tic984 · January 13, 2016 12:13
diff --git a/gistfile1.txt b/gistfile1.txt
 server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;
        root /vagrant/;
        index index.php;
        server_name localhost;
        
        if ( $http_user_agent ~* (nmap|nikto|wikto|sf|sqlmap|bsqlbf|w3af|acunetix|havij|appscan) ) {
            return 403;
        }

        client_max_body_size       20m;
        client_body_buffer_size    128k;
        client_body_temp_path      /var/nginx/client_body_temp;

        location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
            access_log        off;
            log_not_found     off;
            expires           360d;
        }

        location ~ /\. {
            access_log off;
            log_not_found off;
            deny all;
        }

        location / {
            # the index directive checks first for "index.html" because
            # sometimes you need to rename "offline.html" to "index.html"
            # to take the site down during an update
            # if you can, move this to the HTTP level;
            index index.html index.php;

            # accept URI without index.php
            try_files $uri $uri/ /index.php;

            # Remove index.php
            rewrite    ^/index\.php(.*)    $1    permanent;
        }

        # insensitive case on extension of PHP files
        location ~* \.php$ {
            # Zero-day exploit defense.
            # http://forum.nginx.org/read.php?2,88845,page=3
            # Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
            # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine.  And then cross your fingers that you won't get hacked.
            try_files $uri =404;

            expires off;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_split_path_info ^(.+\.php)(.*)$;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param MAGE_RUN_CODE default;
            fastcgi_param MAGE_RUN_TYPE store;
            include fastcgi_params;
        }
 }
	server {
	listen 80 default_server;
	listen [::]:80 default_server ipv6only=on;
	root /vagrant/;
	index index.php;
	server_name localhost;

	if ( $http_user_agent ~* (nmap\|nikto\|wikto\|sf\|sqlmap\|bsqlbf\|w3af\|acunetix\|havij\|appscan) ) {
	return 403;
	}

	client_max_body_size 20m;
	client_body_buffer_size 128k;
	client_body_temp_path /var/nginx/client_body_temp;

	location ~* \.(jpg\|jpeg\|gif\|png\|css\|js\|ico\|xml)$ {
	access_log off;
	log_not_found off;
	expires 360d;
	}

	location ~ /\. {
	access_log off;
	log_not_found off;
	deny all;
	}

	location / {
	# the index directive checks first for "index.html" because
	# sometimes you need to rename "offline.html" to "index.html"
	# to take the site down during an update
	# if you can, move this to the HTTP level;
	index index.html index.php;

	# accept URI without index.php
	try_files $uri $uri/ /index.php;

	# Remove index.php
	rewrite ^/index\.php(.*) $1 permanent;
	}

	# insensitive case on extension of PHP files
	location ~* \.php$ {
	# Zero-day exploit defense.
	# http://forum.nginx.org/read.php?2,88845,page=3
	# Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
	# Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine. And then cross your fingers that you won't get hacked.
	try_files $uri =404;

	expires off;
	fastcgi_pass unix:/var/run/php5-fpm.sock;
	fastcgi_split_path_info ^(.+\.php)(.*)$;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	fastcgi_param MAGE_RUN_CODE default;
	fastcgi_param MAGE_RUN_TYPE store;
	include fastcgi_params;
	}
	}