dzatona

Untitled

Jan 21st, 2020
672
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. upstream backend-DOMAINTLD {server unix:/var/run/php7-DOMAINTLD.sock;}
  2.  
  3. server {
  4.     listen 80;
  5.     listen [::]:80;
  6.     server_name domain.tld www.domain.tld;
  7.     rewrite ^(.*)$ https://domain.tld$1 permanent;
  8. }
  9.  
  10. server {
  11.     listen 443 ssl http2;
  12.     listen [::]:443 ssl http2;
  13.     server_name domain.tld;
  14.     add_header Strict-Transport-Security "max-age=63072000";
  15.     add_header X-Frame-Options DENY;
  16.     ssl on;
  17.     ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem;
  18.     ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem;
  19.     ssl_stapling on;
  20.     ssl_stapling_verify on;
  21.     ssl_trusted_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem;
  22.     resolver 8.8.8.8 8.8.4.4 valid=300s;
  23.     resolver_timeout 3s;
  24.     ssl_session_cache shared:SSL:100m;
  25.     ssl_session_timeout 24h;
  26.     ssl_dhparam /etc/ssl/private/dhparams_2048.pem;
  27.     ssl_ecdh_curve secp384r1;
  28.     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  29.     ssl_prefer_server_ciphers on;
  30.     ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES1$'
  31.  
  32.     root                /var/www/domain.tld/public;
  33.     access_log          /var/log/nginx/domaintld-access.log;
  34.     error_log           /var/log/nginx/domaintld-error.log;
  35.     index               index.php index.html;
  36.     rewrite_log         on;
  37.  
  38.     location / {
  39.         try_files       $uri $uri/ @rewrite;
  40.     }
  41.  
  42.     location @rewrite {
  43.         rewrite         ^/(.*)$ /index.php?q=$1;
  44.     }
  45.  
  46.     location ~ \.php$ {
  47.         include         fastcgi_params;
  48.         fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
  49.         fastcgi_pass    backend-DOMAINTLD;
  50.     }
  51.  
  52.     location ~* ^.+\.(jpg|jpeg|gif|css|png|js|ico|bmp)$ {
  53.        access_log       off;
  54.        expires          10d;
  55.        break;
  56.     }
  57.  
  58.     location ~ /\.ht {
  59.         deny            all;
  60.     }
  61.  
  62. }
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×