Last active
April 11, 2017 17:52
-
-
Save sapid/7590993 to your computer and use it in GitHub Desktop.
blesta config with nginx on ubuntu
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
listen 80; | |
listen [::]:80 ipv6only=on; # This last flag can fix some issues nginx can have with binding to ports. | |
server_name www.example.com; | |
return 301 https://$server_name$request_uri; #Force SSL | |
} | |
server { | |
listen 443; #SSL Only | |
server_name my.example.com; | |
root /var/www; | |
index index.php index.html index.htm; | |
# Turn on SSL | |
ssl on; | |
ssl_certificate /etc/nginx/ssl/server.crt; | |
ssl_certificate_key /etc/nginx/ssl/server.key; | |
ssl_session_cache shared:SSL:10m; | |
ssl_session_timeout 3m; | |
# Protect against BEAST attacks | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_ciphers !aNULL:!eNULL:FIPS@STRENGTH; | |
ssl_prefer_server_ciphers on; | |
client_body_buffer_size 32m; | |
#error_page 404 /404.html; | |
# redirect server error pages to the static page /50x.html | |
# Set to directory of error files | |
error_page 500 502 503 504 /50x.html; | |
location = /50x.html { | |
root /usr/share/nginx/www; | |
} | |
# pass the PHP scripts to PHP FPM | |
location /index.php/ { | |
#error_page 404 = /index.php; #IF file doesn't exist | |
log_not_found off; | |
rewrite ^/index.php/(.*)$ /index.php last; | |
# For access to install file | |
if ($request_uri ~ "^(.*)/install.php$"){ | |
rewrite install.php /%1/install/ redirect; | |
} | |
} | |
location ~ /index\.php$ { | |
try_files $uri =404; | |
# Tweak for Nginx to work with PHP from vendors | |
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini | |
fastcgi_param SERVER_NAME prgmr.com; # CHANGE TO FQDN FOR THIS SERVER | |
fastcgi_param SERVER_ADDR 127.0.0.1; # CHANGE TO EXTERNAL IP FOR THIS SERVER | |
fastcgi_connect_timeout 60; | |
fastcgi_send_timeout 180; | |
fastcgi_read_timeout 180; | |
# Buffer settings increase to compensate for increased time/size due to SSL | |
fastcgi_buffer_size 128k; | |
fastcgi_buffers 4 256k; # | |
fastcgi_busy_buffers_size 256k; | |
fastcgi_temp_file_write_size 256k; | |
fastcgi_intercept_errors on; | |
# With php5-cgi alone: | |
fastcgi_pass 127.0.0.1:9000; | |
# With php5-fpm (recommended) | |
#fastcgi_pass unix:/var/run/php5-fpm.sock; | |
fastcgi_index index.php; | |
include fastcgi_params; | |
} | |
location /index.php/admin/ { | |
allow 127.0.0.1; | |
deny all; | |
if ($remote_addr = 127.0.0.1 ) { # Only rewrite if locally connected. | |
rewrite ^/index.php/admin(.*)$ /index.php last;} | |
} | |
# Disallow access to any file with .pdt extension | |
location ~ (\.pdt) { | |
return 404; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
fastcgi_param QUERY_STRING $query_string; | |
fastcgi_param REQUEST_METHOD $request_method; | |
fastcgi_param CONTENT_TYPE $content_type; | |
fastcgi_param CONTENT_LENGTH $content_length; | |
fastcgi_param SCRIPT_NAME $fastcgi_script_name; | |
fastcgi_param REQUEST_URI $request_uri; | |
fastcgi_param DOCUMENT_URI $document_uri; | |
fastcgi_param DOCUMENT_ROOT $document_root; | |
fastcgi_param SERVER_PROTOCOL $server_protocol; | |
fastcgi_param HTTPS $https if_not_empty; | |
fastcgi_param REDIRECT_STATUS 200; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
fastcgi_param GATEWAY_INTERFACE CGI/1.1; | |
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; | |
fastcgi_param REMOTE_ADDR $remote_addr; | |
fastcgi_param REMOTE_PORT $remote_port; | |
fastcgi_param SERVER_ADDR 127.0.0.1 # CHANGE THIS TO EXTERNAL IP #$server_addr; | |
fastcgi_param SERVER_PORT $server_port; | |
fastcgi_param SERVER_NAME $server_name; | |
# PHP only, required if PHP was built with --enable-force-cgi-redirect | |
fastcgi_param REDIRECT_STATUS 200; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment