user nginx; worker_processes 1; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; sendfile on; keepalive_timeout 65; # max_execution_time is 900 proxy_read_timeout 910; # Disable SSLv3 to protect us from POODLE & company ssl_protocols TLSv1 TLSv1.1 TLSv1.2; server { listen *:443; server_name localhost; ssl on; ssl_certificate /etc/ssl/nginx/localhost.crt; ssl_certificate_key /etc/ssl/nginx/localhost.key; root /var/www/z-push; index index.php; error_log /var/log/nginx/zpush-error.log; access_log /var/log/nginx/zpush-access.log; # Attachments 20MB max client_max_body_size 20m; client_body_buffer_size 128k; location / { try_files $uri $uri/ index.php; } location /Microsoft-Server-ActiveSync { rewrite ^(.*)$ /index.php last; } location ~ .php$ { include /etc/nginx/fastcgi_params; fastcgi_index index.php; fastcgi_param HTTPS on; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass zpushphpfpm:9000; # PHP max_execution_time is set to 900 fastcgi_read_timeout 910; } # You don't really need all of the next, but I have them in my server location = /robots.txt { access_log off; log_not_found off; } location = /favicon.ico { return 204; access_log off; log_not_found off; } location ~ ^\. { access_log on; log_not_found off; deny all; } location ~ ~$ { access_log off; log_not_found off; deny all; } } }