server { listen 443 ssl http2; server_name www.chiasebanquyen.com; # SSL ssl_certificate /etc/letsencrypt/live/chiasebanquyen.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/chiasebanquyen.com/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; rewrite ^(.*) https://chiasebanquyen.com$1 permanent; } server { listen 80; server_name chiasebanquyen.com www.chiasebanquyen.com; # SSL ssl_certificate /etc/letsencrypt/live/chiasebanquyen.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/chiasebanquyen.com/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; # Improve HTTPS performance with session resumption ssl_session_cache shared:SSL:50m; ssl_session_timeout 1d; # DH parameters ssl_dhparam /etc/nginx/ssl/dhparam.pem; # Enable HSTS add_header Strict-Transport-Security "max-age=31536000" always; rewrite ^(.*) https://chiasebanquyen.com$1 permanent; } server { listen 443 ssl http2; # access_log off; access_log /home/chiasebanquyen.com/logs/access.log; # error_log off; error_log /home/chiasebanquyen.com/logs/error.log; root /home/chiasebanquyen.com/public_html; index index.php index.html index.htm; server_name chiasebanquyen.com; location / { try_files $uri $uri/ /index.php?$args; } # Custom configuration include /home/chiasebanquyen.com/public_html/*.conf; location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; include /etc/nginx/fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_connect_timeout 1000; fastcgi_send_timeout 1000; fastcgi_read_timeout 1000; fastcgi_buffer_size 256k; fastcgi_buffers 4 256k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors on; fastcgi_param SCRIPT_FILENAME /home/chiasebanquyen.com/public_html$fastcgi_script_name; } location /nginx_status { stub_status on; access_log off; allow 127.0.0.1; deny all; } location /php_status { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /home/chiasebanquyen.com/public_html$fastcgi_script_name; include /etc/nginx/fastcgi_params; allow 127.0.0.1; deny all; } location ~ /\. { deny all; } location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location ~* \.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|eot|svg|ttf|woff)$ { gzip_static off; add_header Pragma public; add_header Cache-Control "public, must-revalidate, proxy-revalidate"; access_log off; expires 30d; break; } location ~* \.(txt|js|css)$ { add_header Pragma public; add_header Cache-Control "public, must-revalidate, proxy-revalidate"; access_log off; expires 30d; break; } } server { listen 2313; access_log off; log_not_found off; error_log /home/chiasebanquyen.com/logs/nginx_error.log; root /home/chiasebanquyen.com/private_html; index index.php index.html index.htm; server_name chiasebanquyen.com; error_page 497 https://$host:2313$request_uri; # SSL ssl_certificate /etc/letsencrypt/live/chiasebanquyen.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/chiasebanquyen.com/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; auth_basic "Restricted"; auth_basic_user_file /home/chiasebanquyen.com/private_html/hocvps/.htpasswd; location / { try_files $uri $uri/ /index.php; } location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; include /etc/nginx/fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_connect_timeout 1000; fastcgi_send_timeout 1000; fastcgi_read_timeout 1000; fastcgi_buffer_size 256k; fastcgi_buffers 4 256k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors on; fastcgi_param SCRIPT_FILENAME /home/chiasebanquyen.com/private_html$fastcgi_script_name; } location ~ /\. { deny all; } }