Created
June 17, 2025 04:47
-
-
Save afiqiqmal/08bb0956914eaeff102496d4fc9b747f to your computer and use it in GitHub Desktop.
Nginx Configuration for Laravel
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| map $http_upgrade $connection_upgrade { | |
| default upgrade; | |
| '' close; | |
| } | |
| map $http_origin $cors_header { | |
| default ""; | |
| ~*^http://localhost:3000$ $http_origin; | |
| } | |
| server { | |
| listen 443 ssl; | |
| listen [::]:443 ssl; | |
| server_name DOMAIN; | |
| root /var/www/my_app/public; | |
| index index.php; | |
| add_header Access-Control-Allow-Methods 'HEAD, GET, POST, OPTIONS, PUT, DELETE, PATCH'; | |
| add_header X-XSS-Protection "1; mode=block" always; | |
| add_header X-Content-Type-Options nosniff always; | |
| add_header X-Frame-Options "DENY" always; | |
| add_header Permissions-Policy "geolocation=(), camera=(), accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()" always; | |
| add_header Referrer-Policy no-referrer-when-downgrade always; | |
| add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; | |
| add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive" always; | |
| more_set_headers "Server: OctaneOS"; | |
| server_tokens off; | |
| charset utf-8; | |
| client_max_body_size 100M; | |
| location = /favicon.ico { access_log off; log_not_found off; } | |
| location = /robots.txt { access_log off; log_not_found off; } | |
| location /index.php { | |
| try_files /not_exists @octane; | |
| } | |
| location / { | |
| try_files $uri $uri/ @octane; | |
| } | |
| error_page 404 /index.php; | |
| location @octane { | |
| #proxy_set_header X-Forwarded-Proto "HTTPS"; | |
| set $suffix ""; | |
| if ($uri = /index.php) { | |
| set $suffix ?$query_string; | |
| } | |
| proxy_http_version 1.1; | |
| proxy_set_header Host $http_host; | |
| proxy_set_header Scheme $scheme; | |
| proxy_set_header SERVER_PORT $server_port; | |
| proxy_set_header REMOTE_ADDR $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header Upgrade $http_upgrade; | |
| proxy_set_header Connection $connection_upgrade; | |
| proxy_request_buffering off; | |
| proxy_pass http://127.0.0.1:2706$suffix; | |
| } | |
| location ^~ /livewire { | |
| try_files $uri $uri/ @octane; | |
| } | |
| location ~* \.(ico|gif|jpeg|jpg|webp|png|svg|eot|otf|woff|woff2|ttf|ogg|mp4)$ { | |
| add_header 'Access-Control-Allow-Origin' $cors_header always; | |
| add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive" always; | |
| add_header X-Content-Type-Options nosniff always; | |
| add_header Cache-Control "public, max-age=31536000, immutable"; | |
| expires 365d; | |
| access_log off; | |
| log_not_found off; | |
| proxy_pass http://127.0.0.1:2706; | |
| } | |
| location ~* \.(css|js|pdf|html|swf)$ { | |
| add_header 'Access-Control-Allow-Origin' $cors_header always; | |
| add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive" always; | |
| add_header X-Content-Type-Options nosniff always; | |
| add_header Cache-Control "public, max-age=31536000, immutable"; | |
| expires 30d; | |
| access_log off; | |
| log_not_found off; | |
| proxy_pass http://127.0.0.1:2706; | |
| } | |
| location ~ /\.ht { | |
| access_log off; | |
| log_not_found off; | |
| deny all; | |
| } | |
| location ~ /.git/ { | |
| access_log off; | |
| log_not_found off; | |
| deny all; | |
| } | |
| ssl_certificate /etc/nginx/ssl/nginx-b.pem; | |
| ssl_certificate_key /etc/nginx/ssl/key-b.pem; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment