-
Notifications
You must be signed in to change notification settings - Fork 13
Expand file tree
/
Copy path.nginx.conf
More file actions
123 lines (79 loc) · 2.34 KB
/
.nginx.conf
File metadata and controls
123 lines (79 loc) · 2.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# remove www
server
{
listen [::]:80;
server_name www.phpguide.co.il;
rewrite ^ $scheme://phpguide.co.il$request_uri redirect;
}
server
{
#listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80; ## default ipv6only=on; ## listen for ipv6
gzip on;
index index.php;
server_name phpguide.co.il;
root /home/www/phpguide;
charset utf-8;
client_max_body_size 1m;
location ~ /build\.xml
{
deny all;
access_log off;
log_not_found off;
break;
}
# redirect styles
rewrite "^/static/(styles|scripts|images)/([a-z0-9]*)\.[0-9]*\.(css|js|png|gif|jpg|jpeg|bmp|ico)$" /static/$1/$2.$3;
# YiiFramework rules
# Block access to protected, framework, and nbproject (artifact from Netbeans)
location ~ /(protected|framework|nbproject|\.idea) {
deny all;
access_log off;
log_not_found off;
break;
}
# Block access to theme-folder views directories
location ~ /themes/\w+/views {
deny all;
access_log off;
log_not_found off;
break;
}
# Attempt the uri, uri+/, then fall back to yii's index.php with args included
# Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
location / {
try_files $uri $uri/ /static/$uri /index.php?$args;
break;
}
# END yiiframework.conf
#Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$
{
expires 1M;
add_header Vary Accept-Encoding;
log_not_found off;
break;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac), .gitignore and others.
location ~ /\.
{
deny all;
access_log off;
log_not_found off;
}
location ~ \.php$
{
# Filter out arbitrary code execution
location ~ \..*/.*\.php$ {return 404;}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
fastcgi_param PATH_INFO $fastcgi_path_info;
include fcgi_params;
fastcgi_pass unix:/tmp/php.socket;
fastcgi_index index.php;
break;
}
}