|
@@ -4,174 +4,6 @@ upstream fastcgi_backend {
|
|
|
|
|
|
server {
|
|
|
listen 8000;
|
|
|
- server_name localhost;
|
|
|
-
|
|
|
set $MAGE_ROOT /var/www/html;
|
|
|
- set $MAGE_MODE developer;
|
|
|
-
|
|
|
- root $MAGE_ROOT/pub;
|
|
|
-
|
|
|
- index index.php;
|
|
|
- autoindex off;
|
|
|
- charset off;
|
|
|
-
|
|
|
- add_header 'X-Content-Type-Options' 'nosniff';
|
|
|
-
|
|
|
- location /setup {
|
|
|
- root $MAGE_ROOT;
|
|
|
-
|
|
|
- location ~ ^/setup/index.php {
|
|
|
- fastcgi_pass fastcgi_backend;
|
|
|
- fastcgi_index index.php;
|
|
|
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
|
- include fastcgi_params;
|
|
|
- }
|
|
|
-
|
|
|
- location ~ ^/setup/(?!pub/). {
|
|
|
- deny all;
|
|
|
- }
|
|
|
-
|
|
|
- location ~ ^/setup/pub/ {
|
|
|
- add_header X-Frame-Options "SAMEORIGIN";
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- location /update {
|
|
|
- root $MAGE_ROOT;
|
|
|
-
|
|
|
- location ~ ^/update/index.php {
|
|
|
- fastcgi_split_path_info ^(/update/index.php)(/.+)$;
|
|
|
- fastcgi_pass fastcgi_backend;
|
|
|
- fastcgi_index index.php;
|
|
|
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
|
- fastcgi_param PATH_INFO $fastcgi_path_info;
|
|
|
- include fastcgi_params;
|
|
|
- }
|
|
|
-
|
|
|
- # deny everything but index.php
|
|
|
- location ~ ^/update/(?!pub/). {
|
|
|
- deny all;
|
|
|
- }
|
|
|
-
|
|
|
- location ~ ^/update/pub/ {
|
|
|
- add_header X-Frame-Options "SAMEORIGIN";
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- location / {
|
|
|
- try_files $uri $uri/ /index.php?$args;
|
|
|
- }
|
|
|
-
|
|
|
- location /pub {
|
|
|
- location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
|
|
|
- deny all;
|
|
|
- }
|
|
|
-
|
|
|
- alias $MAGE_ROOT/pub;
|
|
|
- add_header X-Frame-Options "SAMEORIGIN";
|
|
|
- }
|
|
|
-
|
|
|
- location /static/ {
|
|
|
- if ($MAGE_MODE = "production") {
|
|
|
- expires max;
|
|
|
- }
|
|
|
-
|
|
|
- # remove signature of static files used to overcome browser cache
|
|
|
- location ~ ^/static/version {
|
|
|
- rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
|
|
|
- }
|
|
|
-
|
|
|
- location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
|
|
|
- add_header Cache-Control "public";
|
|
|
- add_header X-Frame-Options "SAMEORIGIN";
|
|
|
- expires +1y;
|
|
|
-
|
|
|
- if (!-f $request_filename) {
|
|
|
- rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
|
|
|
- add_header Cache-Control "no-store";
|
|
|
- add_header X-Frame-Options "SAMEORIGIN";
|
|
|
- expires off;
|
|
|
-
|
|
|
- if (!-f $request_filename) {
|
|
|
- rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- if (!-f $request_filename) {
|
|
|
- rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
|
|
|
- }
|
|
|
-
|
|
|
- add_header X-Frame-Options "SAMEORIGIN";
|
|
|
- }
|
|
|
-
|
|
|
- location /media/ {
|
|
|
- try_files $uri $uri/ /get.php?$args;
|
|
|
-
|
|
|
- location ~ ^/media/theme_customization/.*\.xml {
|
|
|
- deny all;
|
|
|
- }
|
|
|
-
|
|
|
- location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
|
|
|
- add_header Cache-Control "public";
|
|
|
- add_header X-Frame-Options "SAMEORIGIN";
|
|
|
- expires +1y;
|
|
|
- try_files $uri $uri/ /get.php?$args;
|
|
|
- }
|
|
|
-
|
|
|
- location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
|
|
|
- add_header Cache-Control "no-store";
|
|
|
- add_header X-Frame-Options "SAMEORIGIN";
|
|
|
- expires off;
|
|
|
- try_files $uri $uri/ /get.php?$args;
|
|
|
- }
|
|
|
-
|
|
|
- add_header X-Frame-Options "SAMEORIGIN";
|
|
|
- }
|
|
|
-
|
|
|
- location /media/customer/ {
|
|
|
- deny all;
|
|
|
- }
|
|
|
-
|
|
|
- location /media/downloadable/ {
|
|
|
- deny all;
|
|
|
- }
|
|
|
-
|
|
|
- location /media/import/ {
|
|
|
- deny all;
|
|
|
- }
|
|
|
-
|
|
|
- location ~ /media/theme_customization/.*\.xml$ {
|
|
|
- deny all;
|
|
|
- }
|
|
|
-
|
|
|
- location /errors/ {
|
|
|
- try_files $uri =404;
|
|
|
- }
|
|
|
-
|
|
|
- location ~ ^/errors/.*\.(xml|phtml)$ {
|
|
|
- deny all;
|
|
|
- }
|
|
|
-
|
|
|
- location ~ cron\.php {
|
|
|
- deny all;
|
|
|
- }
|
|
|
-
|
|
|
- location ~ (index|get|static|report|404|503)\.php$ {
|
|
|
- try_files $uri =404;
|
|
|
- fastcgi_pass fastcgi_backend;
|
|
|
-
|
|
|
- fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
|
|
|
- fastcgi_param PHP_VALUE "max_execution_time=600";
|
|
|
- fastcgi_read_timeout 600s;
|
|
|
- fastcgi_connect_timeout 600s;
|
|
|
- fastcgi_param MAGE_MODE $MAGE_MODE;
|
|
|
-
|
|
|
- fastcgi_index index.php;
|
|
|
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
|
- include fastcgi_params;
|
|
|
- }
|
|
|
+ include /var/www/html/nginx.conf.sample;
|
|
|
}
|