2018-05-25 21:22:07 +02:00
|
|
|
root __FINALPATH__/;
|
|
|
|
location __PATH__
|
|
|
|
{
|
|
|
|
# Force https
|
|
|
|
if ($scheme = http)
|
|
|
|
|
|
|
|
{
|
|
|
|
rewrite ^ https://$server_name$request_uri? permanent;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!-e $request_filename)
|
|
|
|
|
|
|
|
{
|
|
|
|
rewrite ^(.*)$ /index.php?q=$1;
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
2018-04-30 20:24:17 +02:00
|
|
|
|
2015-08-23 17:33:13 +02:00
|
|
|
|
2018-05-25 21:22:07 +02:00
|
|
|
# Example PHP configuration
|
|
|
|
index index.php index.html;
|
|
|
|
try_files $uri $uri/ index.php;
|
|
|
|
location ~ [^/]\.php(/|$)
|
|
|
|
{
|
|
|
|
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
2018-04-30 20:24:17 +02:00
|
|
|
fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock;
|
2015-08-23 17:33:13 +02:00
|
|
|
fastcgi_index index.php;
|
|
|
|
include fastcgi_params;
|
|
|
|
fastcgi_param REMOTE_USER $remote_user;
|
|
|
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
2018-05-25 21:22:07 +02:00
|
|
|
fastcgi_param SCRIPT_FILENAME $request_filename;
|
|
|
|
|
|
|
|
# Set max upload size
|
|
|
|
client_max_body_size 256M;
|
|
|
|
fastcgi_buffers 64 4K;
|
2017-07-22 02:31:23 +02:00
|
|
|
|
2018-05-25 21:22:07 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
# make sure webfinger and other well known services aren't blocked
|
|
|
|
# by denying dot files and rewrite request to the front controller
|
|
|
|
location ^~ /.well-known/
|
|
|
|
{
|
|
|
|
allow all;
|
|
|
|
if (!-e $request_filename)
|
|
|
|
{
|
2018-05-05 10:01:19 +02:00
|
|
|
rewrite ^(.*)$ /index.php?q=$1;
|
|
|
|
}
|
2018-05-25 21:22:07 +02:00
|
|
|
}
|
2018-04-30 20:24:17 +02:00
|
|
|
|
2018-05-25 21:22:07 +02:00
|
|
|
# statically serve these file types when possible
|
|
|
|
# otherwise fall back to front controller
|
|
|
|
# allow browser to cache them
|
|
|
|
# added .htm for advanced source code editor library
|
|
|
|
# location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|map|ttf|woff|woff2|svg)$ {
|
|
|
|
# expires 30d;
|
|
|
|
# try_files $uri /index.php?q=$uri&$args;
|
|
|
|
# }
|
2018-04-30 20:24:17 +02:00
|
|
|
|
2018-05-25 21:22:07 +02:00
|
|
|
# block these file types
|
|
|
|
location ~* \.(tpl|md|tgz|log|out)$
|
|
|
|
|
|
|
|
{
|
|
|
|
deny all;
|
|
|
|
}
|
2018-04-30 20:24:17 +02:00
|
|
|
|
2018-05-25 21:22:07 +02:00
|
|
|
# deny access to all dot files
|
|
|
|
location ~ /\.
|
|
|
|
|
|
|
|
{
|
2017-07-22 02:31:23 +02:00
|
|
|
deny all;
|
2018-05-25 21:22:07 +02:00
|
|
|
}
|
2018-04-30 20:24:17 +02:00
|
|
|
|
2018-05-25 21:22:07 +02:00
|
|
|
#deny access to store
|
|
|
|
location ~ /store
|
|
|
|
|
|
|
|
{
|
|
|
|
deny all;
|
|
|
|
}
|
2018-04-30 20:24:17 +02:00
|
|
|
|
2017-07-22 02:31:23 +02:00
|
|
|
|