Hamza/tripz-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3a993cc1babf5ced4b5368dc01b064cf9e3ffc77
tripz-service/lib/models/vshost.md
Hamza-Ayed 3a993cc1ba 25-5-9/1
2025-06-06 23:28:02 +03:00

2.5 KiB
Raw Blame History

server { listen 80; listen [::]:80; listen 443 ssl http2; listen [::]:443 ssl http2; {{ssl_certificate_key}} {{ssl_certificate}} server_name www.sefer.click; return 301 https://sefer.click$request_uri; } server { listen 80; listen [::]:80; listen 443 ssl http2; listen [::]:443 ssl http2; {{ssl_certificate_key}} {{ssl_certificate}} server_name sefer.click www1.sefer.click; {{root}} {{nginx_access_log}} {{nginx_error_log}}

Set the maximum request body size

client_max_body_size 10m; if ($scheme != "https") { rewrite ^ https://$host$uri permanent; } location ~ /.well-known { auth_basic off; allow all; }

Security headers

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline';" always; add_header Referrer-Policy "no-referrer-when-downgrade" always; add_header Permissions-Policy "geolocation=(), microphone=()" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Content-Type-Options "nosniff" always;

{{settings}} location / { {{varnish_proxy_pass}} proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_hide_header X-Varnish; proxy_redirect off; proxy_max_temp_file_size 0; proxy_connect_timeout 720; proxy_send_timeout 720; proxy_read_timeout 720; proxy_buffer_size 128k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; proxy_temp_file_write_size 256k; } location ~* ^.+.(css|js|jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|woff2|eot|mp4|ogg|ogv|webm|webp|zip|swf|map|mjs)$ { add_header Access-Control-Allow-Origin "*"; expires max; access_log off; } location ~ /.(ht|svn|git) { deny all; } if (-f $request_filename) { break; } } server { listen 8080; listen [::]:8080; server_name sefer.click www1.sefer.click; {{root}} try_files $uri $uri/ /index.php?$args; index index.php index.html; location ~ .php$ { include fastcgi_params; fastcgi_intercept_errors on; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; try_files $uri =404; fastcgi_read_timeout 3600; fastcgi_send_timeout 3600; proxy_read_timeout 3600; proxy_send_timeout 3600; fastcgi_param HTTPS "on"; fastcgi_param SERVER_PORT 443; fastcgi_pass 127.0.0.1:{{php_fpm_port}}; fastcgi_param PHP_VALUE "{{php_settings}}"; } if (-f $request_filename) { break; } } //above for cairo server

Reference in New Issue View Git Blame Copy Permalink