Redirect all to https:
server {
listen 80;
server_name myserver.com;
return 301 https://$server_name$request_uri;
}
Nginx SSL configuration:
server {
listen 443 ssl;
server_name myserver.com;
ssl_certificate /etc/ssl_keys/fullchain.pem;
ssl_certificate_key /etc/ssl_keys/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
}
Nginx PHP in subdirectory configuration:
location /site {
index index.php;
location ~ \.php(?:$|/) {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $request_filename; # this should not be needed but it is?!
}
try_files $uri $uri/ /site/index.php?$args;
}
server {
index index.html index.htm index.php;
# just for allowing symlinks
disable_symlinks off;
# set a higher limit for allowing to upload large files
client_max_body_size 50m;
# a nested location block with php hosted in a separate root
location /agendav {
index index.html index.htm index.php;
# root /usr/share/webapps/agendav/web/public;
alias /usr/share/webapps/agendav/web/public;
location ~ /agendav(.*\.php)(?:$|/) {
include fastcgi_params;
set $fastcgi_script_name_ $document_root$1;
set $fastcgi_path_info_ $2;
fastcgi_param SCRIPT_FILENAME $fastcgi_script_name_;
fastcgi_param PATH_INFO $fastcgi_path_info_;
# add_header "Content-Type" "text/plain";
# return 200 "$fastcgi_script_name_";
fastcgi_pass 127.0.0.1:9000;
fastcgi_intercept_errors on;
}
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
#add_header "Content-Type" "text/plain";
#return 200 $document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
fastcgi_intercept_errors on;
}
}
Nginx Web Socket proxy_pass on subfolder:
server {
location /test {
#remove the starting /test
rewrite /test/(.*) /$1 break;
# this 3 lines below allow for Web Socket connections!
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_redirect off;
proxy_set_header Host $host;
proxy_pass http://localhost:3001/;
}
}
Nginx debugging configuration or displaying variables:
server {
location ~ \.php$ {
include fastcgi.conf;
add_header Content-Type text/plain;
return 200 $document_root$fastcgi_script_name;
}
}
server {
server_name domain.tld www.domain.tld;
root /var/www/wallabag/web;
location / {
# try to serve file directly, fallback to app.php
try_files $uri /app.php$is_args$args;
}
location ~ ^/app\.php(/|$) {
# if, for some reason, you are still using PHP 5,
# then replace /run/php/php7.0 by /var/run/php5
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/app.php/some-path
# Remove the internal directive to allow URIs like this
internal;
}
# return 404 for all other php files not matching the front controller
# this prevents access to other php files you don't want to be accessible.
location ~ \.php$ {
return 404;
}
error_log /var/log/nginx/wallabag_error.log;
access_log /var/log/nginx/wallabag_access.log;
}22700cookie-checkNginx configuration examples