location ^~ __PATH__ { if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; } alias __FINALPATH__/; try_files $uri $uri/ /index.php?$query_string; index __LOCATION_HACK__/index.php; # Bug in Nginx with locations and aliases (see http://stackoverflow.com/a/35102259 ) location __LOCATION_HACK__/ { try_files $uri $uri/ __PATH_HACK__/index.php?$query_string; } location __LOCATION_HACK__/api { try_files $uri $uri/ __PATH_HACK__/api.php?$query_string; } location __LOCATION_HACK__/admin { try_files $uri $uri/ __PATH_HACK__/admin.php?$query_string; } location __LOCATION_HACK__/flarum/ { deny all; return 404; } location ~* \.php$ { fastcgi_split_path_info ^(.+.php)(/.+)$; fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_param HTTP_PROXY ""; # Fix for https://httpoxy.org/ vulnerability fastcgi_index index.php; fastcgi_read_timeout 600; } location ~* \.html$ { expires -1; } location ~* \.(css|js|gif|jpe?g|png)$ { expires 1M; add_header Pragma public; add_header Cache-Control "public, must-revalidate, proxy-revalidate"; } gzip on; gzip_http_version 1.1; gzip_vary on; gzip_comp_level 6; gzip_proxied any; gzip_types application/atom+xml application/javascript application/json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/svg+xml image/x-icon text/css text/plain text/xml; gzip_buffers 16 8k; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; # Include SSOWAT user panel. # include conf.d/yunohost_panel.conf.inc; }