30 lines
1,005 B
Text
30 lines
1,005 B
Text
server {
|
|
listen 443 ssl;
|
|
server_name REPLACEME.TLD;
|
|
root /srv/http/REPLACEME.TLD/public;
|
|
|
|
ssl_certificate /etc/letsencrypt/live/REPLACEME.TLD/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/REPLACEME.TLD/privkey.pem;
|
|
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
|
ssl_session_cache shared:SSL:10m;
|
|
ssl_session_timeout 5m;
|
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
index index.php index.html;
|
|
charset utf-8;
|
|
|
|
location / { try_files $uri $uri/ /index.php?$query_string; }
|
|
|
|
location ~ \.php$ {
|
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
|
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
|
|
fastcgi_index index.php;
|
|
include fastcgi.conf;
|
|
}
|
|
|
|
location = /favicon.ico { access_log off; log_not_found off; }
|
|
location = /robots.txt { access_log off; log_not_found off; }
|
|
location ~ /\.ht { deny all; }
|
|
}
|