krasnuydyx · November 22, 2017 13:59
diff --git a/nginx.conf b/nginx.conf
 user nginx nginx;
 worker_processes auto;
 worker_rlimit_nofile 8192;
 events {
  worker_connections 8000;
 }
 error_log  /var/log/nginx/error.log warn;
 pid        /var/run/nginx.pid;

 http {
  server_tokens off;
  port_in_redirect off;
  autoindex off;
  set_real_ip_from 127.0.0.1;
  real_ip_header X-Forwarded-For;
  map $http_x_forwarded_proto $fastcgi_https {
    default $https;
    http '';
    https on;
  }

 # Define the MIME types for files.
  include       mime.types;
  default_type  application/octet-stream;
  charset_types text/css text/plain text/vnd.wap.wml application/javascript application/json application/rss+xml application/xml;
  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';
  access_log /var/log/nginx/access.log main;
  sendfile        on;
  tcp_nopush      on;
  client_max_body_size 32m;


 # Compression
  gzip on;
  gzip_comp_level    5;
  gzip_min_length    256;
  gzip_proxied       any;
  gzip_vary          on;
  gzip_types
    application/atom+xml
    application/javascript
    application/json
    application/ld+json
    application/manifest+json
    application/rss+xml
    application/vnd.geo+json
    application/vnd.ms-fontobject
    application/x-font-ttf
    application/x-web-app-manifest+json
    application/xhtml+xml
    application/xml
    font/opentype
    image/bmp
    image/svg+xml
    image/x-icon
    text/cache-manifest
    text/css
    text/plain
    text/vcard
    text/vnd.rim.location.xloc
    text/vtt
    text/x-component
    text/x-cross-domain-policy;
  include /etc/nginx/site-enabled/*.conf;
 }
diff --git a/vhost.conf b/vhost.conf
 # Deny specific hosts
    include blacklist;
 server {
    listen       8080;
    server_name site_name;
    root /var/www/site;
    index index.php;
 # Allow specific hosts
    #include whitelist;
    add_header Node web1;
    add_header 'Access-Control-Allow-Origin' '*';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
    add_header 'Access-Control-Expose-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
    access_log  /var/log/nginx/site.access.log main;
    error_log   /var/log/nginx/site.error.log warn;
 #Deny specific crawlers
    include crawler;
    rewrite \/(\w+-\w+|int)\/google2e87d54d02e04993\.html https://site/google2e87d234e04913.html permanent;
    rewrite \/(\w+-\w+|int)\/google761e9b5e950adbe7\.html https://site/google761e9b5e2345f7.html permanent;
    rewrite \/(\w+-\w+|int)\/googleecc5ae89131a267d\.html https://site/googleecc2349131a227d.html permanent;
    location / {
        try_files $uri $uri/ /index.php?$args;
    }
    location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
        rewrite ^(.*.php)/ $1 last;
    }
 # Secure Magento folders
    include magento_safety;
 # Secure hidden files
    location  /. {
        return 404;
    }
 # Override h5bp/location/expires.conf to prevent .html and so location to end in 404
    location ~* \.(?:html|xml|json)$ {
        expires -1;
        try_files $uri $uri/ /index.php?$args;
    }
 ## Execute PHP scripts
    location ~ \.php$ {
        if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
        fastcgi_param MAGE_RUN_TYPE store;
        fastcgi_param MAGE_RUN_CODE uk-en;
        fastcgi_connect_timeout 28800;
        fastcgi_read_timeout 28800;
        fastcgi_send_timeout 28800;
        fastcgi_buffer_size 32k;
        fastcgi_buffers 512 16k;
        fastcgi_busy_buffers_size 32k;
        fastcgi_temp_file_write_size 256k;
        fastcgi_pass fpm_frontend;
        fastcgi_keep_conn off;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include /etc/nginx/fastcgi_params;
    }
    # Include the basic h5bp config set
    include h5bp/basic.conf;
 }
	user nginx nginx;
	worker_processes auto;
	worker_rlimit_nofile 8192;
	events {
	worker_connections 8000;
	}
	error_log /var/log/nginx/error.log warn;
	pid /var/run/nginx.pid;

	http {
	server_tokens off;
	port_in_redirect off;
	autoindex off;
	set_real_ip_from 127.0.0.1;
	real_ip_header X-Forwarded-For;
	map $http_x_forwarded_proto $fastcgi_https {
	default $https;
	http '';
	https on;
	}

	# Define the MIME types for files.
	include mime.types;
	default_type application/octet-stream;
	charset_types text/css text/plain text/vnd.wap.wml application/javascript application/json application/rss+xml application/xml;
	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_x_forwarded_for"';
	access_log /var/log/nginx/access.log main;
	sendfile on;
	tcp_nopush on;
	client_max_body_size 32m;


	# Compression
	gzip on;
	gzip_comp_level 5;
	gzip_min_length 256;
	gzip_proxied any;
	gzip_vary on;
	gzip_types
	application/atom+xml
	application/javascript
	application/json
	application/ld+json
	application/manifest+json
	application/rss+xml
	application/vnd.geo+json
	application/vnd.ms-fontobject
	application/x-font-ttf
	application/x-web-app-manifest+json
	application/xhtml+xml
	application/xml
	font/opentype
	image/bmp
	image/svg+xml
	image/x-icon
	text/cache-manifest
	text/css
	text/plain
	text/vcard
	text/vnd.rim.location.xloc
	text/vtt
	text/x-component
	text/x-cross-domain-policy;
	include /etc/nginx/site-enabled/*.conf;
	}
	# Deny specific hosts
	include blacklist;
	server {
	listen 8080;
	server_name site_name;
	root /var/www/site;
	index index.php;
	# Allow specific hosts
	#include whitelist;
	add_header Node web1;
	add_header 'Access-Control-Allow-Origin' '*';
	add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
	add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
	add_header 'Access-Control-Expose-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
	access_log /var/log/nginx/site.access.log main;
	error_log /var/log/nginx/site.error.log warn;
	#Deny specific crawlers
	include crawler;
	rewrite \/(\w+-\w+\|int)\/google2e87d54d02e04993\.html https://site/google2e87d234e04913.html permanent;
	rewrite \/(\w+-\w+\|int)\/google761e9b5e950adbe7\.html https://site/google761e9b5e2345f7.html permanent;
	rewrite \/(\w+-\w+\|int)\/googleecc5ae89131a267d\.html https://site/googleecc2349131a227d.html permanent;
	location / {
	try_files $uri $uri/ /index.php?$args;
	}
	location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
	rewrite ^(.*.php)/ $1 last;
	}
	# Secure Magento folders
	include magento_safety;
	# Secure hidden files
	location /. {
	return 404;
	}
	# Override h5bp/location/expires.conf to prevent .html and so location to end in 404
	location ~* \.(?:html\|xml\|json)$ {
	expires -1;
	try_files $uri $uri/ /index.php?$args;
	}
	## Execute PHP scripts
	location ~ \.php$ {
	if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
	fastcgi_param MAGE_RUN_TYPE store;
	fastcgi_param MAGE_RUN_CODE uk-en;
	fastcgi_connect_timeout 28800;
	fastcgi_read_timeout 28800;
	fastcgi_send_timeout 28800;
	fastcgi_buffer_size 32k;
	fastcgi_buffers 512 16k;
	fastcgi_busy_buffers_size 32k;
	fastcgi_temp_file_write_size 256k;
	fastcgi_pass fpm_frontend;
	fastcgi_keep_conn off;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	include /etc/nginx/fastcgi_params;
	}
	# Include the basic h5bp config set
	include h5bp/basic.conf;
	}