DoZator · May 31, 2024 10:40
diff --git a/README.md b/README.md
diff --git a/service.conf b/service.conf
 server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    return 301 https://example.com$request_uri;
 }

 server {
  listen 443 ssl default_server;
  listen [::]:443 ssl default_server;
  http2 on;
  
  server_name example.com www.example.com;

  client_body_buffer_size 256K;
  client_header_buffer_size 256K;
  client_max_body_size 2m;
  large_client_header_buffers 2 256K;

  gzip on;
  gzip_disable "msie6";
  gzip_vary on;
  gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;

  keepalive_timeout 60;

  server_tokens off;

  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
  ssl_prefer_server_ciphers on;
  ssl_session_cache shared:SSL:10m;
  ssl_session_timeout 1d;
  ssl_session_tickets off;
  ssl_dhparam /etc/ssl/dhparam.pem;
  ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

  add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains' always;

  root /home/ubuntu/site;
  index index.html;

  location / {
    add_header X-Frame-Options SAMEORIGIN;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block";
  
    try_files $uri $uri/ /index.html =404;
  }

  location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
    expires 1M;
    access_log off;
    add_header Cache-Control "public";
  }

  location ~* \.(?:css|js)$ {
    try_files $uri =404;
    expires 1y;
    access_log off;
    add_header Cache-Control "public";
  }

  location ~ ^.+\..+$ {
    try_files $uri =404;
  }

  access_log /var/log/nginx/example.access.log;
  error_log /var/log/nginx/example.error.log;
 }
	server {
	listen 80;
	listen [::]:80;
	server_name example.com www.example.com;
	return 301 https://example.com$request_uri;
	}

	server {
	listen 443 ssl default_server;
	listen [::]:443 ssl default_server;
	http2 on;

	server_name example.com www.example.com;

	client_body_buffer_size 256K;
	client_header_buffer_size 256K;
	client_max_body_size 2m;
	large_client_header_buffers 2 256K;

	gzip on;
	gzip_disable "msie6";
	gzip_vary on;
	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;

	keepalive_timeout 60;

	server_tokens off;

	ssl_protocols TLSv1.2 TLSv1.3;
	ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
	ssl_prefer_server_ciphers on;
	ssl_session_cache shared:SSL:10m;
	ssl_session_timeout 1d;
	ssl_session_tickets off;
	ssl_dhparam /etc/ssl/dhparam.pem;
	ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

	add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains' always;

	root /home/ubuntu/site;
	index index.html;

	location / {
	add_header X-Frame-Options SAMEORIGIN;
	add_header X-Content-Type-Options "nosniff" always;
	add_header X-XSS-Protection "1; mode=block";

	try_files $uri $uri/ /index.html =404;
	}

	location ~* \.(?:jpg\|jpeg\|gif\|png\|ico\|cur\|gz\|svg\|svgz\|mp4\|ogg\|ogv\|webm\|htc)$ {
	expires 1M;
	access_log off;
	add_header Cache-Control "public";
	}

	location ~* \.(?:css\|js)$ {
	try_files $uri =404;
	expires 1y;
	access_log off;
	add_header Cache-Control "public";
	}

	location ~ ^.+\..+$ {
	try_files $uri =404;
	}

	access_log /var/log/nginx/example.access.log;
	error_log /var/log/nginx/example.error.log;
	}
No results found