Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- worker_processes 1;
- events {
- worker_connections 1024;
- }
- http {
- include mime.types;
- default_type application/octet-stream;
- sendfile on;
- tcp_nopush on;
- tcp_nodelay on;
- keepalive_timeout 65;
- server_tokens off;
- gzip on;
- gzip_comp_level 5;
- gzip_min_length 256;
- gzip_proxied any;
- server {
- listen 80;
- server_name example.com 192.168.2.81;
- return 301 https://$server_name$request_uri;
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root html;
- }
- access_log /nginx/logs/example.com-http-access.log;
- error_log /nginx/logs/example.com-http-error.log;
- }
- server {
- listen 8443 ssl http2;
- listen 443 ssl http2;
- server_name example.com 192.168.2.81;
- include ssl.conf;
- include services.conf;
- include php.conf;
- ## Send header to tell the browser to prefer https to http traffic
- add_header Strict-Transport-Security max-age=31536000;
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root html;
- }
- access_log /nginx/logs/example.com-https-access.log;
- error_log /nginx/logs/example.com-https-error.log;
- }
- }
- # built using help and examples from https://www.redelijkheid.com/blog/2017/1/29/configure-nginx-as-a-secure-reverse-proxy and https://bjornjohansen.no/optimizing-https-nginx
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement