# Default server configuration##thijs365.comserver { server_name thi

1. # Default server configuration
2. #
3.  
4. #thijs365.com
5. server {
6.  
7. server_name thijs365.com www.thijs365.com;
8. #listen 80 default_server;
9. #listen [::]:80 default_server;
10.  
11.  
12.  
13. #NOT restrict the maximum file size to something small
14. client_max_body_size 100M;
15.  
16. #if ($host != "thijs365.com") {
17. # return 444;
18. #}
19. # SSL configuration
20.  
21. listen 443 ssl default_server http2;
22. listen [::]:443 ssl default_server http2;
23. include /etc/nginx/certs/ssl.conf;
24. #listen [::]:443 ssl default_server;
25.  
26. #Note: You should disable gzip for SSL traffic.
27. #See: https://bugs.debian.org/773332
28.  
29. #Read up on ssl_ciphers to ensure a secure configuration.
30. #See: https://bugs.debian.org/765782
31.  
32. # Self signed certs generated by the ssl-cert package
33. # Don't use them in a production server!
34.  
35. #include snippets/snakeoil.conf;
36.  
37. root /var/www/thijs365.com;
38.  
39. # Add index.php to the list if you are using PHP
40. index index.html index.htm index.php;
41.  
42. error_page 404 /errors/404.html;
43. error_page 403 /errors/403.html;
44.  
45. location / {
46. # First attempt to serve request as file, then
47. # as directory, then fall back to displaying a 404.
48. try_files $uri $uri/ =404;
49. #allow 192.186.0.0;
50. #allow 127.0.0.1;
51. #deny all;
52. keepalive_timeout 0;
53. }
54. #WebDAV config
55. #location /files {
56. # root /var/dav;
57. # client_body_temp_path /var/dav/temp;
58. # dav_methods PUT DELETE MKCOL COPY MOVE;
59. # dav_ext_methods PROPFIND OPTIONS;
60. # create_full_put_path on;
61. # dav_access user:rw group:rw all:rw;
62. # autoindex on;
63. # auth_basic "restricted";
64. # auth_basic_user_file /etc/nginx/authfiles/webdavpasswd;
65.  
66. #}
67. #Webdav was a fucking disaster, just use VPN + SFTP or Guacamole SFTP
68. location ~ /\. {
69. access_log off;
70. log_not_found off;
71. deny all;
72. }
73. location ~ ~$ {
74. access_log off;
75. log_not_found off;
76. deny all;
77. }
78. location /notyourstuff/fuckoff/{
79. auth_basic "Admin Login";
80. auth_basic_user_file /etc/nginx/authfiles/pma_pass;
81. }
82. location /test/ {
83. # auth_basic "This directory is for testing purposes.";
84. # auth_basic_user_file /etc/nginx/authfiles/testpass;
85. index index.html index.php index.asp index.aspx home.html;
86. }
87.  
88. include /etc/nginx/php.conf;
89.  
90. location /notyourstuff/fuckoff {
91. index index.php;
92. }
93. # deny access to .htaccess files, if Apache's document root
94. # concurs with nginx's one
95. #
96. #location ~ /\.ht {
97. # deny all;
98. #}
99.  
100. }
101.  
102. server {
103. listen 80 default_server;
104. listen [::]:80 default_server;
105. server_name thijs365.com www.thijs365.com;
106. #if ($host != "thijs365.com") {
107. # return 444;
108. #}
109.  
110. return 301 https://$server_name$request_uri;
111. }
112. # Virtual Host configuration for example.com
113. #
114. # You can move that to a different file under sites-available/ and symlink that
115. # to sites-enabled/ to enable it.
116. #
117. #server {
118. # listen 80;
119. # listen [::]:80;
120. #
121. # server_name example.com;
122. #
123. # root /var/www/example.com;
124. # index index.html;
125. #
126. # location / {
127. # try_files $uri $uri/ =404;
128. # }
129. #}