### You should look at the following URL's in order to grasp a solid understan

1. ##
2. # You should look at the following URL's in order to grasp a solid understanding
3. # of Nginx configuration files in order to fully unleash the power of Nginx.
4. # http://wiki.nginx.org/Pitfalls
5. # http://wiki.nginx.org/QuickStart
6. # http://wiki.nginx.org/Configuration
7. #
8. # Generally, you will want to move this file somewhere, and start with a clean
9. # file but keep this around for reference. Or just disable in sites-enabled.
10. #
11. # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
12. ##
13.  
14. # Default server configuration
15. #
16. server {
17. if ($host = www.example.com) {
18. return 301 https://$host$request_uri;
19. } # managed by Certbot
20.  
21.  
22. listen 80 default_server;
23. listen [::]:80 default_server;
24.  
25. # SSL configuration
26. #
27. # listen 443 ssl default_server;
28. # listen [::]:443 ssl default_server;
29. #
30. # Note: You should disable gzip for SSL traffic.
31. # See: https://bugs.debian.org/773332
32. #
33. # Read up on ssl_ciphers to ensure a secure configuration.
34. # See: https://bugs.debian.org/765782
35. #
36. # Self signed certs generated by the ssl-cert package
37. # Don't use them in a production server!
38. #
39. # include snippets/snakeoil.conf;
40.  
41. root /var/www/html;
42.  
43. # Add index.php to the list if you are using PHP
44. index index.php index.html index.htm index.nginx-debian.html;
45.  
46. server_name www.example.com;
47.  
48. location / {
49. # First attempt to serve request as file, then
50. # as directory, then fall back to displaying a 404.
51. # try_files $uri $uri/ =404;
52. try_files $uri $uri/ /index.php?q=$uri&$args;
53. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
54. }
55.  
56. error_page 404 /404.html;
57.  
58. error_page 500 502 503 504 /50x.html;
59. location = /50x.html {
60. root /usr/share/nginx/html;
61. }
62.  
63. location ~ \.php$ {
64. try_files $uri =404;
65. fastcgi_split_path_info ^(.+\.php)(/.+)$;
66. fastcgi_pass unix:/run/php/php7.0-fpm.sock;
67. fastcgi_index index.php;
68. include fastcgi_params;
69. fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
70. }
71.  
72.  
73. }
74.  
75.  
76. # Virtual Host configuration for example.com
77. #
78. # You can move that to a different file under sites-available/ and symlink that
79. # to sites-enabled/ to enable it.
80. #
81. #server {
82. # listen 80;
83. # listen [::]:80;
84. #
85. # server_name example.com;
86. #
87. # root /var/www/example.com;
88. # index index.html;
89. #
90. # location / {
91. # try_files $uri $uri/ =404;
92. # }
93. #}
94.  
95. server {
96.  
97. # SSL configuration
98. #
99. # listen 443 ssl default_server;
100. # listen [::]:443 ssl default_server;
101. #
102. # Note: You should disable gzip for SSL traffic.
103. # See: https://bugs.debian.org/773332
104. #
105. # Read up on ssl_ciphers to ensure a secure configuration.
106. # See: https://bugs.debian.org/765782
107. #
108. # Self signed certs generated by the ssl-cert package
109. # Don't use them in a production server!
110. #
111. # include snippets/snakeoil.conf;
112.  
113. root /var/www/html;
114.  
115. # Add index.php to the list if you are using PHP
116. index index.php index.html index.htm index.nginx-debian.html;
117. server_name www.example.com; # managed by Certbot
118.  
119.  
120. location / {
121. # First attempt to serve request as file, then
122. # as directory, then fall back to displaying a 404.
123. # try_files $uri $uri/ =404;
124. try_files $uri $uri/ /index.php?q=$uri&$args;
125. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
126. }
127.  
128. # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
129. #
130. #location ~ \.php$ {
131. # include snippets/fastcgi-php.conf;
132. #
133. # # With php7.0-cgi alone:
134. # fastcgi_pass 127.0.0.1:9000;
135. # # With php7.0-fpm:
136. # fastcgi_pass unix:/run/php/php7.0-fpm.sock;
137. #}
138.  
139. # deny access to .htaccess files, if Apache's document root
140. # concurs with nginx's one
141. #
142. #location ~ /\.ht {
143. # deny all;
144. #}
145. error_page 404 /404.html;
146.  
147. error_page 500 502 503 504 /50x.html;
148. location = /50x.html {
149. root /usr/share/nginx/html;
150. }
151.  
152. location ~ \.php$ {
153. try_files $uri =404;
154. fastcgi_split_path_info ^(.+\.php)(/.+)$;
155. fastcgi_pass unix:/run/php/php7.0-fpm.sock;
156. fastcgi_index index.php;
157. include fastcgi_params;
158. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
159. }
160.  
161.  
162. listen [::]:443 ssl ipv6only=on; # managed by Certbot
163. listen 443 ssl; # managed by Certbot
164. ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem; # managed by Certbot
165. ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem; # managed by Certbot
166. include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
167. ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
168.  
169.  
170.  
171. }
172. server {
173. if ($host = www.example.com) {
174. return 301 https://$host$request_uri;
175. } # managed by Certbot
176.  
177.  
178. listen 80 ;
179. listen [::]:80 ;
180. server_name www.example.com;
181. return 404; # managed by Certbot
182.  
183.  
184. }
185. server {
186.  
187. # SSL configuration
188. #
189. # listen 443 ssl default_server;
190. # listen [::]:443 ssl default_server;
191. #
192. # Note: You should disable gzip for SSL traffic.
193. # See: https://bugs.debian.org/773332
194. #
195. # Read up on ssl_ciphers to ensure a secure configuration.
196. # See: https://bugs.debian.org/765782
197. #
198. # Self signed certs generated by the ssl-cert package
199. # Don't use them in a production server!
200. #
201. # include snippets/snakeoil.conf;
202.  
203. root /var/www/html;
204.  
205. # Add index.php to the list if you are using PHP
206. index index.php index.html index.htm index.nginx-debian.html;
207. server_name example.com; # managed by Certbot
208.  
209.  
210. location / {
211. # First attempt to serve request as file, then
212. # as directory, then fall back to displaying a 404.
213. # try_files $uri $uri/ =404;
214. try_files $uri $uri/ /index.php?q=$uri&$args;
215. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
216. }
217.  
218. # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
219. #
220. #location ~ \.php$ {
221. # include snippets/fastcgi-php.conf;
222. #
223. # # With php7.0-cgi alone:
224. # fastcgi_pass 127.0.0.1:9000;
225. # # With php7.0-fpm:
226. # fastcgi_pass unix:/run/php/php7.0-fpm.sock;
227. #}
228.  
229. # deny access to .htaccess files, if Apache's document root
230. # concurs with nginx's one
231. #
232. #location ~ /\.ht {
233. # deny all;
234. #}
235. error_page 404 /404.html;
236.  
237. error_page 500 502 503 504 /50x.html;
238. location = /50x.html {
239. root /usr/share/nginx/html;
240. }
241.  
242. location ~ \.php$ {
243. try_files $uri =404;
244. fastcgi_split_path_info ^(.+\.php)(/.+)$;
245. fastcgi_pass unix:/run/php/php7.0-fpm.sock;
246. fastcgi_index index.php;
247. include fastcgi_params;
248. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
249. }
250.  
251.  
252. listen [::]:443 ssl; # managed by Certbot
253. listen 443 ssl; # managed by Certbot
254. ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
255. ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
256. include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
257. ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
258.  
259.  
260. }
261. server {
262. if ($host = example.com) {
263. return 301 https://$host$request_uri;
264. } # managed by Certbot
265.  
266.  
267. listen 80 ;
268. listen [::]:80 ;
269. server_name example.com;
270. return 404; # managed by Certbot
271. }