default.conf 1.33 KB
Newer Older
Dave Lane's avatar
Dave Lane committed
1
server {
2
    listen 0.0.0.0:80;
Dave Lane's avatar
Dave Lane committed
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
    index index.html index.php;

    ## Web root and Domain Name
    root /var/www/html;
    server_name default;

    ## Begin - Index
    # for subfolders, simply adjust the rewrite:
    # to use `/subfolder/index.php`
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }
    ## End - Index

    ## Begin - PHP-FPM Configuration
    location ~ \.php$ {
        # Choose either a socket or TCP/IP address
        fastcgi_pass app:9000;

        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
    }
    ## End - PHP

Dave Lane's avatar
Dave Lane committed
29 30
    client_max_body_size 100m;
 
Dave Lane's avatar
Dave Lane committed
31 32 33 34 35 36 37 38 39 40 41
    ## Begin - Security
    # deny all direct access for these folders
    location ~* /(.git|cache|bin|logs|backups)/.*$ { return 403; }
    # deny running scripts inside core system folders
    location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
    # deny running scripts inside user folder
    location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
    # deny access to specific files in the root folder
    location ~ /(LICENSE|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess) { return 403; }
    ## End - Security
 }