Create a folder to store the databases :
mkdir -p /usr/share/GeoIP
Download Country IP database
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
gunzip GeoIP.dat.gz
0.0.0.0 feedback.microsoft-hohm.com | |
0.0.0.0 search.msn.com | |
0.0.0.0 a.ads1.msn.com | |
0.0.0.0 a.ads2.msn.com | |
0.0.0.0 a.rad.msn.com | |
0.0.0.0 ac3.msn.com | |
0.0.0.0 ads.msn.com | |
0.0.0.0 ads1.msn.com | |
0.0.0.0 b.ads1.msn.com | |
0.0.0.0 b.rad.msn.com |
## | |
# Common security rules | |
## | |
# Security settings for better privacy | |
# Deny hidden files | |
location ~ /\.(?!well-known\/) { | |
deny all; | |
} | |
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files |
user www-data; | |
# # The special value auto allows binding worker processes automatically to available CPUs: | |
worker_processes auto; | |
worker_cpu_affinity auto; | |
# # Changes the limit on the maximum number of open files (RLIMIT_NOFILE) for worker processes | |
worker_rlimit_nofile 100000; | |
pid /run/nginx.pid; | |
# # PCRE JIT can speed up processing of regular expressions significantly. | |
pcre_jit on; |
##StevenBlack's list | |
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts | |
##MalwareDomains | |
https://mirror1.malwaredomains.com/files/justdomains | |
##Cameleon | |
http://sysctl.org/cameleon/hosts | |
##Zeustracker |
Create a folder to store the databases :
mkdir -p /usr/share/GeoIP
Download Country IP database
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
gunzip GeoIP.dat.gz
#!/usr/bin/env bash | |
# ------------------------------------------------------------------------- | |
# wsl-vpnkit install script | |
# ------------------------------------------------------------------------- | |
# Check if user is root | |
[ "$(id -u)" != "0" ] && { | |
echo "Error: You must be root or use sudo to run this script" | |
exit 1 | |
} |
# WordOps nextcloud configuration | |
# install path : /var/www/yourdomain.tld/conf/nginx/nextcloud.conf | |
# replace "fastcgi_pass php73;" with another upstream if you are using php72 or php74 | |
# ---------------------------------------------------------------------------- | |
add_header X-Robots-Tag none; | |
add_header X-Permitted-Cross-Domain-Policies none; | |
add_header Referrer-Policy no-referrer; | |
location = /robots.txt { | |
allow all; |
location ~* "(eval\()" { deny all; } | |
location ~* "(127\.0\.0\.1)" { deny all; } | |
location ~* "([a-z0-9]{2000})" { deny all; } | |
location ~* "(javascript\:)(.*)(\;)" { deny all; } | |
location ~* "(base64_encode)(.*)(\()" { deny all; } | |
location ~* "(GLOBALS|REQUEST)(=|\[|%)" { deny all; } | |
location ~* "(<|%3C).*script.*(>|%3)" { deny all; } | |
location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" { deny all; } | |
location ~* "(boot\.ini|etc/passwd|self/environ)" { deny all; } | |
location ~* "(thumbs?(_editor|open)?|tim(thumb)?)\.php" { deny all; } |
<?php | |
/** Define ABSPATH as this file's directory */ | |
if (! defined('ABSPATH')) { | |
define('ABSPATH', __DIR__ . '/'); | |
} | |
/* If wp-config.php exists in the WordPress root, or if it exists in the root and wp-settings.php | |
* doesn't, load wp-config.php. The secondary check for wp-settings.php has the added benefit | |
* of avoiding cases where the current directory is a nested installation, e.g. / is WordPress(a) |