Last active
August 3, 2016 20:10
-
-
Save tristanlins/b65306c558eeaa2599f5 to your computer and use it in GitHub Desktop.
Contao 3 nginx setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Prevent logging favicon.ico and robots.txt | |
location = /favicon.ico { | |
log_not_found off; | |
access_log off; | |
} | |
location = /robots.txt { | |
allow all; | |
log_not_found off; | |
access_log off; | |
} | |
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). | |
location ~ /\. { | |
deny all; | |
access_log off; | |
log_not_found off; | |
return 404; | |
} | |
# Prevent access to the Contao template files | |
location ~ \.(tpl|html5|xhtml)$ { | |
deny all; | |
access_log off; | |
log_not_found off; | |
} | |
# Allow access from all domains for webfonts | |
location ~ \.(ttf|ttc|otf|eot|woff|font.css)$ { | |
add_header Access-Control-Allow-Origin *; | |
} | |
# Expires headers (for better cache control) | |
location ~* \.(jpg|jpeg|png|gif|css|js|ico)$ { | |
expires max; | |
log_not_found off; | |
} | |
# Do not cache the cron.txt file | |
location = /cron/cron.txt { | |
allow all; | |
access_log off; | |
add_header Cache-Control "no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform"; | |
} | |
# Prevent access to /system | |
location /system/ { | |
deny all; | |
} | |
# Prevent access to /composer | |
location /composer/ { | |
deny all; | |
} | |
# Prevent access to /templates | |
location /templates/ { | |
deny all; | |
} | |
# Allow access to assets in /system or /composer | |
# Hint: this is an optimistic approach! | |
location ~* ^/(system|composer)/.*\.(js|css|htc|png|gif|jpe?g|ico|swf|flv|mp4|webm|ogv|mp3|ogg|oga|eot|otf|tt[cf]|woff|svg|svgz)$ { | |
allow all; | |
access_log off; | |
log_not_found off; | |
} | |
# Remove /index.php/ from url | |
location /index.php/ { | |
rewrite ^/index.php(/.*) $scheme://$server_name$1? permanent; | |
} | |
# Finally, deliver file or bypass to index.php | |
location / { | |
index index.php index.html; | |
try_files $uri $uri/ /index.php?$args; | |
rewrite "^/[a-z]{2}/$" /index.php last; | |
rewrite "^/([a-z]{2})$" /$1/ redirect; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment