Skip to content

Instantly share code, notes, and snippets.

@phawk
Last active December 31, 2015 00:39
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save phawk/7908637 to your computer and use it in GitHub Desktop.
Save phawk/7908637 to your computer and use it in GitHub Desktop.
server {
listen 80;
server_name ~^(?P<sitename>.+)\.dev\.com$
access_log /var/www/vhosts/$sitename/logs/nginx.access.log;
error_log /var/www/vhosts/$sitename/logs/nginx.error.log;
root /var/www/vhosts/$sitename/public;
autoindex on;
index index.php;
include global/static-asset-caching.conf;
include global/php-restrictions.conf;
location / {
try_files $uri $uri/ /index.php;
location = /index.php {
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_intercept_errors on;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
}
location ~ \.php$ {
return 444;
}
}
# Global restrictions configuration file.
# Designed to be included in any server {} block.</p>
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
deny all;
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires max;
add_header Cache-Control public;
access_log off;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment