Created
December 23, 2016 15:37
-
-
Save voduytuan/4b5e572934e59cbbd013a188c92c588f to your computer and use it in GitHub Desktop.
Nginx vhost configuration with forward ip (behide proxy such as haproxy) and hide sensitive data
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| log_format mainproxy '$http_x_forwarded_for - $remote_user [$time_local] ' '"$temp" $status $body_bytes_sent "$http_referer" ' '"$http_user_agent"' ; | |
| server { | |
| listen 80; | |
| root /var/www/src; | |
| index index.html index.htm index.php; | |
| # Make site accessible from http://set-ip-address.xip.io | |
| server_name localhost; | |
| access_log /var/log/nginx/localhost.com-access.log; | |
| error_log /var/log/nginx/localhost.com-error.log error; | |
| charset utf-8; | |
| #disable checking of client request body size | |
| client_max_body_size 0; | |
| location / { | |
| try_files $uri /index.php?$query_string; | |
| } | |
| location = /favicon.ico { log_not_found off; access_log off; } | |
| location = /robots.txt { access_log off; log_not_found off; } | |
| error_page 404 /index.php; | |
| # pass the PHP scripts to php5-fpm | |
| # Note: \.php$ is susceptible to file upload attacks | |
| # Consider using: "location ~ ^/(index|app|app_dev|config)\.php(/|$) {" | |
| location ~ \.php$ { | |
| set $temp $request; | |
| if ($temp ~ (.*)accesstoken=[^&]*(.*)) { | |
| set $temp $1accesstoken=*$2; | |
| } | |
| access_log /var/log/nginx/localhost.com-access.log mainproxy; | |
| # With php5-fpm: | |
| fastcgi_pass unix:/var/run/php5-fpm.sock; | |
| fastcgi_index index.php; | |
| include fastcgi_params; | |
| include fastcgi.conf; | |
| fastcgi_read_timeout 3600; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment