From 97dedeca18f2550ff6a86a57925149daf1878992 Mon Sep 17 00:00:00 2001 From: Silvino Silva Date: Fri, 13 Mar 2020 19:30:30 +0000 Subject: nginx configuration update --- tools/conf/etc/nginx/sites-enabled/default.conf | 4 +- .../conf/etc/nginx/sites-enabled/shop.c2.ank.conf | 84 --------------------- tools/conf/etc/nginx/sites-enabled/shop.conf | 86 ++++++++++++++++++++++ .../conf/etc/nginx/sites-enabled/task.c2.ank.conf | 21 ------ tools/conf/etc/nginx/sites-enabled/task.conf | 21 ++++++ 5 files changed, 109 insertions(+), 107 deletions(-) delete mode 100644 tools/conf/etc/nginx/sites-enabled/shop.c2.ank.conf create mode 100644 tools/conf/etc/nginx/sites-enabled/shop.conf delete mode 100644 tools/conf/etc/nginx/sites-enabled/task.c2.ank.conf create mode 100644 tools/conf/etc/nginx/sites-enabled/task.conf (limited to 'tools/conf/etc/nginx') diff --git a/tools/conf/etc/nginx/sites-enabled/default.conf b/tools/conf/etc/nginx/sites-enabled/default.conf index 4bf7fa7..f7a6928 100644 --- a/tools/conf/etc/nginx/sites-enabled/default.conf +++ b/tools/conf/etc/nginx/sites-enabled/default.conf @@ -32,9 +32,9 @@ server { #proxy_redirect off; #proxy_set_header Host $http_host; -#proxy_set_header X-Forwarded-Host $http_host; +proxy_set_header X-Forwarded-Host $http_host; #proxy_set_header X-Real-IP $remote_addr; -#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; location /doc { diff --git a/tools/conf/etc/nginx/sites-enabled/shop.c2.ank.conf b/tools/conf/etc/nginx/sites-enabled/shop.c2.ank.conf deleted file mode 100644 index 3a0aea1..0000000 --- a/tools/conf/etc/nginx/sites-enabled/shop.c2.ank.conf +++ /dev/null @@ -1,84 +0,0 @@ -server { - listen 8080; - server_name shop.c2.ank; - - - location ~ ^/shop/admin { - alias /srv/www/shop/upload/admin; - index index.php; - - location ~ ^/shop/admin/config.php { - deny all; - } - - location ~ \.php$ { - include /etc/nginx/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $request_filename$1; - fastcgi_pass 127.0.0.1:9000; - } - } - - location ^~ /shop { - alias /srv/www/shop/upload; - index index.php; - #try_files $uri $uri/ index.php$is_args$args; - #try_files index.php @opencart; - - location ~ ^/shop/upload/image/data { - autoindex on; - } - - location ~ ^/shop/config.php { - deny all; - } - - - location ~ ^/shop/admin/config.php { - deny all; - } - -# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). -# - location ~ ^/shop/\. { - deny all; - access_log off; - log_not_found off; - } - location ~ ^/shop/\.(jpg|jpeg|png|gif|css|js|ico)$ { - expires max; - log_not_found off; - } - - location ~ \.php$ { - include /etc/nginx/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $request_filename$1; - fastcgi_pass 127.0.0.1:9000; - #fastcgi_split_path_info ^(.+\.php)(/.+)$; - #fastcgi_split_path_info ^(.+\.php)(.*)$; - #fastcgi_index index.php; - #try_files $uri /index.php =404; - # fastcgi_pass unix:/var/run/php5-fpm.sock; - } - - } - - -location @tribushop { - rewrite ^/shop/(.+)$ /shop/index.php?_route_=$1 last; - } - - location /shop/engine { - deny all; - } - - location ~ ^/shop/library { - deny all; - } - - # Make sure files with the following extensions do not - # get loaded by nginx because nginx would display the - # source code, and these files can contain PASSWORDS! - location ~ ^/shop/\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|.*ini|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ { - deny all; - } -} diff --git a/tools/conf/etc/nginx/sites-enabled/shop.conf b/tools/conf/etc/nginx/sites-enabled/shop.conf new file mode 100644 index 0000000..de34e40 --- /dev/null +++ b/tools/conf/etc/nginx/sites-enabled/shop.conf @@ -0,0 +1,86 @@ +server { + listen 8080; + server_name shop.server.ank; + + access_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_shop,nohostname main; + error_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_shop_err,nohostname debug; + + location ~ ^/shop/admin { + alias /srv/www/shop/upload/admin; + index index.php; + + location ~ ^/shop/admin/config.php { + deny all; + } + + location ~ \.php$ { + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename$1; + fastcgi_pass 127.0.0.1:9000; + } + } + + location ^~ /shop { + alias /srv/www/shop/upload; + index index.php; + #try_files $uri $uri/ index.php$is_args$args; + #try_files index.php @opencart; + + location ~ ^/shop/upload/image/data { + autoindex on; + } + + location ~ ^/shop/config.php { + deny all; + } + + + location ~ ^/shop/admin/config.php { + deny all; + } + +# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). +# + location ~ ^/shop/\. { + deny all; + access_log off; + log_not_found off; + } + location ~ ^/shop/\.(jpg|jpeg|png|gif|css|js|ico)$ { + expires max; + log_not_found off; + } + + location ~ \.php$ { + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename$1; + fastcgi_pass 127.0.0.1:9000; + #fastcgi_split_path_info ^(.+\.php)(/.+)$; + #fastcgi_split_path_info ^(.+\.php)(.*)$; + #fastcgi_index index.php; + #try_files $uri /index.php =404; + # fastcgi_pass unix:/var/run/php5-fpm.sock; + } + + } + + + location @tribushop { + rewrite ^/shop/(.+)$ /shop/index.php?_route_=$1 last; + } + + location /shop/engine { + deny all; + } + + location ~ ^/shop/library { + deny all; + } + + # Make sure files with the following extensions do not + # get loaded by nginx because nginx would display the + # source code, and these files can contain PASSWORDS! + location ~ ^/shop/\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|.*ini|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ { + deny all; + } +} diff --git a/tools/conf/etc/nginx/sites-enabled/task.c2.ank.conf b/tools/conf/etc/nginx/sites-enabled/task.c2.ank.conf deleted file mode 100644 index 2d62e96..0000000 --- a/tools/conf/etc/nginx/sites-enabled/task.c2.ank.conf +++ /dev/null @@ -1,21 +0,0 @@ -server { - listen 8080; - server_name task.c2.ank; - - location /task { - index index.php; - alias /srv/www/task; - try_files $uri $uri/ index.php$is_args$args; - } - - location ~ ^/task(.+\.php)$ { ### This location block was the solution - alias /srv/www/task; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_index index.php; - try_files $uri /index.php =404; - include /etc/nginx/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$1; -# fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_pass 127.0.0.1:9000; - } -} diff --git a/tools/conf/etc/nginx/sites-enabled/task.conf b/tools/conf/etc/nginx/sites-enabled/task.conf new file mode 100644 index 0000000..8b15ee5 --- /dev/null +++ b/tools/conf/etc/nginx/sites-enabled/task.conf @@ -0,0 +1,21 @@ +server { + listen 8080; + server_name task.server.ank; + + location /task { + index index.php; + alias /srv/www/task; + try_files $uri $uri/ index.php$is_args$args; + } + + location ~ ^/task(.+\.php)$ { ### This location block was the solution + alias /srv/www/task; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_index index.php; + try_files $uri /index.php =404; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$1; +# fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_pass 127.0.0.1:9000; + } +} -- cgit 1.4.1-2-gfad0