docker run -t -d -p 127.0.0.1:9980:9980 -e "domain=yourdomain\\.tld" \
-e "username=admin" -e "password=admin" --restart always --cap-add MKNOD collabora/code
VirtuBox
/ collabora-code.md
Created
July 19, 2017 16:54
Collabora online for NextCloud with Docker and Nginx
VirtuBox
/ additionals.conf
Created
July 17, 2017 09:22
WordPress Additionals directives for Nginx only with Plesk onyx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if (!-e $request_filename){ | |
| rewrite ^(.*)$ /index.php break; | |
| } | |
| # Media: images, icons, video, audio, HTC | |
| #location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ { | |
| # expires 1M; | |
| # access_log off; | |
| # log_not_found off; | |
| # add_header Pragma public; |
VirtuBox
/ etc-udev.sh
Created
June 28, 2017 15:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cd /etc/udev/rules.drm 70-persistent-net.rules | |
| sed -i '/HWADDR*/d' /etc/sysconfig/network-scripts/ifcfg-eth0 | |
| sed -i '/UUID*/d' /etc/sysconfig/network-scripts/ifcfg-eth0 |
VirtuBox
/ ufw-rules.sh
Last active
June 27, 2017 15:14
UFW Firewall - Basic configuration and examples
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## to identify what services are running on your server use | |
| netstat -tulpn | |
| ## enable logging | |
| ufw logging on | |
| ## Use the default rules to allow outgoing traffic and to deny all incoming traffic. | |
| ufw default allow outgoing | |
| ufw default deny incoming |
VirtuBox
/ yourdomain-forcessl.conf
Last active
June 27, 2017 13:59
Redirect http to https with nginx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| listen [::]:80; | |
| server_name yourdomain.tld www.yourdomain.tld; | |
| return 301 https://yourdomain.tld$request_uri; | |
| } | |
VirtuBox
/ modern-ssl.conf
Last active
June 23, 2017 21:11
Modern SSL/TLS configuration for Nginx with TLS1.2 & strong DIFFIE-HELLMAN key exchange parameters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # modern configuration. tweak to your needs. | |
| ssl_protocols TLSv1.2; | |
| ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; | |
| ssl_prefer_server_ciphers on; | |
| ssl_dhparam /etc/nginx/ssl/dh4096.pem; | |
| # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months) | |
| add_header Strict-Transport-Security max-age=15768000; | |
| # Extra security headers |
VirtuBox
/ protect.conf
Created
June 23, 2017 20:54
Nginx Configuration to block SQL Injection and similar attacks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| location ~* "(eval\()" { deny all; } | |
| location ~* "(127\.0\.0\.1)" { deny all; } | |
| location ~* "([a-z0-9]{2000})" { deny all; } | |
| location ~* "(javascript\:)(.*)(\;)" { deny all; } | |
| location ~* "(base64_encode)(.*)(\()" { deny all; } | |
| location ~* "(GLOBALS|REQUEST)(=|\[|%)" { deny all; } | |
| location ~* "(<|%3C).*script.*(>|%3)" { deny all; } | |
| location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" { deny all; } | |
| location ~* "(boot\.ini|etc/passwd|self/environ)" { deny all; } | |
| location ~* "(thumbs?(_editor|open)?|tim(thumb)?)\.php" { deny all; } |
VirtuBox
/ docker-vm-list.md
Last active
June 23, 2017 13:11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //remove queries from static assets | |
| function _remove_script_version( $src ){ | |
| $parts = explode( '?ver', $src ); | |
| return $parts[0]; | |
| } | |
| add_filter( 'script_loader_src', '_remove_script_version', 15, 1 ); | |
| add_filter( 'style_loader_src', '_remove_script_version', 15, 1 ); |
VirtuBox
/ gzip-cache.conf
Created
June 13, 2017 22:11
Enable Gzip compression and allow browser cache for static files
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Enable Gzip compression | |
| gzip on; | |
| gzip_disable "msie6"; | |
| gzip_vary on; | |
| gzip_proxied any; | |
| gzip_comp_level 6; | |
| gzip_buffers 16 8k; | |
| gzip_http_version 1.1; | |
| gzip_types | |
| application/atom+xml |