Last active
April 7, 2017 18:16
-
-
Save selivan/10ed68156a869b4095c20a2d10cc101c to your computer and use it in GitHub Desktop.
nginx.conf for naxsi/issues/364
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
user www-data; | |
pid /var/run/nginx.pid; | |
events { | |
} | |
http { | |
include /etc/nginx/naxsi/core.rules; | |
access_log /var/log/nginx/access.log combined; | |
error_log /var/log/nginx/error.log; | |
keepalive_timeout 30; | |
keepalive_requests 50; | |
reset_timedout_connection on; | |
default_type application/octet-stream; | |
server { | |
listen 443 ssl default_server; | |
listen 80 default_server; | |
server_name example.net; | |
root /var/www/html; | |
set $naxsi_extensive_log 1; | |
set $naxsi_flag_learning 0; | |
location / { | |
SecRulesEnabled; | |
DeniedUrl "/RequestDenied"; | |
include /etc/nginx/naxsi/block.rules; | |
index index.html; | |
} | |
location /RequestDenied { | |
#internal; | |
default_type text/html; | |
echo_status 418; | |
echo_location /static/waf_error_top.html; | |
echo "Client IP: $remote_addr <br>"; | |
echo "Time: $time_local <br>"; | |
echo_location /static/waf_error_bottom.html; | |
} | |
include ssl.conf; | |
ssl_certificate /etc/nginx/ssl/example.net/example.net.crt; | |
ssl_certificate_key /etc/nginx/ssl/example.net/example.net.key; | |
ssl_dhparam /etc/nginx/ssl/example.net/dhparam.pem; #Forward Secrecy | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment