2020-10-14 04:28:54 +02:00
|
|
|
location __PATH__
|
2018-05-25 21:22:07 +02:00
|
|
|
{
|
2018-06-22 08:53:45 +02:00
|
|
|
alias __FINALPATH__/;
|
2018-05-25 21:22:07 +02:00
|
|
|
# Force https
|
2020-10-14 04:28:54 +02:00
|
|
|
if ($scheme = http)
|
|
|
|
|
2018-05-25 21:22:07 +02:00
|
|
|
{
|
|
|
|
rewrite ^ https://$server_name$request_uri? permanent;
|
|
|
|
}
|
2020-10-14 04:28:54 +02:00
|
|
|
|
|
|
|
if (!-e $request_filename)
|
|
|
|
|
2018-05-25 21:22:07 +02:00
|
|
|
{
|
|
|
|
rewrite ^(.*)$ /index.php?q=$1;
|
|
|
|
}
|
2020-10-14 04:28:54 +02:00
|
|
|
|
2018-06-22 08:53:45 +02:00
|
|
|
client_max_body_size 20m;
|
|
|
|
client_body_buffer_size 128k;
|
2020-10-14 04:28:54 +02:00
|
|
|
|
2018-06-22 08:53:45 +02:00
|
|
|
# Default indexes and catch-all
|
|
|
|
index index.php;
|
|
|
|
charset utf-8;
|
2020-10-14 04:28:54 +02:00
|
|
|
|
2015-08-23 17:33:13 +02:00
|
|
|
|
2018-06-22 08:53:45 +02:00
|
|
|
# Example PHP configuration
|
2020-10-14 04:28:54 +02:00
|
|
|
location ~* \.php$
|
2018-06-22 08:53:45 +02:00
|
|
|
{
|
|
|
|
try_files $uri =404;
|
2020-10-14 04:28:54 +02:00
|
|
|
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
|
2015-08-23 17:33:13 +02:00
|
|
|
fastcgi_index index.php;
|
|
|
|
include fastcgi_params;
|
2018-06-22 08:53:45 +02:00
|
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
|
|
}
|
2018-05-25 21:22:07 +02:00
|
|
|
|
2018-06-22 08:53:45 +02:00
|
|
|
# make sure webfinger and other well known services aren't blocked
|
|
|
|
# by denying dot files and rewrite request to the front controller
|
2020-10-14 04:28:54 +02:00
|
|
|
location ^~ /.well-known/
|
2018-06-22 08:53:45 +02:00
|
|
|
{
|
|
|
|
allow all;
|
2020-10-14 04:28:54 +02:00
|
|
|
if (!-e $request_filename)
|
2018-06-22 08:53:45 +02:00
|
|
|
{
|
|
|
|
rewrite ^(.*)$ /index.php?q=$1;
|
|
|
|
}
|
|
|
|
}
|
2018-04-30 20:24:17 +02:00
|
|
|
|
2018-06-22 08:53:45 +02:00
|
|
|
# statically serve these file types when possible
|
|
|
|
# otherwise fall back to front controller
|
|
|
|
# allow browser to cache them
|
|
|
|
# added .htm for advanced source code editor library
|
|
|
|
# location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|map|ttf|woff|woff2|svg)$ {
|
|
|
|
# expires 30d;
|
|
|
|
# try_files $uri /index.php?q=$uri&$args;
|
|
|
|
# }
|
2020-10-14 04:28:54 +02:00
|
|
|
|
2018-06-22 08:53:45 +02:00
|
|
|
# block these file types
|
2020-10-14 04:28:54 +02:00
|
|
|
location ~* \.(tpl|md|tgz|log|out)$
|
2018-06-22 08:53:45 +02:00
|
|
|
{
|
|
|
|
deny all;
|
|
|
|
}
|
2020-10-14 04:28:54 +02:00
|
|
|
|
2018-06-22 08:53:45 +02:00
|
|
|
# deny access to all dot files
|
2020-10-14 04:28:54 +02:00
|
|
|
location ~ /\.
|
2018-06-22 08:53:45 +02:00
|
|
|
{
|
|
|
|
deny all;
|
|
|
|
}
|
2020-10-14 04:28:54 +02:00
|
|
|
|
2018-06-22 08:53:45 +02:00
|
|
|
#deny access to store
|
2020-10-14 04:28:54 +02:00
|
|
|
location ~ /store
|
2018-06-22 08:53:45 +02:00
|
|
|
{
|
|
|
|
deny all;
|
|
|
|
}
|
2020-10-14 04:28:54 +02:00
|
|
|
|
2019-04-04 18:32:01 +02:00
|
|
|
#deny access to util
|
|
|
|
location ~ /util {
|
|
|
|
deny all;
|
|
|
|
}
|
|
|
|
|
2018-05-25 21:22:07 +02:00
|
|
|
}
|