YunoHost-Apps/grav_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/grav_ynh.git synced 2024-09-03 19:16:01 +02:00
Code Issues Activity Actions 1
grav_ynh/conf/nginx.conf
magikcypress d7cb0afa15 Update package README nginx.conf et manifest
2017-03-02 15:49:44 +01:00

59 lines
2.2 KiB
Nginx Configuration File
Raw Blame History

#--MULTISITE--if (!-e $request_filename) {
#--MULTISITE--rewrite /admin$ $scheme://$host$uri/ permanent;
#--MULTISITE--rewrite ^__PATHTOCHANGE__(/[^/]+)?(/.*\.php)$ __PATHTOCHANGE__$2 last;
#--MULTISITE--}
location __PATHTOCHANGE__ {
alias __FINALPATH__/;
index index.php;
if (!-e $request_filename)
{
rewrite ^(.+)$ __PATHTOCHANGE__/index.php?q=$1 last;
}
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
client_max_body_size 30m;
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
location ~* \.(jpg|jpeg|gif|css|png|js|ico|swf|mp3|pdf)$ {
# Le contenu statique, est signalé au navigateur comme étant
# à garder en cache une semaine. Si il y a un proxy sur la
# route, celui-ci est autorisé à faire une copie et à la
# cacher.
expires 1w;
add_header Cache-Control public;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-__NAMETOCHANGE__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
## Begin - Security
# deny all direct access for these folders
location ~* /(.git|cache|bin|logs|backups)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSE|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess) { return 403; }
## End - Security
#--PRIVATE--# Include SSOWAT user panel.
#--PRIVATE--include conf.d/yunohost_panel.conf.inc;
}
Reference in a new issue View git blame Copy permalink