API tools faq
paste
Advertisement
steven_zhu_25

LEC "Nginx redirects to default site after using certbot"

steven_zhu_25
Aug 30th, 2019
214
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.62 KB | None | 0 0
raw download clone embed print report
  1.  
  2.  
  3. server {
  4. server_name oslopeace19.no www.oslopeace19.no;
  5.  
  6. #Logger
  7. access_log /var/log/nginx/oslopeace19;
  8. error_log /var/log/nginx/error_oslopeace19;
  9. #Sikkerhet
  10. add_header X-Content-Type-Options nosniff;
  11. add_header X-Frame-Options SAMEORIGIN;
  12. add_header X-XSS-Protection "1; mode=block";
  13. add_header Content-Security-Policy "frame-ancestors 'self'";
  14. server_tokens off;
  15. index index.php;
  16.  
  17. ## Begin - Server Info
  18. root /var/www/oslopeace19;
  19.  
  20. ## End - Server Info
  21.  
  22. ## Begin - Index
  23. # for subfolders, simply adjust the rewrite:
  24. # to use `/subfolder/index.php`
  25. location / {
  26. try_files $uri $uri/ /index.php?$query_string;
  27. }
  28. ## End - Index
  29. location = /.user.ini { deny all; }
  30.  
  31.  
  32.  
  33.  
  34. ## Begin - PHP
  35. location ~ \.php$ {
  36. # Choose either a socket or TCP/IP address
  37. fastcgi_pass unix:/run/php/php7.2-fpm.sock;
  38. # fastcgi_pass 127.0.0.1:9000;
  39.  
  40. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  41. fastcgi_index index.php;
  42. include fastcgi_params;
  43. fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
  44. }
  45. ## End - PHP
  46.  
  47. ## Begin - Security
  48. # deny all direct access for these folders
  49. location ~* /(.git|cache|bin|logs|backups)/.*$ { return 403; }
  50. # deny running scripts inside core system folders
  51. location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
  52. # deny running scripts inside user folder
  53. location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
  54. # deny access to specific files in the root folder
  55. location ~ /(LICENSE|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess) { return 403; }
  56. ## End - Security
  57.  
  58.  
  59.  
  60. listen [::]:443 ssl; # managed by Certbot
  61. listen 443 ssl; # managed by Certbot
  62. ssl_certificate /etc/letsencrypt/live/oslopeace19.no/fullchain.pem; # managed by Certbot
  63. ssl_certificate_key /etc/letsencrypt/live/oslopeace19.no/privkey.pem; # managed by Certbot
  64. include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
  65. ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
  66. }
  67. server {
  68. if ($host = oslopeace19.no) {
  69. return 301 https://$host$request_uri;
  70. } # managed by Certbot
  71.  
  72.  
  73. if ($host = www.oslopeace19.no) {
  74. return 301 https://$host$request_uri;
  75. } # managed by Certbot
  76.  
  77.  
  78.  
  79. listen 80;
  80. listen [::]:80;
  81. root /var/www/oslopeace19;
  82.  
  83. server_name oslopeace19.no www.oslopeace19.no;
  84. return 404; # managed by Certbot
  85.  
  86.  
  87.  
  88.  
  89. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!