-
Notifications
You must be signed in to change notification settings - Fork 0
/
domain.conf
52 lines (37 loc) · 1.34 KB
/
domain.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
# [NOTE]
# Replaec all domain.top into your own FQDN i.e example.com
#
server {
listen 80;
server_name domain.top www.textbox.top;
return 301 https://www.domain.top$request_uri;
}
server {
listen 443 ssl;
root /srv/web/www.domain.top;
index index.php;
# --------------------------------------------------------------------------
# --------------------------------------------------------------------------
# enables SSLv3/TLSv1, but not SSLv2 which is weak and should no longer be used.
ssl_protocols TLSv1.3;
# disables all weak ciphers
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
## Keep alive timeout set to a greater value for SSL/TLS.
keepalive_timeout 75 75;
access_log off;
error_log /var/log/nginx/www.domain.top.log info;
ssl_certificate /etc/letsencrypt/live/domain.top/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.top/privkey.pem;
ssl_session_timeout 5m;
add_header Strict-Transport-Security "max-age=7200";
# --------------------------------------------------------------------------
# --------------------------------------------------------------------------
server_name www.domain.top;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
}