default.nginxconf 2.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112
  1. server {
  2. listen 80 default_server;
  3. listen [::]:80 default_server;
  4. # SSL configuration
  5. #
  6. # listen 443 ssl default_server;
  7. # listen [::]:443 ssl default_server;
  8. #
  9. # Note: You should disable gzip for SSL traffic.
  10. # See: https://bugs.debian.org/773332
  11. #
  12. # Read up on ssl_ciphers to ensure a secure configuration.
  13. # See: https://bugs.debian.org/765782
  14. #
  15. # Self signed certs generated by the ssl-cert package
  16. # Don't use them in a production server!
  17. #
  18. # include snippets/snakeoil.conf;
  19. root /var/www/html;
  20. # Add index.php to the list if you are using PHP
  21. index index.html index.htm index.php;
  22. server_name _;
  23. location / {
  24. # First attempt to serve request as file, then
  25. # as directory, then fall back to displaying a 404.
  26. try_files $uri $uri/ =404;
  27. }
  28. location /phpmyadmin {
  29. root /usr/share/webapps/;
  30. auth_basic "Admin Login";
  31. auth_basic_user_file passwds;
  32. # Deny static files
  33. location ~ ^/phpMyAdmin/(README|LICENSE|ChangeLog|DCO)$ {
  34. deny all;
  35. }
  36. # Deny .md files
  37. location ~ ^/phpMyAdmin/(.+\.md)$ {
  38. deny all;
  39. }
  40. # Deny setup directories
  41. location ~ ^/phpMyAdmin/(doc|sql|setup)/ {
  42. deny all;
  43. }
  44. location ~ ^/phpmyadmin/(.+\.php)$ {
  45. fastcgi_pass 127.0.0.1:9000;
  46. fastcgi_index index.php;
  47. include fastcgi.conf;
  48. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  49. try_files $uri $document_root$fastcgi_script_name =404;
  50. fastcgi_split_path_info ^(.+\.php)(/.*)$;
  51. fastcgi_param PATH_INFO $fastcgi_path_info;
  52. fastcgi_param HTTP_PROXY "";
  53. fastcgi_param HTTPS on;
  54. fastcgi_request_buffering off;
  55. }
  56. location ~ ^/phpmyadmin/(.*\.(eot|otf|woff|ttf|css|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|xls|tar|bmp))$ {
  57. root /usr/share/webapps/;
  58. expires 30d;
  59. log_not_found off;
  60. access_log off;
  61. }
  62. }
  63. # pass PHP scripts to FastCGI server
  64. location ~ \.php$ {
  65. fastcgi_pass 127.0.0.1:9000;
  66. fastcgi_index index.php;
  67. include fastcgi.conf;
  68. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  69. }
  70. # deny access to .htaccess files, if Apache's document root
  71. # concurs with nginx's one
  72. location ~ /\.ht {
  73. deny all;
  74. }
  75. ## Images and static content is treated different
  76. location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml)$ {
  77. access_log off;
  78. expires max;
  79. }
  80. location ~ /(libraries|setup/frames|setup/libs) {
  81. deny all;
  82. return 404;
  83. }
  84. location /nginx_status {
  85. stub_status on;
  86. access_log off;
  87. allow 127.0.0.1;
  88. # allow CURRENT-SERVER-IP;
  89. deny all;
  90. }
  91. # website should not be displayed inside a <frame>, an <iframe> or an <object>
  92. add_header X-Frame-Options DENY;
  93. }