Created
March 1, 2016 17:42
-
-
Save gld1982ltd/9a292295a5ea35a5a50a to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
server_name example.com; | |
root /var/www/drupal8; ## <-- Your only path reference. | |
location = /favicon.ico { | |
log_not_found off; | |
access_log off; | |
} | |
location = /robots.txt { | |
allow all; | |
log_not_found off; | |
access_log off; | |
} | |
# Very rarely should these ever be accessed outside of your lan | |
location ~* \.(txt|log)$ { | |
allow 192.168.0.0/16; | |
deny all; | |
} | |
location ~ \..*/.*\.php$ { | |
return 403; | |
} | |
location ~ ^/sites/.*/private/ { | |
return 403; | |
} | |
# Allow "Well-Known URIs" as per RFC 5785 | |
location ~* ^/.well-known/ { | |
allow all; | |
} | |
# Block access to "hidden" files and directories whose names begin with a | |
# period. This includes directories used by version control systems such | |
# as Subversion or Git to store control files. | |
location ~ (^|/)\. { | |
return 403; | |
} | |
location / { | |
# try_files $uri @rewrite; # For Drupal <= 6 | |
try_files $uri /index.php?$query_string; # For Drupal >= 7 | |
} | |
location @rewrite { | |
rewrite ^/(.*)$ /index.php?q=$1; | |
} | |
# Don't allow direct access to PHP files in the vendor directory. | |
location ~ /vendor/.*\.php$ { | |
deny all; | |
return 404; | |
} | |
# In Drupal 8, we must also match new paths where the '.php' appears in the middle, | |
# such as update.php/selection. The rule we use is strict, and only allows this pattern | |
# with the update.php front controller. This allows legacy path aliases in the form of | |
# blog/index.php/legacy-path to continue to route to Drupal nodes. If you do not have | |
# any paths like that, then you might prefer to use a laxer rule, such as: | |
# location ~ \.php(/|$) { | |
# The laxer rule will continue to work if Drupal uses this new URL pattern with front | |
# controllers other than update.php in a future release. | |
location ~ '\.php$|^/update.php' { | |
fastcgi_split_path_info ^(.+?\.php)(|/.*)$; | |
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini | |
include fastcgi_params; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
fastcgi_param PATH_INFO $fastcgi_path_info; | |
fastcgi_intercept_errors on; | |
fastcgi_pass unix:/var/run/php5-fpm.sock; | |
} | |
# Fighting with Styles? This little gem is amazing. | |
# location ~ ^/sites/.*/files/imagecache/ { # For Drupal <= 6 | |
location ~ ^/sites/.*/files/styles/ { # For Drupal >= 7 | |
try_files $uri @rewrite; | |
} | |
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { | |
expires max; | |
log_not_found off; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment