From a947a31ede27fdf995e0a63e766fcd68eb491426 Mon Sep 17 00:00:00 2001
From: Silvino Silva <silvino@bk.ru>
Date: Fri, 7 Feb 2020 03:41:45 +0000
Subject: System configuration update

---
 .../conf/etc/nginx/sites-enabled/shop.c2.ank.conf  | 84 ++++++++++++++++++++++
 1 file changed, 84 insertions(+)
 create mode 100644 tools/conf/etc/nginx/sites-enabled/shop.c2.ank.conf

(limited to 'tools/conf/etc/nginx/sites-enabled/shop.c2.ank.conf')

diff --git a/tools/conf/etc/nginx/sites-enabled/shop.c2.ank.conf b/tools/conf/etc/nginx/sites-enabled/shop.c2.ank.conf
new file mode 100644
index 0000000..3a0aea1
--- /dev/null
+++ b/tools/conf/etc/nginx/sites-enabled/shop.c2.ank.conf
@@ -0,0 +1,84 @@
+server {
+    listen 8080;
+    server_name shop.c2.ank;
+
+
+    location ~ ^/shop/admin {
+        alias /srv/www/shop/upload/admin;
+        index index.php;
+
+        location ~ ^/shop/admin/config.php {
+            deny all;
+        }
+
+        location ~ \.php$ {
+            include /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $request_filename$1;
+            fastcgi_pass 127.0.0.1:9000;
+        }
+    }
+
+    location ^~ /shop {
+        alias /srv/www/shop/upload;
+        index index.php;
+        #try_files $uri $uri/ index.php$is_args$args;
+        #try_files index.php @opencart;
+
+        location ~ ^/shop/upload/image/data {
+            autoindex on;
+        }
+
+        location ~ ^/shop/config.php {
+            deny all;
+        }
+
+
+        location ~ ^/shop/admin/config.php {
+            deny all;
+        }
+
+# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
+#
+        location ~ ^/shop/\. {
+            deny all;
+            access_log off;
+            log_not_found off;
+        }
+        location ~ ^/shop/\.(jpg|jpeg|png|gif|css|js|ico)$ {
+            expires max;
+            log_not_found off;
+        }
+
+        location ~  \.php$ {
+            include /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $request_filename$1;
+            fastcgi_pass 127.0.0.1:9000;
+            #fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            #fastcgi_split_path_info ^(.+\.php)(.*)$;
+            #fastcgi_index index.php;
+            #try_files $uri /index.php =404;
+    # fastcgi_pass unix:/var/run/php5-fpm.sock;
+        }
+
+    }
+   
+
+location @tribushop {
+        rewrite ^/shop/(.+)$ /shop/index.php?_route_=$1 last;
+    }
+
+    location /shop/engine {
+        deny all;
+    }
+
+    location ~ ^/shop/library {
+        deny all;
+    }
+
+    # Make sure files with the following extensions do not
+    # get loaded by nginx because nginx would display the
+    # source code, and these files can contain PASSWORDS!
+    location ~ ^/shop/\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|.*ini|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ {
+            deny all;
+    }
+}
-- 
cgit 1.4.1-2-gfad0