Created
August 9, 2016 06:40
-
-
Save derekriemer/a1311cf0ed84b6a1956381302d0a4dca to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
server_name .derekriemer.com; | |
listen 443 ssl; | |
root /home/derek/drupal; | |
location = /favicon.ico { | |
log_not_found off; | |
access_log off; | |
} | |
location = /robots.txt { | |
allow all; | |
log_not_found off; | |
access_log off; | |
} | |
# Very rarely should these ever be accessed outside of your lan | |
location ~* \.(txt|log)$ { | |
allow 127.0.0.1; | |
deny all; | |
} | |
location ~ \..*/.*\.php$ { | |
return 403; | |
} | |
# No no for private | |
location ~ ^/sites/.*/private/ { | |
return 403; | |
} | |
# Block access to "hidden" files and directories whose names begin with a | |
# period. This includes directories used by version control systems such | |
# as Subversion or Git to store control files. | |
location ~ (^|/)\. { | |
return 403; | |
} | |
location / { | |
# This is cool because no php is touched for static content | |
try_files $uri @rewrite; | |
} | |
location @rewrite { | |
# For D7 and above: | |
# Clean URLs are handled in drupal_environment_initialize(). | |
rewrite ^ /index.php; | |
} | |
location ~ \.php$ { | |
include snippets/fastcgi-php.conf; | |
fastcgi_pass unix:/run/php/php7.0-fpm.sock; | |
} | |
location ~^/update.php { | |
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini | |
# With php7-fpm: | |
fastcgi_pass unix:/run/php/php7.0-fpm.sock; | |
fastcgi_index index.php; | |
include fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
} | |
# Fighting with ImageCache? This little gem is amazing. | |
location ~ ^/sites/.*/files/imagecache/ { | |
try_files $uri @rewrite; | |
} | |
# Catch image styles for D7 too. | |
location ~ ^/sites/.*/files/styles/ { | |
try_files $uri @rewrite; | |
} | |
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { | |
expires max; | |
log_not_found off; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment