Last active
October 30, 2023 13:40
-
-
Save goregrish/3552216d9dec24b33c96c875b7289c0d to your computer and use it in GitHub Desktop.
Xenforo Nginx Virtual Domain Config SSL only | provide your SSL cert details twice here from include, example: /etc/nginx/snippets/ssl.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
listen 80; | |
server_name www.mydomain.com mydomain.com; | |
return 301 https://mydomain.com$request_uri; | |
} | |
server { | |
listen 443 ssl; | |
server_name www.mydomain.com; | |
# managed by Certbot stuff | |
include snippets/ssl.conf; | |
return 301 https://mydomain.com$request_uri; | |
} | |
# above redirects unsecure and www. to https://mydomain.com | |
server { | |
listen [::]:443 ssl; # managed by Certbot | |
listen 443 ssl; # managed by Certbot | |
server_name mydomain.com; | |
error_log /var/log/nginx/mydomain.log warn; | |
access_log off; | |
# managed by Certbot stuff | |
include snippets/ssl.conf; | |
root /srv/www/webroot; | |
index index.php index.html; | |
location / { | |
try_files $uri $uri/ /index.php?$uri&$args; | |
} | |
location ~ /(internal_data|library) { | |
internal; | |
} | |
# handling of the request | |
location ~ [^/]\.php(/|$) { | |
fastcgi_split_path_info ^(.+?\.php)(/.*)$; | |
if (!-f $document_root$fastcgi_script_name) { | |
return 404; | |
} | |
# Mitigate https://httpoxy.org/ vulnerabilities | |
fastcgi_param HTTP_PROXY ""; | |
fastcgi_pass 127.0.0.1:9001; | |
fastcgi_index index.php; | |
# include the fastcgi_param setting | |
include fastcgi_params; | |
# SCRIPT_FILENAME parameter is used for PHP FPM determining | |
# the script name. If it is not set in fastcgi_params file, | |
# i.e. /etc/nginx/fastcgi_params or in the parent contexts, | |
# please comment off following line: | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment