NGINX Config

Ha NGINX-re telepít, használja a következő konfigurációt.
A mintakód-konfigurációban van néhány változó, amelyet manuálisan kell módosítania a szervertől függően.

Speciális konfiguráció #

server {
        listen Your_IP_ADDRESS_HERE:443 http2;
        # If you don't have http2 support, delete http2 here
            server_name domain.com http://www.domain.com;
            root /var/www/domain.com/;
            index index.php index.html index.htm;
            access_log /var/log/nginx/domains/domain.com.log combined;
            error_log /var/log/nginx/domains/domain.com.error.log error;
            add_header Strict-Transport-Security "max-age=31536000; includeSubdomains" always;
            add_header X-Frame-Options SAMEORIGIN;
            add_header X-Content-Type-Options nosniff;
            add_header X-XSS-Protection "1; mode=block";

        # If you dont want SSL, please remove ssl section below and add :80 instead of :443 on top server definition 
            ssl on;
            ssl_certificate /path/to/ssl.pem;
            ssl_certificate_key /path/to/ssl.key;
            ssl_session_timeout 5m;

        # To generate the following DHPARAM.PEM file, run first the following command on the server:
        # openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
        # Il will take at least 20 minutes!
        # If you don't want it, comment the following line 

            ssl_dhparam /etc/ssl/certs/dhparam.pem; 

            ssl_prefer_server_ciphers on;
            resolver 8.8.8.8;
            ssl_stapling on;
            ssl_trusted_certificate /path/to/ssl.pem;
            # same certificate as up


        location / {
            try_files $uri $uri/ /index.php?/$request_uri;
            add_header Strict-Transport-Security "max-age=31536000; includeSubdomains" always;
            add_header X-Frame-Options SAMEORIGIN;
            add_header X-Content-Type-Options nosniff;
            add_header X-XSS-Protection "1; mode=block";

            location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
            expires max;
        }

        location ~ [^/]\.php(/|$) {
            add_header Strict-Transport-Security "max-age=31536000; includeSubdomains" always;
            add_header X-Frame-Options SAMEORIGIN;
            add_header X-Content-Type-Options nosniff;
            add_header X-XSS-Protection "1; mode=block";
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            if (!-f $document_root$fastcgi_script_name) {
            return 404;
        }
            fastcgi_read_timeout 300;
            fastcgi_pass 127.0.0.1:9002;
            fastcgi_index index.php;
            include /etc/nginx/fastcgi_params;
            # modify this path if OS flavor different than Ubuntu/Debian
        }
        
        location /backups {
		    deny all;
		    return 404;
        }

        # Optional, disallow access to this directories and folders
        location ~* "/\.(htaccess|htpasswd|git|svn)$" {
            deny all;
            return 404;
        }
    }
}

Simple Config #

server {
        server_name yourdomain.com www.yourdomain.com;

        root /path/to/your/website.com/;
        index index.html index.php;

        # set expiration of assets to MAX for caching
        location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {
                expires max;
                log_not_found off;
        }

        location / {
                # Check if a file or directory index file exists, else route it to index.php.
                try_files $uri $uri/ /index.php;
        }
        
        location /backups {
                deny all;
                return 404;
        }

        location ~* \.php$ {
                fastcgi_pass 127.0.0.1:9000;
                include fastcgi.conf;
        }
}