hhf/wordpress-nginx-main
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wordpress-nginx-main/sites-available/ssl-example.com.conf
hhftechnologies dd82b3e56c update
2024-09-28 17:48:20 +05:30

104 lines
3.8 KiB
Text
Raw Blame History

# http => https
server {
listen 80;
listen [::]:80; # IPv6 support
server_name example.com www.example.com;
# Replace the path with the actual path to WordPress core files
root /home/username/sites/example.com/public;
# for LetsEncrypt
location ^~ /.well-known/acme-challenge {
auth_basic off;
try_files $uri =404;
expires -1;
}
location / {
return 301 https://$host$request_uri;
include 'globals/hsts.conf';
include 'globals/security-headers.conf';
}
}
# www.example.com => example.com (server-level)
# Or example.com => www.example.com (server-level)
# use it only if you are a fan of micro-optimization
# server {
# listen 443 ssl http2;
# listen [::]:443 ssl http2; # IPv6 support
# uncomment only one depending on the main URL
# server_name example.com;
# server_name www.example.com;
# ssl_certificate "/etc/letsencrypt/live/example.com/fullchain.pem";
# ssl_certificate_key "/etc/letsencrypt/live/example.com/privkey.pem";
# location / {
# uncomment only one depending on the main URL
# return 301 $scheme://www.example.com$request_uri;
# return 301 $scheme://example.com$request_uri;
# include 'globals/hsts.conf';
# include 'globals/security-headers.conf';
# }
# }
server {
# "http2" parameter of the "listen" directive is deprecated as of version 1.25.1 released on June 13, 2023
listen 443 ssl http2;
listen [::]:443 ssl http2; # IPv6 support
# since Nginx version 1.25.1
# https on;
# the main URL where the site is served. It could be www.example.com
server_name example.com;
# comment out the following line, if you enable the server-level 301 redirect above
server_name www.example.com;
# default file to serve
index index.php;
# Replace the path with the actual path to WordPress core files
root /home/username/sites/example.com/public;
# if you use an ACME client that stores the SSL certs in a different path, please update the following
ssl_certificate "/etc/letsencrypt/live/example.com/fullchain.pem";
ssl_certificate_key "/etc/letsencrypt/live/example.com/privkey.pem";
# Logs
access_log /var/log/nginx/example.com-access.log;
# if the log files become too large, you may use the following format. $loggable is defined in conf.d/common.conf
# access_log /var/log/nginx/example.com-access.log combined buffer=64k flush=5m if=$loggable;
# ideally use it along with fail2ban
error_log /var/log/nginx/example.com-error.log;
# use the following pattern only for debugging - server support needed
# error_log /var/log/nginx/example.com-error.log debug;
include globals/restrictions.conf;
include globals/assets.conf;
include globals/auto-versioning-support.conf;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) { return 404; }
# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";
include "fastcgi_params";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
fastcgi_pass fpm;
include 'globals/hsts.conf';
include 'globals/security-headers.conf';
}
### Enaable only one of the following lines
include "globals/wp-super-cache.conf"; # WP Super Cache plugin support
# include "globals/wp-rocket.conf"; # WP Rocket Cache plugin support
# include "globals/wp-fastest-cache.conf"; # WP Fastest Cache plugin support
# include "globals/cache-enabler.conf"; # Cache Enabler plugin support
# location / { try_files $uri $uri/ /index.php$is_args$args; } # the plain-old method - suits Batcache
}
Reference in a new issue View git blame Copy permalink