-
-
Save wrrr/5ae2c5afe03f35a007e511b9c66567f5 to your computer and use it in GitHub Desktop.
CORS discussion DistinctPlace
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The main domain is where I was getting the CORS violation error calling for .ttf | |
and other small assets from the cdn.mydomain.com (sub-domain on same server/ip | |
That part works now with this setup. I cannot upload to the front end of mydomain.com | |
without getting a stable preflight working. | |
/etc/nginx/conf.d/mydomain-cdn.conf | |
#AUTOMATICALLY GENERATED - DO NO EDIT! | |
server { | |
listen *:443 ssl; | |
ssl_certificate /a1ssl/mydomain/cert.pem; | |
ssl_certificate_key /a1ssl/mydomain/privkey.pem; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_prefer_server_ciphers on; | |
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; | |
server_name cdn.mydomain.com; | |
access_log /var/log/nginx/mydomain-cdn.access.log; | |
error_log /var/log/nginx/mydomain-cdn.error.log; | |
root /a1srv/mydomain-cdn; | |
index index.html index.htm index.php; | |
#from wrrr | |
include /etc/nginx.wp/restrictions.conf; | |
include /etc/nginx.wp/wordpress.conf; | |
include /etc/nginx.cors/cors.conf; | |
location ~ [^/]\.php(/|$) { | |
fastcgi_index index.php; | |
include fcgi.conf; | |
fastcgi_pass unix:/var/run/ajenti-v-php7.0-fcgi-mydomain-cdn-php7.0-fcgi-0.sock; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
} | |
} | |
________________________________________________ | |
-- | |
/etc/nginx.wp/restrictions.conf; | |
# Global restrictions configuration file. | |
# Designed to be included in any server {} block.</p> | |
location = /favicon.ico { | |
log_not_found off; | |
access_log off; | |
} | |
location = /robots.txt { | |
allow all; | |
log_not_found off; | |
access_log off; | |
} | |
location ~ /\. { | |
deny all; | |
} | |
location ~* /(?:uploads|files)/.*\.php$ { | |
deny all; | |
} | |
location = /xmlrpc.php { | |
deny all; | |
access_log off; #to prevent from filling up the access log file | |
error_log off; #to prevent from filling up the error log file | |
} | |
________________________________________________ | |
-- | |
/etc/nginx.wp/wordpress.conf; | |
# http://wiki.nginx.org/HttpCoreModule | |
location / { | |
try_files $uri $uri/ /index.php?$args; | |
} | |
# Add trailing slash to */wp-admin requests. | |
rewrite /wp-admin$ $scheme://$host$uri/ permanent; | |
# Directives to send expires headers and turn off 404 error logging. | |
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { | |
access_log off; log_not_found off; expires max; | |
} | |
________________________________________________ | |
-- | |
/etc/nginx.cors/cors.conf; | |
add_header "Access-Control-Allow-Origin" https://mydomain.com; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I would get rid of cors.conf and put it into wordpress.conf