Guest User

lytrips.blog.conf

a guest
Jan 22nd, 2018
84
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. server {
  2. listen 443 ssl http2;
  3. server_name www.lytrips.blog;
  4.  
  5. # SSL
  6. ssl_certificate /etc/letsencrypt/live/lytrips.blog/fullchain.pem;
  7. ssl_certificate_key /etc/letsencrypt/live/lytrips.blog/privkey.pem;
  8. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  9. ssl_prefer_server_ciphers on;
  10. ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
  11. rewrite ^(.*) https://lytrips.blog$1 permanent;
  12. }
  13.  
  14. server {
  15. listen 127.0.0.1:8080;
  16.  
  17. server_name lytrips.blog www.lytrips.blog;
  18. rewrite ^(.*) https://lytrips.blog$1 permanent;
  19. }
  20.  
  21. server {
  22. listen 443 ssl http2;
  23.  
  24. # access_log off;
  25. access_log /home/lytrips.blog/logs/access.log;
  26. # error_log off;
  27. error_log /home/lytrips.blog/logs/error.log;
  28.  
  29. root /home/lytrips.blog/public_html;
  30. index index.php index.html index.htm;
  31. server_name lytrips.blog;
  32.  
  33. location / {
  34. proxy_pass http://127.0.0.1:80;
  35. proxy_set_header X-Real-IP $remote_addr;
  36. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  37. proxy_set_header X-Forwarded-Proto https;
  38. proxy_set_header X-Forwarded-Port 443;
  39. proxy_set_header Host $host;
  40. }
  41.  
  42. # SSL
  43. ssl_certificate /etc/letsencrypt/live/lytrips.blog/fullchain.pem;
  44. ssl_certificate_key /etc/letsencrypt/live/lytrips.blog/privkey.pem;
  45. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  46. ssl_prefer_server_ciphers on;
  47. ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
  48.  
  49. # Improve HTTPS performance with session resumption
  50. ssl_session_cache shared:SSL:50m;
  51. ssl_session_timeout 1d;
  52.  
  53. # DH parameters
  54. ssl_dhparam /etc/nginx/ssl/dhparam.pem;
  55. # Enable HSTS
  56. add_header Strict-Transport-Security "max-age=31536000" always;
  57.  
  58.  
  59. # Custom configuration
  60. include /home/lytrips.blog/public_html/*.conf;
  61.  
  62. location ~ \.php$ {
  63. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  64. include /etc/nginx/fastcgi_params;
  65. fastcgi_pass 127.0.0.1:9000;
  66. fastcgi_index index.php;
  67. fastcgi_connect_timeout 1000;
  68. fastcgi_send_timeout 1000;
  69. fastcgi_read_timeout 1000;
  70. fastcgi_buffer_size 256k;
  71. fastcgi_buffers 4 256k;
  72. fastcgi_busy_buffers_size 256k;
  73. fastcgi_temp_file_write_size 256k;
  74. fastcgi_intercept_errors on;
  75. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  76. }
  77.  
  78. location /nginx_status {
  79. stub_status on;
  80. access_log off;
  81. allow 127.0.0.1;
  82. allow 198.13.53.38;
  83. deny all;
  84. }
  85.  
  86. location /php_status {
  87. fastcgi_pass 127.0.0.1:9000;
  88. fastcgi_index index.php;
  89. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  90. include /etc/nginx/fastcgi_params;
  91. allow 127.0.0.1;
  92. allow 198.13.53.38;
  93. deny all;
  94. }
  95.  
  96. # Disable .htaccess and other hidden files
  97. location ~ /\.(?!well-known).* {
  98. deny all;
  99. access_log off;
  100. log_not_found off;
  101. }
  102.  
  103. location = /favicon.ico {
  104. log_not_found off;
  105. access_log off;
  106. }
  107.  
  108. location = /robots.txt {
  109. allow all;
  110. log_not_found off;
  111. access_log off;
  112. }
  113.  
  114. location ~* \.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|eot|svg|ttf|woff)$ {
  115. gzip_static off;
  116. add_header Pragma public;
  117. add_header Cache-Control "public, must-revalidate, proxy-revalidate";
  118. access_log off;
  119. expires 30d;
  120. break;
  121. }
  122.  
  123. location ~* \.(txt|js|css)$ {
  124. add_header Pragma public;
  125. add_header Cache-Control "public, must-revalidate, proxy-revalidate";
  126. access_log off;
  127. expires 30d;
  128. break;
  129. }
  130. }
  131.  
  132. server {
  133. listen 2313;
  134.  
  135. access_log off;
  136. log_not_found off;
  137. error_log /home/lytrips.blog/logs/nginx_error.log;
  138.  
  139. root /home/lytrips.blog/private_html;
  140. index index.php index.html index.htm;
  141. server_name lytrips.blog;
  142.  
  143. auth_basic "Restricted";
  144. auth_basic_user_file /home/lytrips.blog/private_html/hocvps/.htpasswd;
  145.  
  146. location / {
  147. autoindex on;
  148. try_files $uri $uri/ /index.php;
  149. }
  150.  
  151. location ~ \.php$ {
  152. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  153. include /etc/nginx/fastcgi_params;
  154. fastcgi_pass 127.0.0.1:9000;
  155. fastcgi_index index.php;
  156. fastcgi_connect_timeout 1000;
  157. fastcgi_send_timeout 1000;
  158. fastcgi_read_timeout 1000;
  159. fastcgi_buffer_size 256k;
  160. fastcgi_buffers 4 256k;
  161. fastcgi_busy_buffers_size 256k;
  162. fastcgi_temp_file_write_size 256k;
  163. fastcgi_intercept_errors on;
  164. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  165. }
  166.  
  167. location ~ /\. {
  168. deny all;
  169. }
  170. }
RAW Paste Data