Created
December 8, 2014 15:51
-
-
Save jbq/76ebfd526f2ba8b60166 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
listen 80; | |
server_name my.server.name; | |
root /srv/pimcore/data; | |
# no limit on upload size | |
client_max_body_size 0; | |
# allow access to plugin-data and core assets ( done by excluding .*/static and static) | |
# forbid the direct access to pimcore-internal data (eg. config-files, ...) | |
# ~* = case-insensitive | |
location ~* ^(/plugins/(?!.*/static).*|^/pimcore/(?!static|modules/3rdparty/adminer).*|/website/var/(?!tmp|assets|plugins|areas)) { | |
return 403; | |
} | |
# basic zend-framework setup see: http://framework.zend.com/manual/en/zend.controller.html | |
# First attempt to serve request as file, then as directory, then fall back to index.php | |
location / { | |
try_files $uri /website/var/assets/$uri $uri/ /website/var/assets/$uri/ /index.php?$args; | |
expires 1w; | |
} | |
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 | |
location ~ \.php$ { | |
# Zero-day exploit defense. | |
# http://forum.nginx.org/read.php?2,88845,page=3 | |
# Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi. | |
# Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine. And then cross your fingers that you won't get hacked. | |
try_files $uri =404; | |
# This configuration depends on your set-up. The default nginx.conf contains an example for your setup. | |
include uwsgi_params; | |
uwsgi_modifier1 14; | |
uwsgi_read_timeout 300; | |
uwsgi_pass 127.0.0.1:3030; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment