victoraguilarc/prestashop-nginx.conf

## prestashop-nginx.conf
server {
    charset utf-8;

    #listen <YOUR_IP>:80;

    server_name <YOUR_DOMAIN> www.<YOUR_DOMAIN>;
    root        /PATH/TO/YOUR/PRESTASHOP/INSTALLATION;
    index       index.php;

    access_log  /var/log/nginx/domains/<YOUT_DOMAIN>.log combined;
    access_log  /var/log/nginx/domains/<YOUT_DOMAIN>.bytes bytes;
    error_log   /var/log/nginx/domains/<YOUT_DOMAIN>.error.log error;

    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    location = /robots.txt {
        auth_basic off;
        allow all;
        log_not_found off;
        access_log off;
    }

    # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
    location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;
    }


    ##
    # Gzip Settings
    ##

    gzip on;
    gzip_disable "msie6";                                             # Do people still use Internet Explorer 6? In that case, disable gzip and hope for the best!
    gzip_vary on;                                                     # Also compress content with other MIME types than "text/html"
    gzip_types application/json text/css application/javascript;      # We only want to compress json, css and js. Compressing images and such isn't worth it
    gzip_proxied any;
    gzip_comp_level 6;                                                # Set desired compression ratio, higher is better compression, but slower
    gzip_buffers 16 8k;                                               # Gzip buffer size
    gzip_http_version 1.0;                                            # Compress every type of HTTP request


    # Global rewrite not depending on languages
    rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
    rewrite "^/c/([0-9]+)(\-[_a-zA-Z0-9-]*)/(.*)\.jpg$" /img/c/$1$2.jpg last;
    rewrite "^/c/([_a-zA-Z-]+)/(.*)\.jpg$" /img/c/$1.jpg last;
    rewrite "^/([a-z0-9]+)\-([a-z0-9]+)(\-[_a-zA-Z0-9-]*)/(\P{M}\p{M}*)*\.jpg$" /img/p/$1-$2$3.jpg last;
    rewrite "^/([0-9]+)\-([0-9]+)/(\P{M}\p{M}*)*\.jpg$" /img/p/$1-$2.jpg last;
    rewrite "^/([0-9])(\-[_a-zA-Z0-9-]*)?/(\P{M}\p{M}*)*\.jpg$" /img/p/$1/$1$2.jpg last;
    rewrite "^/([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?/(\P{M}\p{M}*)*\.jpg$" /img/p/$1/$2/$1$2$3.jpg last;
    rewrite "^/([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?/(\P{M}\p{M}*)*\.jpg$" /img/p/$1/$2/$3/$1$2$3$4.jpg last;
    rewrite "^/([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?/(\P{M}\p{M}*)*\.jpg$" /img/p/$1/$2/$3/$4/$1$2$3$4$5.jpg last;
    rewrite "^/([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?/(\P{M}\p{M}*)*\.jpg$" /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6.jpg last;
    rewrite "^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?/(\P{M}\p{M}*)*\.jpg$" /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7.jpg last;
    rewrite "^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?/(\P{M}\p{M}*)*\.jpg$" /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8.jpg last;
    rewrite "^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?/(\P{M}\p{M}*)*\.jpg$" /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9.jpg last;
    rewrite "^/([0-9]+)\-(\P{M}\p{M}*)+\.html(.*)$" /index.php?controller=product&id_product=$1$3 last;
    rewrite "^/([0-9]+)\-([a-zA-Z0-9-]*)(.*)$" /index.php?controller=category&id_category=$1$3 last;
    rewrite "^/([a-zA-Z0-9-]*)/([0-9]+)\-([a-zA-Z0-9-]*)\.html(.*)$" /index.php?controller=product&id_product=$2$4 last;
    rewrite "^/([0-9]+)__([a-zA-Z0-9-]*)(.*)$" /index.php?controller=supplier&id_supplier=$1$3 last;
    rewrite "^/([0-9]+)_([a-zA-Z0-9-]*)(.*)$" /index.php?controller=manufacturer&id_manufacturer=$1$3 last;
    rewrite "^/content/([0-9]+)\-([a-zA-Z0-9-]*)(.*)$" /index.php?controller=cms&id_cms=$1$3 last;
    rewrite "^/content/category/([0-9]+)\-([a-zA-Z0-9-]*)(.*)$" /index.php?controller=cms&id_cms_category=$1$3 last;
    rewrite "^/module/([_a-zA-Z0-9-]*)/([_a-zA-Z0-9-]*)$" /index.php?fc=module&module=$1&controller=$2 last;
    rewrite "^/stock/([_a-zA-Z0-9-]*)/([_a-zA-Z0-9-]*)$" /index.php?controller=$1$2 last;

    try_files $uri $uri/ /index.php?$args;

    # Symfony controllers Specific for 1.7
    location ~ /(international|_profiler|module|product|combination|specific-price)/(.*)$ {
        try_files $uri $uri/ /index.php?q=$uri&$args $admin_dir/index.php$is_args$args;
    }


    location /admin-dev/ {  # Change this for your admin url
        if (!-e $request_filename) {
            rewrite ^/.*$ /admin-dev/index.php last;
        }
    }

    location / {
        if (!-e $request_filename) {
            rewrite ^/.*$ /index.php last;
        }
    }

    location ~ .php$ {
        fastcgi_split_path_info ^(.+.php)(/.*)$;
        try_files $uri =404;
        fastcgi_keep_conn on;
        include /etc/nginx/fastcgi_params;
        fastcgi_pass 127.0.0.1:9002;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_read_timeout 60m;
        fastcgi_send_timeout 60m;
        fastcgi_buffer_size 128k;
        fastcgi_buffers 256 16k;
        fastcgi_max_temp_file_size 0;
        fastcgi_busy_buffers_size 256k;
        fastcgi_temp_file_write_size 256k;
    }

    listen <YOUR_IP>:443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/<YOUT_DOMAIN>/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/<YOUT_DOMAIN>/privkey.pem; # managed by Certbot

    ssl_session_cache shared:le_nginx_SSL:1m;
    ssl_session_timeout 1440m;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:E$
    ssl_dhparam /etc/ssl/certs/dhparam.pem; # This is generated by: openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096

    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot


}


server {
    listen <YOUR_IP>:80;
    server_name <YOUR_DOMAIN>;
    return 301 https://$host$request_uri;
}
	server {
	charset utf-8;

	#listen <YOUR_IP>:80;

	server_name <YOUR_DOMAIN> www.<YOUR_DOMAIN>;
	root /PATH/TO/YOUR/PRESTASHOP/INSTALLATION;
	index index.php;

	access_log /var/log/nginx/domains/<YOUT_DOMAIN>.log combined;
	access_log /var/log/nginx/domains/<YOUT_DOMAIN>.bytes bytes;
	error_log /var/log/nginx/domains/<YOUT_DOMAIN>.error.log error;

	location = /favicon.ico {
	log_not_found off;
	access_log off;
	}

	location = /robots.txt {
	auth_basic off;
	allow all;
	log_not_found off;
	access_log off;
	}

	# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
	location ~ /\. {
	deny all;
	access_log off;
	log_not_found off;
	}


	##
	# Gzip Settings
	##

	gzip on;
	gzip_disable "msie6"; # Do people still use Internet Explorer 6? In that case, disable gzip and hope for the best!
	gzip_vary on; # Also compress content with other MIME types than "text/html"
	gzip_types application/json text/css application/javascript; # We only want to compress json, css and js. Compressing images and such isn't worth it
	gzip_proxied any;
	gzip_comp_level 6; # Set desired compression ratio, higher is better compression, but slower
	gzip_buffers 16 8k; # Gzip buffer size
	gzip_http_version 1.0; # Compress every type of HTTP request


	# Global rewrite not depending on languages
	rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
	rewrite "^/c/([0-9]+)(\-[_a-zA-Z0-9-])/(.)\.jpg$" /img/c/$1$2.jpg last;
	rewrite "^/c/([_a-zA-Z-]+)/(.*)\.jpg$" /img/c/$1.jpg last;
	rewrite "^/([a-z0-9]+)\-([a-z0-9]+)(\-[_a-zA-Z0-9-])/(\P{M}\p{M})*\.jpg$" /img/p/$1-$2$3.jpg last;
	rewrite "^/([0-9]+)\-([0-9]+)/(\P{M}\p{M})\.jpg$" /img/p/$1-$2.jpg last;
	rewrite "^/([0-9])(\-[_a-zA-Z0-9-])?/(\P{M}\p{M})*\.jpg$" /img/p/$1/$1$2.jpg last;
	rewrite "^/([0-9])([0-9])(\-[_a-zA-Z0-9-])?/(\P{M}\p{M})*\.jpg$" /img/p/$1/$2/$1$2$3.jpg last;
	rewrite "^/([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-])?/(\P{M}\p{M})*\.jpg$" /img/p/$1/$2/$3/$1$2$3$4.jpg last;
	rewrite "^/([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-])?/(\P{M}\p{M})*\.jpg$" /img/p/$1/$2/$3/$4/$1$2$3$4$5.jpg last;
	rewrite "^/([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-])?/(\P{M}\p{M})*\.jpg$" /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6.jpg last;
	rewrite "^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-])?/(\P{M}\p{M})*\.jpg$" /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7.jpg last;
	rewrite "^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-])?/(\P{M}\p{M})*\.jpg$" /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8.jpg last;
	rewrite "^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-])?/(\P{M}\p{M})*\.jpg$" /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9.jpg last;
	rewrite "^/([0-9]+)\-(\P{M}\p{M})+\.html(.)$" /index.php?controller=product&id_product=$1$3 last;
	rewrite "^/([0-9]+)\-([a-zA-Z0-9-])(.)$" /index.php?controller=category&id_category=$1$3 last;
	rewrite "^/([a-zA-Z0-9-])/([0-9]+)\-([a-zA-Z0-9-])\.html(.*)$" /index.php?controller=product&id_product=$2$4 last;
	rewrite "^/([0-9]+)__([a-zA-Z0-9-])(.)$" /index.php?controller=supplier&id_supplier=$1$3 last;
	rewrite "^/([0-9]+)_([a-zA-Z0-9-])(.)$" /index.php?controller=manufacturer&id_manufacturer=$1$3 last;
	rewrite "^/content/([0-9]+)\-([a-zA-Z0-9-])(.)$" /index.php?controller=cms&id_cms=$1$3 last;
	rewrite "^/content/category/([0-9]+)\-([a-zA-Z0-9-])(.)$" /index.php?controller=cms&id_cms_category=$1$3 last;
	rewrite "^/module/([_a-zA-Z0-9-])/([_a-zA-Z0-9-])$" /index.php?fc=module&module=$1&controller=$2 last;
	rewrite "^/stock/([_a-zA-Z0-9-])/([_a-zA-Z0-9-])$" /index.php?controller=$1$2 last;

	try_files $uri $uri/ /index.php?$args;

	# Symfony controllers Specific for 1.7
	location ~ /(international\|_profiler\|module\|product\|combination\|specific-price)/(.*)$ {
	try_files $uri $uri/ /index.php?q=$uri&$args $admin_dir/index.php$is_args$args;
	}


	location /admin-dev/ { # Change this for your admin url
	if (!-e $request_filename) {
	rewrite ^/.*$ /admin-dev/index.php last;
	}
	}

	location / {
	if (!-e $request_filename) {
	rewrite ^/.*$ /index.php last;
	}
	}

	location ~ .php$ {
	fastcgi_split_path_info ^(.+.php)(/.*)$;
	try_files $uri =404;
	fastcgi_keep_conn on;
	include /etc/nginx/fastcgi_params;
	fastcgi_pass 127.0.0.1:9002;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	fastcgi_read_timeout 60m;
	fastcgi_send_timeout 60m;
	fastcgi_buffer_size 128k;
	fastcgi_buffers 256 16k;
	fastcgi_max_temp_file_size 0;
	fastcgi_busy_buffers_size 256k;
	fastcgi_temp_file_write_size 256k;
	}

	listen <YOUR_IP>:443 ssl; # managed by Certbot
	ssl_certificate /etc/letsencrypt/live/<YOUT_DOMAIN>/fullchain.pem; # managed by Certbot
	ssl_certificate_key /etc/letsencrypt/live/<YOUT_DOMAIN>/privkey.pem; # managed by Certbot

	ssl_session_cache shared:le_nginx_SSL:1m;
	ssl_session_timeout 1440m;

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_prefer_server_ciphers on;
	ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:E$
	ssl_dhparam /etc/ssl/certs/dhparam.pem; # This is generated by: openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096

	if ($scheme != "https") {
	return 301 https://$host$request_uri;
	} # managed by Certbot


	}


	server {
	listen <YOUR_IP>:80;
	server_name <YOUR_DOMAIN>;
	return 301 https://$host$request_uri;
	}