /home/lytrips.blog/private_html/hocvps/.htpasswd;
  145.  
  146.         location / {
  147.                 autoindex on;
  148.                 try_files $uri $uri/ /index.php;
  149.         }
  150.  
  151.         location ~ \.php$ {
  152.                 fastcgi_split_path_info ^(.+\.php)(/.+)$;
  153.                 include /etc/nginx/fastcgi_params;
  154.                 fastcgi_pass 127.0.0.1:9000;
  155.                 fastcgi_index index.php;
  156.                 fastcgi_connect_timeout 1000;
  157.                 fastcgi_send_timeout 1000;
  158.                 fastcgi_read_timeout 1000;
  159.                 fastcgi_buffer_size 256k;
  160.                 fastcgi_buffers 4 256k;
  161.                 fastcgi_busy_buffers_size 256k;
  162.                 fastcgi_temp_file_write_size 256k;
  163.                 fastcgi_intercept_errors on;
  164.                 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  165.         }
  166.  
  167.         location ~ /\. {
  168.                 deny all;
  169.         }
  170. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top