wcypierre · December 20, 2015 14:28
diff --git a/default b/default
 # /etc/nginx/sites-available/default
 # You may add here your
 # server {
 #	...
 # }
 # statements for each of your virtual hosts to this file

 ##
 # You should look at the following URL's in order to grasp a solid understanding
 # of Nginx configuration files in order to fully unleash the power of Nginx.
 # http://wiki.nginx.org/Pitfalls
 # http://wiki.nginx.org/QuickStart
 # http://wiki.nginx.org/Configuration
 #
 # Generally, you will want to move this file somewhere, and start with a clean
 # file but keep this around for reference. Or just disable in sites-enabled.
 #
 # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
 ##

 server {
    listen         80;
    return 301 https://$host$request_uri;
 }

 server {
 	listen   8000 ssl default_server; ## listen for ipv4; this line is default and implied
 	listen   [::]:8000 ipv6only=on; ## listen for ipv6

 	root /usr/share/nginx/www/ajaxplorer;
 	index index.php index.html index.htm;

 	ssl_session_cache   shared:SSL:10m;
 	ssl_session_timeout 120m;

 	ssl on;
 	ssl_certificate /etc/nginx/ssl/server.crt;
    ssl_certificate_key /etc/nginx/ssl/server.key; 
    ssl_protocols       SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA:!PSK:!SRP;
    ssl_prefer_server_ciphers   on;

    keepalive_timeout   70;

 	# Make site accessible from all
 	server_name fm.shellme.net;

 	location /
 	{
        try_files $uri $uri/ /index.php;

 		if (!-f $request_filename){
 			set $rule_0 1$rule_0;
 		}
 	
 		if (!-d $request_filename){
 			set $rule_0 2$rule_0;
 		}
 	
 		if ($rule_0 = "21"){
 			rewrite ^/shares /./dav.php last;
 		}
 		rewrite ^/api /./rest.php last;
 	}

 	location /data
 	{
 		deny all;
 	}
 	
 	# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
 	#location /RequestDenied {
 	#	proxy_pass http://127.0.0.1:8080;    
 	#}

 	error_page 404 /404.html;

 	# redirect server error pages to the static page /50x.html
 	
 	error_page 500 502 503 504 /50x.html;
 	location = /50x.html {
 		root /usr/share/nginx/www;
 	}

 	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
 	
 	location ~ \.php$ {
 		try_files $uri = 404;
 		fastcgi_split_path_info ^(.+\.php)(/.+)$;
 		# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
 	#
 	#	# With php5-cgi alone:
 	#	fastcgi_pass 127.0.0.1:9000;
 		# With php5-fpm:
 		fastcgi_pass unix:/var/run/php5-fpm.sock;
 		fastcgi_index index.php;
 		include fastcgi_params;
 	}

 	# deny access to .htaccess files, if Apache's document root
 	# concurs with nginx's one
 	
 	location ~ /\.ht {
 		deny all;
 	}

        include drop.conf;
        include php.conf;
 }


 # another virtual host using mix of IP-, name-, and port-based configuration
 #
 #server {
 #	listen 8000;
 #	listen somename:8080;
 #	server_name somename alias another.alias;
 #	root html;
 #	index index.html index.htm;
 #
 #	location / {
 #		try_files $uri $uri/ =404;
 #	}
 #}


 # HTTPS server
 #
 #server {
 #	listen 443;
 #	server_name localhost;
 #
 #	root html;
 #	index index.html index.htm;
 #
 #	ssl on;
 #	ssl_certificate cert.pem;
 #	ssl_certificate_key cert.key;
 #
 #	ssl_session_timeout 5m;
 #
 #	ssl_protocols SSLv3 TLSv1;
 #	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
 #	ssl_prefer_server_ciphers on;
 #
 #	location / {
 #		try_files $uri $uri/ =404;
 #	}
 #}
	# /etc/nginx/sites-available/default
	# You may add here your
	# server {
	# ...
	# }
	# statements for each of your virtual hosts to this file

	##
	# You should look at the following URL's in order to grasp a solid understanding
	# of Nginx configuration files in order to fully unleash the power of Nginx.
	# http://wiki.nginx.org/Pitfalls
	# http://wiki.nginx.org/QuickStart
	# http://wiki.nginx.org/Configuration
	#
	# Generally, you will want to move this file somewhere, and start with a clean
	# file but keep this around for reference. Or just disable in sites-enabled.
	#
	# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
	##

	server {
	listen 80;
	return 301 https://$host$request_uri;
	}

	server {
	listen 8000 ssl default_server; ## listen for ipv4; this line is default and implied
	listen [::]:8000 ipv6only=on; ## listen for ipv6

	root /usr/share/nginx/www/ajaxplorer;
	index index.php index.html index.htm;

	ssl_session_cache shared:SSL:10m;
	ssl_session_timeout 120m;

	ssl on;
	ssl_certificate /etc/nginx/ssl/server.crt;
	ssl_certificate_key /etc/nginx/ssl/server.key;
	ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA:!PSK:!SRP;
	ssl_prefer_server_ciphers on;

	keepalive_timeout 70;

	# Make site accessible from all
	server_name fm.shellme.net;

	location /
	{
	try_files $uri $uri/ /index.php;

	if (!-f $request_filename){
	set $rule_0 1$rule_0;
	}

	if (!-d $request_filename){
	set $rule_0 2$rule_0;
	}

	if ($rule_0 = "21"){
	rewrite ^/shares /./dav.php last;
	}
	rewrite ^/api /./rest.php last;
	}

	location /data
	{
	deny all;
	}

	# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
	#location /RequestDenied {
	# proxy_pass http://127.0.0.1:8080;
	#}

	error_page 404 /404.html;

	# redirect server error pages to the static page /50x.html

	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	root /usr/share/nginx/www;
	}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

	location ~ \.php$ {
	try_files $uri = 404;
	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
	#
	# # With php5-cgi alone:
	# fastcgi_pass 127.0.0.1:9000;
	# With php5-fpm:
	fastcgi_pass unix:/var/run/php5-fpm.sock;
	fastcgi_index index.php;
	include fastcgi_params;
	}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one

	location ~ /\.ht {
	deny all;
	}

	include drop.conf;
	include php.conf;
	}


	# another virtual host using mix of IP-, name-, and port-based configuration
	#
	#server {
	# listen 8000;
	# listen somename:8080;
	# server_name somename alias another.alias;
	# root html;
	# index index.html index.htm;
	#
	# location / {
	# try_files $uri $uri/ =404;
	# }
	#}


	# HTTPS server
	#
	#server {
	# listen 443;
	# server_name localhost;
	#
	# root html;
	# index index.html index.htm;
	#
	# ssl on;
	# ssl_certificate cert.pem;
	# ssl_certificate_key cert.key;
	#
	# ssl_session_timeout 5m;
	#
	# ssl_protocols SSLv3 TLSv1;
	# ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
	# ssl_prefer_server_ciphers on;
	#
	# location / {
	# try_files $uri $uri/ =404;
	# }
	#}