Kezdőlap Felfedezés Súgó
Bejelentkezés
bachir
/
debian-web-server
1
1
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Fa: e9f4ea86f5
Branch-ok Tag-ek
debian-web-s...
/
assets
/
drupal.nginxconf

drupal.nginxconf 3.2 KB
Előzmények Nyers

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118 
  1. # https://www.nginx.com/resources/wiki/start/topics/recipes/drupal/
    2. 

  2. server {
    3. 

  3.   listen 80;
    4. 

  4.   listen [::]:80;
    5. 

  5.   server_name DOMAIN.LTD;
    6. 

  6.   root /var/www/DOMAIN.LTD/public_html;
    7. 

  7. 

  8.   charset utf-8;
    9. 

  9. 

  10.   location = /favicon.ico {
    11. 

  11.     access_log off;
    12. 

  12.     log_not_found off;
    13. 

  13.   }
    14. 

  14. 

  15.   location = /robots.txt  {
    16. 

  16.     allow all;
    17. 

  17.     access_log off;
    18. 

  18.     log_not_found off;
    19. 

  19.   }
    20. 

  20. 

  21.   location ~ \..*/.*\.php$ {
    22. 

  22.     return 403;
    23. 

  23.   }
    24. 

  24. 

  25.   location ~ ^/sites/.*/private/ {
    26. 

  26.     return 403;
    27. 

  27.   }
    28. 

  28. 

  29.   # Block access to scripts in site files directory
    30. 

  30.   location ~ ^/sites/[^/]+/files/.*\.php$ {
    31. 

  31.     deny all;
    32. 

  32.   }
    33. 

  33. 

  34.   # Allow "Well-Known URIs" as per RFC 5785
    35. 

  35.   location ~* ^/.well-known/ {
    36. 

  36.       allow all;
    37. 

  37.   }
    38. 

  38. 

  39.   # Block access to "hidden" files and directories whose names begin with a
    40. 

  40.   # period. This includes directories used by version control systems such
    41. 

  41.   # as Subversion or Git to store control files.
    42. 

  42.   location ~ (^|/)\. {
    43. 

  43.     return 403;
    44. 

  44.   }
    45. 

  45. 

  46.   location / {
    47. 

  47.     # try_files $uri @rewrite; # For Drupal <= 6
    48. 

  48.     try_files $uri /index.php?$query_string; # For Drupal >= 7
    49. 

  49.   }
    50. 

  50. 

  51.   location @rewrite {
    52. 

  52.     rewrite ^/(.*)$ /index.php?q=$1;
    53. 

  53.   }
    54. 

  54. 

  55.   # Don't allow direct access to PHP files in the vendor directory.
    56. 

  56.   location ~ /vendor/.*\.php$ {
    57. 

  57.     deny all;
    58. 

  58.     return 404;
    59. 

  59.   }
    60. 

  60. 

  61.   location ~ /\.ht {
    62. 

  62.     deny all;
    63. 

  63.   }
    64. 

  64. 

  65.   access_log on;
    66. 

  66.   error_log /var/www/DOMAIN.LTD/log/error.log;
    67. 

  67. 

  68.   sendfile off;
    69. 

  69. 

  70.   client_max_body_size 100m;
    71. 

  71. 

  72.   # In Drupal 8, we must also match new paths where the '.php' appears in
    73. 

  73.   # the middle, such as update.php/selection. The rule we use is strict,
    74. 

  74.   # and only allows this pattern with the update.php front controller.
    75. 

  75.   # This allows legacy path aliases in the form of
    76. 

  76.   # blog/index.php/legacy-path to continue to route to Drupal nodes. If
    77. 

  77.   # you do not have any paths like that, then you might prefer to use a
    78. 

  78.   # laxer rule, such as:
    79. 

  79.   #   location ~ \.php(/|$) {
    80. 

  80.   # The laxer rule will continue to work if Drupal uses this new URL
    81. 

  81.   # pattern with front controllers other than update.php in a future
    82. 

  82.   # release.
    83. 

  83.   location ~ '\.php$|^/update.php' {
    84. 

  84.     # fastcgi_split_path_info ^(.+\.php)(/.+)$;
    85. 

  85.     fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
    86. 

  86.     include fastcgi_params;
    87. 

  87.     # Block httpoxy attacks. See https://httpoxy.org/.
    88. 

  88.     fastcgi_param HTTP_PROXY "";
    89. 

  89.     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    90. 

  90.     fastcgi_param PATH_INFO $fastcgi_path_info;
    91. 

  91.     fastcgi_param QUERY_STRING $query_string;
    92. 

  92.     fastcgi_intercept_errors on;
    93. 

  93.     # fastcgi_buffer_size 16k;
    94. 

  94.     # fastcgi_buffers 4 16k;
    95. 

  95.     fastcgi_pass unix:/run/php/php7.3-fpm.sock;
    96. 

  96.   }
    97. 

  97.   # Fighting with Styles? This little gem is amazing.
    98. 

  98.   # location ~ ^/sites/.*/files/imagecache/ { # For Drupal <= 6
    99. 

  99.   location ~ ^/sites/.*/files/styles/ { # For Drupal >= 7
    100. 

  100.     try_files $uri @rewrite;
    101. 

  101.   }
    102. 

  102. 

  103.   # Handle private files through Drupal. Private file's path can come
    104. 

  104.   # with a language prefix.
    105. 

  105.   location ~ ^(/[a-z\-]+)?/system/files/ { # For Drupal >= 7
    106. 

  106.     try_files $uri /index.php?$query_string;
    107. 

  107.   }
    108. 

  108. 

  109.   location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
    110. 

  110.     try_files $uri @rewrite;
    111. 

  111.     expires max;
    112. 

  112.     log_not_found off;
    113. 

  113.   }
    114. 

  114. 

  115. 

  116.   # website should not be displayed inside a <frame>, an <iframe> or an <object>
    117. 

  117.   add_header X-Frame-Options SAMEORIGIN;
    118. 

  118. }
    119.