Skip to content

Instantly share code, notes, and snippets.

@afiqiqmal

afiqiqmal/default.conf

Last active March 30, 2020 02:02
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save afiqiqmal/dfa3204d1ed91f7958743014eb07c34c to your computer and use it in GitHub Desktop.
Save afiqiqmal/dfa3204d1ed91f7958743014eb07c34c to your computer and use it in GitHub Desktop.
Download ZIP
NGINX Laravel Config
Raw
default.conf
server {
listen 80;
listen [::]:80;
proxy_http_version 1.1;
proxy_set_header Connection "";
root /PROJECT_PATH/public;
index index.html index.htm index.php index.nginx-debian.html;
access_log off;
error_log /var/log/nginx/error.log;
add_header 'Access-Control-Allow-Methods' 'HEAD, GET, POST, OPTIONS, PUT, DELETE, PATCH';
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options nosniff always;
add_header Feature-Policy "geolocation 'none'; camera 'none'; speaker 'none';" always;
add_header Referrer-Policy no-referrer-when-downgrade always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header Content-Security-Policy "default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';";
add_header Expect-CT "max-age=300" always;
add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive" always;
more_clear_headers Server;
server_tokens off;
client_max_body_size 100M;
charset utf-8;
# Specify the details of favicon.ico
location = /favicon.ico { access_log off; log_not_found off; }
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /api {
try_files $uri $uri/ /index.php?$query_string;
error_page 400 /api/400.json;
error_page 404 /api/404.json;
error_page 500 /api/500.json;
error_page 502 /api/502.json;
error_page 503 /api/503.json;
error_page 504 /api/504.json;
location = /api/400.json {
more_set_headers 'Content-Type: application/json';
root /PROJECT_PATH/error_page/json;
internal;
}
location = /api/404.json {
more_set_headers 'Content-Type: application/json';
root /PROJECT_PATH/error_page/json;
internal;
}
location = /api/500.json {
more_set_headers 'Content-Type: application/json';
root /PROJECT_PATH/error_page/json;
internal;
}
location = /api/502.json {
more_set_headers 'Content-Type: application/json';
root /PROJECT_PATH/error_page/json;
internal;
}
location = /api/503.json {
more_set_headers 'Content-Type: application/json';
root /PROJECT_PATH/error_page/json;
internal;
}
location = /api/504.json {
more_set_headers 'Content-Type: application/json';
root /PROJECT_PATH/error_page/json;
internal;
}
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass 127.0.0.1:9000;
}
location ~* \.(css|js|ico|gif|jpeg|jpg|webp|png|svg|eot|otf|woff|woff2|ttf|ogg)$ {
add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive" always;
expires 7d;
access_log off;
log_not_found off;
}
location ~ /\.ht {
deny all;
}
location ~ /.well-known {
add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive" always;
allow all;
}
error_page 400 /400.html;
error_page 404 /404.html;
error_page 500 /500.html;
error_page 502 /502.html;
error_page 503 /503.html;
error_page 504 /504.html;
location = /400.html {
root /PROJECT_PATH/error_page;
internal;
}
location = /404.html {
root /PROJECT_PATH/error_page;
internal;
}
location = /500.html {
root /PROJECT_PATH/error_page;
internal;
}
location = /502.html {
root /PROJECT_PATH/error_page;
internal;
}
location = /503.html {
root /PROJECT_PATH/error_page;
internal;
}
location = /504.html {
root /PROJECT_PATH/error_page;
internal;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment