Last active
June 20, 2017 11:38
-
-
Save Blackening999/cb5af5a39493664ae3206d10b411fb3e to your computer and use it in GitHub Desktop.
/etc/nginx/conf.d/testapp.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name testapp.com www.testapp.com; #let’s assume you have bare/www domain registered | |
| #SECURE WAY: return 301 https://www.testapp.com$request_uri;#force HTTPS + permanent redirect | |
| } | |
| server { | |
| #SECURE WAY: listen 443 ssl; | |
| #SECURE WAY: ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
| #SECURE WAY: ssl_prefer_server_ciphers on; | |
| #SECURE WAY: ssl_session_cache shared:SSL:10m; | |
| #SECURE WAY: ssl_ciphers “ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS”; | |
| #SECURE WAY: ssl_dhparam /etc/nginx/ssl/dhparam.pem; | |
| #SECURE WAY: ssl_certificate /etc/nginx/ssl/testapp.com.com.crt; #put here your crt file | |
| #SECURE WAY: ssl_certificate_key /etc/nginx/ssl/testapp.com.key; #put here your key file | |
| #LOGS: access_log /var/log/nginx/testapp.com.access.log main; | |
| #LOGS: error_log /var/log/nginx/testapp.com.error.log; | |
| server_name testapp.com www.testapp.com; | |
| location / { | |
| # we are going to use proxy to our Node app | |
| proxy_pass http://localhost:8782;#random port, be aware that you cannot use any port | |
| proxy_http_version 1.1; | |
| proxy_set_header Upgrade $http_upgrade; | |
| proxy_set_header Connection ‘upgrade’; | |
| proxy_set_header Host $host; | |
| proxy_cache_bypass $http_upgrade; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment