Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- upstream example {
- server 127.0.0.1:3000;
- server IP_FRONT2:3000 backup;
- }
- map $http_upgrade $connection_upgrade {
- default upgrade;
- '' close;
- }
- server {
- listen 80 default ;
- return 301 https://example.org$request_uri;
- server_name example.org;
- # HEADERS
- add_header X-Frame-Options SAMEORIGIN;
- add_header X-Content-Type-Options nosniff;
- add_header X-XSS-Protection "1; mode=block";
- include /etc/nginx/includes/error_pages.conf;
- gzip on;
- location /RequestDenied {
- return 418;
- }
- location / {
- proxy_pass http://example;
- proxy_redirect off;
- proxy_set_header Host $http_host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- }
- }
- server {
- listen 443 ssl http2 default;
- server_name example.org;
- ## Strong SSL Security
- include /etc/nginx/includes/ssl.conf;
- ssl_certificate /etc/nginx/ssl/mi.argentina.crt;
- ssl_certificate_key /etc/nginx/ssl/mi.argentina.key;
- ssl_client_certificate /etc/nginx/ssl/ca.crt;
- # HEADERS
- add_header X-Frame-Options SAMEORIGIN;
- add_header X-Content-Type-Options nosniff;
- add_header X-XSS-Protection "1; mode=block";
- include /etc/nginx/includes/error_pages.conf;
- location /RequestDenied {
- return 418;
- }
- access_log /var/log/nginx/access.log;
- error_log /var/log/nginx/error.log;
- location ~ (.htaccess|.htpasswd)$ {
- log_not_found off;
- access_log off;
- return 404;
- }
- location / {
- proxy_pass http://example;
- proxy_redirect off;
- proxy_set_header Host $http_host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- }
- }
Add Comment
Please, Sign In to add comment