|
| 1 | +user www-data; |
| 2 | +worker_processes auto; |
| 3 | +pid /run/nginx.pid; |
| 4 | + |
| 5 | +events { |
| 6 | + worker_connections 768; |
| 7 | + # multi_accept on; |
| 8 | +} |
| 9 | + |
| 10 | +http { |
| 11 | + |
| 12 | + ## |
| 13 | + # Basic Settings |
| 14 | + ## |
| 15 | + |
| 16 | + sendfile on; |
| 17 | + tcp_nopush on; |
| 18 | + tcp_nodelay on; |
| 19 | + keepalive_timeout 65; |
| 20 | + types_hash_max_size 2048; |
| 21 | + # server_tokens off; |
| 22 | + |
| 23 | + # server_names_hash_bucket_size 64; |
| 24 | + # server_name_in_redirect off; |
| 25 | + |
| 26 | + include /etc/nginx/mime.types; |
| 27 | + default_type application/octet-stream; |
| 28 | + |
| 29 | + ## |
| 30 | + # SSL Settings |
| 31 | + ## |
| 32 | + |
| 33 | + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE |
| 34 | + ssl_prefer_server_ciphers on; |
| 35 | + |
| 36 | + ## |
| 37 | + # Logging Settings |
| 38 | + ## |
| 39 | + |
| 40 | + access_log /var/log/nginx/access.log; |
| 41 | + error_log /var/log/nginx/error.log; |
| 42 | + |
| 43 | + ## |
| 44 | + # Gzip Settings |
| 45 | + ## |
| 46 | + |
| 47 | + gzip on; |
| 48 | + gzip_disable "msie6"; |
| 49 | + |
| 50 | + # gzip_vary on; |
| 51 | + # gzip_proxied any; |
| 52 | + # gzip_comp_level 6; |
| 53 | + # gzip_buffers 16 8k; |
| 54 | + # gzip_http_version 1.1; |
| 55 | + # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; |
| 56 | + |
| 57 | + ## |
| 58 | + # Virtual Host Configs |
| 59 | + ## |
| 60 | + |
| 61 | + include /etc/nginx/conf.d/*.conf; |
| 62 | + include /etc/nginx/sites-enabled/*; |
| 63 | + |
| 64 | + server { |
| 65 | + listen 80 default_server; |
| 66 | + root /var/www/html; |
| 67 | + |
| 68 | + location / { |
| 69 | + # try to serve file directly, fallback to app.php |
| 70 | + try_files $uri /app.php$is_args$args; |
| 71 | + } |
| 72 | + # PROD |
| 73 | + location ~ ^/app\.php(/|$) { |
| 74 | + fastcgi_pass unix:/run/php/php7.0-fpm.sock; |
| 75 | + fastcgi_split_path_info ^(.+\.php)(/.*)$; |
| 76 | + include fastcgi_params; |
| 77 | + # When you are using symlinks to link the document root to the |
| 78 | + # current version of your application, you should pass the real |
| 79 | + # application path instead of the path to the symlink to PHP |
| 80 | + # FPM. |
| 81 | + # Otherwise, PHP's OPcache may not properly detect changes to |
| 82 | + # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126 |
| 83 | + # for more information). |
| 84 | + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; |
| 85 | + fastcgi_param DOCUMENT_ROOT $realpath_root; |
| 86 | + # Prevents URIs that include the front controller. This will 404: |
| 87 | + # http://domain.tld/app.php/some-path |
| 88 | + # Remove the internal directive to allow URIs like this |
| 89 | + internal; |
| 90 | + } |
| 91 | + |
| 92 | + # return 404 for all other php files not matching the front controller |
| 93 | + # this prevents access to other php files you don't want to be accessible. |
| 94 | + location ~ \.php$ { |
| 95 | + return 404; |
| 96 | + } |
| 97 | + } |
| 98 | +} |
| 99 | + |
| 100 | + |
0 commit comments