h4x3r

domain.com.nginx

Dec 25th, 2017
53
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. server {
  2.     listen       8080;
  3.     server_name  domain.com www.domain.com v1.domain.com v2.domain.com v3.domain.com v4.domain.com v5.domain.com;
  4.     return 301 https://domain.com$request_uri;
  5.     rewrite ^(.*) https://domain.com$1 permanent;
  6.     port_in_redirect off;
  7.     autoindex on;
  8.     #charset koi8-r;
  9.     #access_log  /var/log/nginx/host.access.log  main;
  10.     error_log               /home/nginx/domain.com/log/error.log      error;
  11.     #root   /usr/share/nginx/html;
  12.     root   /home/nginx/domain.com/public_html;
  13.     location / {
  14.         #root   /usr/share/nginx/html;
  15.         #index  index.html index.htm;
  16.     try_files $uri $uri/ /index.php?$args;
  17.     }
  18.  
  19.     #error_page  404              /404.html;
  20.  
  21.     # redirect server error pages to the static page /50x.html
  22.     #
  23.     error_page   500 502 503 504  /50x.html;
  24.     location = /50x.html {
  25.         root   /usr/share/nginx/html;
  26.     }
  27.  
  28.     include /etc/nginx/conf.d/php.conf;  
  29.     include /etc/nginx/conf.d/staticfiles.conf;
  30.     include /etc/nginx/conf.d/block.conf;
  31.     include /home/nginx/domain.com/public_html/nginx.conf;
  32.    
  33. rewrite ^/(.*)-([0-9]+)x([0-9]+)?\.((?i)jpeg|jpg|png|gif) /wp-content/plugins/wp-performance-pack/serve-dynamic-images.php break;  
  34. set $cache_uri $request_uri;
  35.  
  36. # POST requests and urls with a query string should always go to PHP
  37. if ($request_method = POST) {
  38.         set $cache_uri 'null cache';
  39. }
  40. if ($query_string != "") {
  41.         set $cache_uri 'null cache';
  42. }  
  43.  
  44. # Don't cache uris containing the following segments
  45. if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
  46.         set $cache_uri 'null cache';
  47. }  
  48.  
  49. # Don't use the cache for logged in users or recent commenters
  50. if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") {
  51.         set $cache_uri 'null cache';
  52. }
  53. }
  54.  
  55.  
  56. server {
  57. listen 8443 ssl http2;
  58. server_name domain.com www.domain.com v1.domain.com v2.domain.com v3.domain.com v4.domain.com v5.domain.com;
  59. keepalive_timeout 30;
  60.  
  61. ssl on;
  62. ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
  63. ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
  64. ssl_session_timeout 5m;
  65. ssl_session_cache shared:SSL:10m;
  66. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  67. ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
  68. ssl_prefer_server_ciphers on;
  69. add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
  70. ssl_stapling on;
  71. root /home/nginx/domain.com/public_html;
  72.  
  73.  
  74. location / {
  75. index index.php index.html index.htm;
  76. try_files $uri $uri/ /index.php?$uri&$args;
  77.             proxy_pass http://127.0.0.1:80;
  78.             proxy_set_header X-Real-IP  $remote_addr;
  79.             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  80.             proxy_set_header X-Forwarded-Proto https;
  81.             proxy_set_header X-Forwarded-Port 443;
  82.             proxy_set_header Host $host;
  83.  
  84. access_log off;
  85. # access_log /home/nginx/domain.com/logs/access.log;
  86. error_log off;
  87. # error_log /home/nginx/domain.com/log/error.log;
  88. root /home/nginx/domain.com/public_html;
  89. index index.php index.html index.htm;
  90.  
  91. location / {
  92. try_files $uri $uri/ /index.php?$args;
  93. }
  94.  
  95. location ~* \.php$ {
  96.     fastcgi_index   index.php;
  97.     fastcgi_pass    127.0.0.1:9000;
  98.     #fastcgi_pass   unix:/var/run/php-fpm/php-fpm.sock;
  99.     include         fastcgi_params;
  100.     fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
  101.     fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;
  102.  
  103.     # Thiết lập timeout cho proxy
  104. #    fastcgi_connect_timeout 60;
  105. #    fastcgi_send_timeout 180;
  106. #    fastcgi_read_timeout 180;
  107. #    fastcgi_buffer_size 512k;
  108. #    fastcgi_buffers 512 16k;
  109. #    fastcgi_busy_buffers_size 512k;
  110. #    fastcgi_temp_file_write_size 512k;
  111. #    fastcgi_intercept_errors on;
  112. }
  113.  
  114. #location ~ \.php$ {
  115. #fastcgi_split_path_info ^(.+\.php)(/.+)$;
  116. #include /etc/nginx/fastcgi_params;
  117. #fastcgi_pass 127.0.0.1:9000;
  118. #fastcgi_index index.php;
  119. #fastcgi_connect_timeout 300;
  120. #fastcgi_send_timeout 300;
  121. #fastcgi_read_timeout 300;
  122. #fastcgi_buffer_size 32k;
  123. #fastcgi_buffers 8 16k;
  124. #fastcgi_busy_buffers_size 32k;
  125. #fastcgi_temp_file_write_size 32k;
  126. #fastcgi_intercept_errors on;
  127. #fastcgi_param SCRIPT_FILENAME /home/nginx/domain.com/public_html$fastcgi_script_name;
  128. #}
  129. location ~ /\. {
  130. deny all;
  131. }
  132. location = /favicon.ico {
  133. log_not_found off;
  134. access_log off;
  135. }
  136. location = /robots.txt {
  137. allow all;
  138. log_not_found off;
  139. access_log off;
  140. }
  141. location ~* \.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|eot|svg|ttf|woff)$ {
  142. gzip_static off;
  143. add_header Pragma public;
  144. add_header Cache-Control "public, must-revalidate, proxy-revalidate";
  145. access_log off;
  146. expires 30d;
  147. break;
  148. }
  149.  
  150. location ~* \.(txt|js|css)$ {
  151. add_header Pragma public;
  152. add_header Cache-Control "public, must-revalidate, proxy-revalidate";
  153. access_log off;
  154. expires 30d;
  155. break;
  156. }
  157. }
  158. }
RAW Paste Data