server {
listen *:443 ssl http2;
server_name forums.newdarkrp.fr;
root /home/www/newdarkrp.fr/subdomains/forums;
index index.php;
#fastcgi_index index.php;
include /etc/nginx/includes/ssl/newdarkrp.fr.conf;
include /etc/nginx/includes/ssl_cloudflare.conf;
include /etc/nginx/conf.d/header.conf;
include /etc/nginx/includes/hhvm.conf;
include /etc/nginx/includes/error.conf;
include /etc/nginx/bots.d/blockbots.conf;
include fastcgi_params;
location / { try_files $uri $uri/ /index.php?$query_string; }
location /api { try_files $uri $uri/ /api.php?$query_string; }
location /admin { try_files $uri $uri/ /admin.php?$query_string; }
location ~* ^/(composer\.(json|lock)|config\.php|flarum|storage|vendor) {
deny all;
return 404;
}
location ~* \.php$ {
fastcgi_split_path_info ^(.+.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTP_PROXY ""; # Fix for https://httpoxy.org/ vulnerability
fastcgi_index index.php;
}
location ~* \.html$ {
expires -1;
}
location ~* \.(css|js|gif|jpe?g|png)$ {
expires 1M;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
gzip on;
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 6;
gzip_proxied any;
gzip_types application/atom+xml
application/javascript
application/json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
#text/html -- text/html is gzipped by default by nginx
text/plain
text/xml;
gzip_buffers 16 8k;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
error_log /root/error.log;
access_log off;
}