caioagiani/wp.vhost

## wp.vhost
server {
    listen *:80;
    listen *:443 ssl http2;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:30m;
    ssl_session_timeout 10m;

    ssl_certificate /home/cloudflare/cer.crt;
    ssl_certificate_key /home/cloudflare/cer.key;

    server_name site.com.br www.site.com.br;

    root   /var/www/site.com.br/web/;

    index index.html index.htm index.php index.cgi index.pl index.xhtml;

    error_log /var/log/site.com.br/error.log;
    access_log /var/log/site.com.br/access.log;

    location ~ /\. {
        deny all;
    }

    location = /favicon.ico {
        log_not_found off;
        access_log off;
        expires max;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
    }

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    location ~ \.php$ {
        try_files $uri =404;
        include /etc/nginx/fastcgi_params;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_intercept_errors on;
    }

    location = /wp-config.txt {
        deny all;
        access_log off;
        log_not_found off;
    }

    location /wp-content/uploads/ {
        location ~ \.php$ {
            deny all;
        }
    }

    location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
        rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent;
        rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last;

        rewrite ^.*/sitemap_index\.xml$ /index.php?sitemap=1 last;
        rewrite ^.*/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;

        rewrite ^/news_sitemap\.xml$ /index.php?sitemap=wpseo_news last;
        rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last;
        rewrite ^/geo_sitemap\.xml$ /index.php?sitemap=wpseo_local last;
        rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last;
        access_log off;
    }

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location = /xmlrpc.php {
        deny all;
    }

    location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
        access_log off;
        log_not_found off;
        expires max;
        add_header Cache-Control "public";
    }

    location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ {
        add_header "Access-Control-Allow-Origin" "*";
        access_log off;
        log_not_found off;
        expires 10m;
        add_header Cache-Control "public";
    }

    location ^~ /.well-known/ {
        allow all;
        auth_basic off;
        satisfy any;
    }
}
	server {
	listen *:80;
	listen *:443 ssl http2;

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_prefer_server_ciphers on;
	ssl_session_cache shared:SSL:30m;
	ssl_session_timeout 10m;

	ssl_certificate /home/cloudflare/cer.crt;
	ssl_certificate_key /home/cloudflare/cer.key;

	server_name site.com.br www.site.com.br;

	root /var/www/site.com.br/web/;

	index index.html index.htm index.php index.cgi index.pl index.xhtml;

	error_log /var/log/site.com.br/error.log;
	access_log /var/log/site.com.br/access.log;

	location ~ /\. {
	deny all;
	}

	location = /favicon.ico {
	log_not_found off;
	access_log off;
	expires max;
	add_header Cache-Control "public, must-revalidate, proxy-revalidate";
	}

	location = /robots.txt {
	allow all;
	log_not_found off;
	access_log off;
	}

	location ~ \.php$ {
	try_files $uri =404;
	include /etc/nginx/fastcgi_params;
	fastcgi_pass 127.0.0.1:9000;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	fastcgi_intercept_errors on;
	}

	location = /wp-config.txt {
	deny all;
	access_log off;
	log_not_found off;
	}

	location /wp-content/uploads/ {
	location ~ \.php$ {
	deny all;
	}
	}

	location ~ ([^/])sitemap(.)\.x(m\|s)l$ {
	rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent;
	rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last;

	rewrite ^.*/sitemap_index\.xml$ /index.php?sitemap=1 last;
	rewrite ^.*/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;

	rewrite ^/news_sitemap\.xml$ /index.php?sitemap=wpseo_news last;
	rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last;
	rewrite ^/geo_sitemap\.xml$ /index.php?sitemap=wpseo_local last;
	rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last;
	access_log off;
	}

	location / {
	try_files $uri $uri/ /index.php?$args;
	}

	location = /xmlrpc.php {
	deny all;
	}

	location ~* ^.+\.(ogg\|ogv\|svg\|svgz\|eot\|otf\|woff\|mp4\|ttf\|rss\|atom\|jpg\|jpeg\|gif\|png\|ico\|zip\|tgz\|gz\|rar\|bz2\|doc\|xls\|exe\|ppt\|tar\|mid\|midi\|wav\|bmp\|rtf)$ {
	access_log off;
	log_not_found off;
	expires max;
	add_header Cache-Control "public";
	}

	location ~* \.(ogg\|ogv\|svg\|svgz\|eot\|otf\|woff\|mp4\|ttf\|css\|rss\|atom\|js\|jpg\|jpeg\|gif\|png\|ico\|zip\|tgz\|gz\|rar\|bz2\|doc\|xls\|exe\|ppt\|tar\|mid\|midi\|wav\|bmp\|rtf\|swf)$ {
	add_header "Access-Control-Allow-Origin" "*";
	access_log off;
	log_not_found off;
	expires 10m;
	add_header Cache-Control "public";
	}

	location ^~ /.well-known/ {
	allow all;
	auth_basic off;
	satisfy any;
	}
	}