mirror of
https://github.com/myvesta/vesta
synced 2025-07-14 09:03:23 -07:00
Merge branch 'master' into fix-tar-exclude-folder
This commit is contained in:
Dmitry Bannik
GitHub
commit
eb29a1f374
189 changed files with 3427 additions and 4083 deletions
|
|
@ -38,8 +38,8 @@ EOF
|
|||
sftpc() {
|
||||
expect -f "-" <<EOF "$@"
|
||||
set count 0
|
||||
spawn /usr/bin/sftp -o StrictHostKeyChecking=no -o \
|
||||
Port=$port $user@$host
|
||||
spawn "/usr/bin/sftp -o StrictHostKeyChecking=no -o \
|
||||
Port=$port '$user@$host'"
|
||||
expect {
|
||||
"password:" {
|
||||
send "$password\r"
|
||||
|
|
@ -94,12 +94,14 @@ EOF
|
|||
|
||||
if [ "$type" != 'local' ];then
|
||||
check_args '4' "$#" "TYPE HOST USERNAME PASSWORD [PATH] [PORT]"
|
||||
is_format_valid 'host'
|
||||
is_format_valid 'user' 'host' 'path' 'port'
|
||||
is_password_valid
|
||||
if [ "$type" = 'sftp' ]; then
|
||||
which expect >/dev/null 2>&1
|
||||
check_result $? "expect command not found" $E_NOTEXIST
|
||||
fi
|
||||
host "$host" >/dev/null 2>&1
|
||||
check_result $? "host connection failed" "$E_CONNECT"
|
||||
fi
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -30,37 +30,37 @@ is_package_new() {
|
|||
is_package_consistent() {
|
||||
source $pkg_dir/$package.pkg
|
||||
if [ "$WEB_DOMAINS" != 'unlimited' ]; then
|
||||
is_format_valid_int $WEB_DOMAINS 'WEB_DOMAINS'
|
||||
is_int_format_valid $WEB_DOMAINS 'WEB_DOMAINS'
|
||||
fi
|
||||
if [ "$WEB_ALIASES" != 'unlimited' ]; then
|
||||
is_format_valid_int $WEB_ALIASES 'WEB_ALIASES'
|
||||
is_int_format_valid $WEB_ALIASES 'WEB_ALIASES'
|
||||
fi
|
||||
if [ "$DNS_DOMAINS" != 'unlimited' ]; then
|
||||
is_format_valid_int $DNS_DOMAINS 'DNS_DOMAINS'
|
||||
is_int_format_valid $DNS_DOMAINS 'DNS_DOMAINS'
|
||||
fi
|
||||
if [ "$DNS_RECORDS" != 'unlimited' ]; then
|
||||
is_format_valid_int $DNS_RECORDS 'DNS_RECORDS'
|
||||
is_int_format_valid $DNS_RECORDS 'DNS_RECORDS'
|
||||
fi
|
||||
if [ "$MAIL_DOMAINS" != 'unlimited' ]; then
|
||||
is_format_valid_int $MAIL_DOMAINS 'MAIL_DOMAINS'
|
||||
is_int_format_valid $MAIL_DOMAINS 'MAIL_DOMAINS'
|
||||
fi
|
||||
if [ "$MAIL_ACCOUNTS" != 'unlimited' ]; then
|
||||
is_format_valid_int $MAIL_ACCOUNTS 'MAIL_ACCOUNTS'
|
||||
is_int_format_valid $MAIL_ACCOUNTS 'MAIL_ACCOUNTS'
|
||||
fi
|
||||
if [ "$DATABASES" != 'unlimited' ]; then
|
||||
is_format_valid_int $DATABASES 'DATABASES'
|
||||
is_int_format_valid $DATABASES 'DATABASES'
|
||||
fi
|
||||
if [ "$CRON_JOBS" != 'unlimited' ]; then
|
||||
is_format_valid_int $CRON_JOBS 'CRON_JOBS'
|
||||
is_int_format_valid $CRON_JOBS 'CRON_JOBS'
|
||||
fi
|
||||
if [ "$DISK_QUOTA" != 'unlimited' ]; then
|
||||
is_format_valid_int $DISK_QUOTA 'DISK_QUOTA'
|
||||
is_int_format_valid $DISK_QUOTA 'DISK_QUOTA'
|
||||
fi
|
||||
if [ "$BANDWIDTH" != 'unlimited' ]; then
|
||||
is_format_valid_int $BANDWIDTH 'BANDWIDTH'
|
||||
is_int_format_valid $BANDWIDTH 'BANDWIDTH'
|
||||
fi
|
||||
if [ "$BACKUPS" != 'unlimited' ]; then
|
||||
is_format_valid_int $BACKUPS 'BACKUPS'
|
||||
is_int_format_valid $BACKUPS 'BACKUPS'
|
||||
fi
|
||||
is_format_valid_shell $SHELL
|
||||
}
|
||||
|
|
|
|||
|
|
@ -113,9 +113,12 @@ if [ "$aliases" = 'none' ]; then
|
|||
ALIAS=''
|
||||
else
|
||||
ALIAS="www.$domain"
|
||||
if [ ! -z "$aliases" ]; then
|
||||
ALIAS="$ALIAS,$aliases"
|
||||
if [ -z "$aliases" ]; then
|
||||
ALIAS="www.$domain"
|
||||
else
|
||||
ALIAS="$aliases"
|
||||
fi
|
||||
|
||||
ip_alias=$(get_ip_alias $domain)
|
||||
if [ ! -z "$ip_alias" ]; then
|
||||
ALIAS="$ALIAS,$ip_alias"
|
||||
|
|
|
|||
|
|
@ -216,6 +216,9 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
|
|||
cp $USER_DATA/ssl/$domain.* vesta/
|
||||
fi
|
||||
|
||||
# Changin dir to documentroot
|
||||
cd $HOMEDIR/$user/web/$domain
|
||||
|
||||
# Define exclude arguments
|
||||
exlusion=$(echo -e "$WEB" |tr ',' '\n' |grep "^$domain:")
|
||||
set -f
|
||||
|
|
@ -224,15 +227,20 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
|
|||
if [ ! -z "$exlusion" ]; then
|
||||
xdirs="$(echo -e "$exlusion" |tr ':' '\n' |grep -v $domain)"
|
||||
for xpath in $xdirs; do
|
||||
fargs+=(--exclude=$xpath/*)
|
||||
echo "$(date "+%F %T") excluding directory $xpath"
|
||||
msg="$msg\n$(date "+%F %T") excluding directory $xpath"
|
||||
if [ -d "$xpath" ]; then
|
||||
fargs+=(--exclude=$xpath/*)
|
||||
echo "$(date "+%F %T") excluding directory $xpath"
|
||||
msg="$msg\n$(date "+%F %T") excluding directory $xpath"
|
||||
else
|
||||
echo "$(date "+%F %T") excluding file $xpath"
|
||||
msg="$msg\n$(date "+%F %T") excluding file $xpath"
|
||||
fargs+=(--exclude=$xpath)
|
||||
fi
|
||||
done
|
||||
fi
|
||||
set +f
|
||||
|
||||
# Backup files
|
||||
cd $HOMEDIR/$user/web/$domain
|
||||
tar -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
|
||||
done
|
||||
|
||||
|
|
@ -392,14 +400,17 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB" != '*' ]; then
|
|||
grep "DB='$database'" $conf > vesta/db.conf
|
||||
|
||||
dump="$tmpdir/db/$database/$database.$TYPE.sql"
|
||||
dumpgz="$tmpdir/db/$database/$database.$TYPE.sql.gz"
|
||||
grants="$tmpdir/db/$database/conf/$database.$TYPE.$DBUSER"
|
||||
case $TYPE in
|
||||
mysql) dump_mysql_database ;;
|
||||
pgsql) dump_pgsql_database ;;
|
||||
esac
|
||||
if [ ! -f "$dumpgz" ]; then
|
||||
case $TYPE in
|
||||
mysql) dump_mysql_database ;;
|
||||
pgsql) dump_pgsql_database ;;
|
||||
esac
|
||||
|
||||
# Compress dump
|
||||
gzip -$BACKUP_GZIP $dump
|
||||
# Compress dump
|
||||
gzip -$BACKUP_GZIP $dump
|
||||
fi
|
||||
done
|
||||
|
||||
# Print total
|
||||
|
|
|
|||
|
|
@ -28,6 +28,9 @@ if [ -z "$BACKUP_SYSTEM" ]; then
|
|||
exit
|
||||
fi
|
||||
for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
|
||||
if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then
|
||||
continue;
|
||||
fi
|
||||
check_suspend=$(grep "SUSPENDED='no'" $VESTA/data/users/$user/user.conf)
|
||||
log=$VESTA/log/backup.log
|
||||
if [ ! -z "$check_suspend" ]; then
|
||||
|
|
|
|||
|
|
@ -15,9 +15,14 @@ format=${1-shell}
|
|||
# JSON list function
|
||||
json_list() {
|
||||
echo '{'
|
||||
object_count=$(grep '@' /etc/passwd |wc -l)
|
||||
i=1
|
||||
while read USER; do
|
||||
if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
|
||||
continue;
|
||||
fi
|
||||
if [ $i -gt 1 ]; then
|
||||
echo ","
|
||||
fi
|
||||
source $VESTA/data/users/$USER/user.conf
|
||||
echo -n ' "'$USER'": {
|
||||
"FNAME": "'$FNAME'",
|
||||
|
|
@ -74,14 +79,8 @@ json_list() {
|
|||
"TIME": "'$TIME'",
|
||||
"DATE": "'$DATE'"
|
||||
}'
|
||||
if [ "$i" -lt "$object_count" ]; then
|
||||
echo ','
|
||||
else
|
||||
echo
|
||||
fi
|
||||
((i++))
|
||||
done < <(grep '@' /etc/passwd |cut -f1 -d:)
|
||||
|
||||
echo '}'
|
||||
}
|
||||
|
||||
|
|
@ -90,6 +89,9 @@ shell_list() {
|
|||
echo "USER PKG WEB DNS MAIL DB DISK BW SPND DATE"
|
||||
echo "---- --- --- --- --- -- ---- -- ---- ----"
|
||||
while read USER; do
|
||||
if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
|
||||
continue;
|
||||
fi
|
||||
source $VESTA/data/users/$USER/user.conf
|
||||
echo -n "$USER $PACKAGE $U_WEB_DOMAINS $U_DNS_DOMAINS $U_MAIL_DOMAINS"
|
||||
echo " $U_DATABASES $U_DISK $U_BANDWIDTH $SUSPENDED $DATE"
|
||||
|
|
@ -99,6 +101,9 @@ shell_list() {
|
|||
# PLAIN list function
|
||||
plain_list() {
|
||||
while read USER; do
|
||||
if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
|
||||
continue;
|
||||
fi
|
||||
source $VESTA/data/users/$USER/user.conf
|
||||
echo -ne "$USER\t$FNAME\t$LNAME\t$PACKAGE\t$WEB_TEMPLATE\t"
|
||||
echo -ne "$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
|
||||
|
|
@ -131,6 +136,9 @@ csv_list() {
|
|||
echo -n "U_MAIL_DOMAINS,U_MAIL_DKIM,U_MAIL_ACCOUNTS,U_DATABASES"
|
||||
echo "U_CRON_JOBS,U_BACKUPS,LANGUAGE,TIME,DATE"
|
||||
while read USER; do
|
||||
if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
|
||||
continue;
|
||||
fi
|
||||
source $VESTA/data/users/$USER/user.conf
|
||||
echo -n "$USER,\"$FNAME\",\"$LNAME\",$PACKAGE,$WEB_TEMPLATE,"
|
||||
echo -n "$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
|
||||
|
|
@ -151,6 +159,9 @@ csv_list() {
|
|||
# Raw list function
|
||||
raw_list() {
|
||||
while read USER; do
|
||||
if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
|
||||
continue;
|
||||
fi
|
||||
echo $VESTA/data/users/$USER/user.conf
|
||||
cat $VESTA/data/users/$USER/user.conf
|
||||
done < <(grep '@' /etc/passwd |cut -f1 -d:)
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ source $VESTA/func/main.sh
|
|||
|
||||
# JSON list function
|
||||
json_list() {
|
||||
issuer=$(echo "$issuer" |sed -e 's/"/\\"/g' -e "s/%quote%/'/g")
|
||||
echo '{'
|
||||
echo -e "\t\"$domain\": {"
|
||||
echo " \"CRT\": \"$crt\","
|
||||
|
|
|
|||
|
|
@ -35,6 +35,11 @@ if [ ! -z "$src_file" ]; then
|
|||
echo "Error: invalid source path $src_file"
|
||||
exit 2
|
||||
fi
|
||||
spath=$(echo "$rpath" |egrep "/etc|/var/lib")
|
||||
if [ -z "$spath" ]; then
|
||||
echo "Error: invalid source path $src_file"
|
||||
exit 2
|
||||
fi
|
||||
fi
|
||||
|
||||
# Reading conf
|
||||
|
|
|
|||
|
|
@ -31,7 +31,11 @@ for user in $users; do
|
|||
# Checking user certificates
|
||||
lecounter=0
|
||||
for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
|
||||
|
||||
# Working on Web domain check - if is suspended
|
||||
webSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |grep "SUSPENDED='no")
|
||||
if [ ! -z "$webSuspended" ]; then
|
||||
continue;
|
||||
fi;
|
||||
crt="$VESTA/data/users/$user/ssl/$domain.crt"
|
||||
crt_data=$(openssl x509 -text -in "$crt")
|
||||
expire=$(echo "$crt_data" |grep "Not After")
|
||||
|
|
|
|||
|
|
@ -67,6 +67,9 @@ TOTAL_USERS=0
|
|||
|
||||
# Updating user stats
|
||||
for user in $user_list; do
|
||||
if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then
|
||||
continue;
|
||||
fi
|
||||
USER_DATA=$VESTA/data/users/$user
|
||||
source $USER_DATA/user.conf
|
||||
next_month=$(date +'%m/01/%y' -d '+ 1 month')
|
||||
|
|
|
|||
15
func/main.sh
15
func/main.sh
|
|
@ -805,7 +805,16 @@ is_password_format_valid() {
|
|||
check_result $E_INVALID "invalid password format :: $1"
|
||||
fi
|
||||
}
|
||||
|
||||
# Missing function -
|
||||
# Before: validate_format_shell
|
||||
# After: is_format_valid_shell
|
||||
is_format_valid_shell() {
|
||||
if [ -z "$(grep -w $1 /etc/shells)" ]; then
|
||||
echo "Error: shell $1 is not valid"
|
||||
log_event "$E_INVALID" "$EVENT"
|
||||
exit $E_INVALID
|
||||
fi
|
||||
}
|
||||
# Format validation controller
|
||||
is_format_valid() {
|
||||
for arg_name in $*; do
|
||||
|
|
@ -873,6 +882,8 @@ is_format_valid() {
|
|||
rtype) is_dns_type_format_valid "$arg" ;;
|
||||
rule) is_int_format_valid "$arg" "rule id" ;;
|
||||
soa) is_domain_format_valid "$arg" 'SOA' ;;
|
||||
#missing command: is_format_valid_shell
|
||||
shell) is_format_valid_shell "$arg" ;;
|
||||
stats_pass) is_password_format_valid "$arg" ;;
|
||||
stats_user) is_user_format_valid "$arg" "$arg_name" ;;
|
||||
template) is_object_format_valid "$arg" "$arg_name" ;;
|
||||
|
|
@ -922,7 +933,7 @@ format_aliases() {
|
|||
aliases=$(echo "$aliases" |tr -s '.')
|
||||
aliases=$(echo "$aliases" |sed -e "s/[.]*$//g")
|
||||
aliases=$(echo "$aliases" |sed -e "s/^[.]*//")
|
||||
aliases=$(echo "$aliases" |grep -v www.$domain |sed -e "/^$/d")
|
||||
aliases=$(echo "$aliases" |sed -e "/^$/d")
|
||||
aliases=$(echo "$aliases" |tr '\n' ',' |sed -e "s/,$//")
|
||||
fi
|
||||
}
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ Defaults:admin !syslog
|
|||
Defaults:admin !requiretty
|
||||
Defaults:root !requiretty
|
||||
|
||||
admin ALL=(ALL) ALL
|
||||
# sudo is limited to vesta scripts
|
||||
admin ALL=NOPASSWD:/usr/local/vesta/bin/*
|
||||
|
|
|
|||
|
|
@ -31,48 +31,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,48 +27,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -31,50 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,50 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -31,51 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,51 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -51,6 +51,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ Defaults:admin !syslog
|
|||
Defaults:admin !requiretty
|
||||
Defaults:root !requiretty
|
||||
|
||||
admin ALL=(ALL) ALL
|
||||
# sudo is limited to vesta scripts
|
||||
admin ALL=NOPASSWD:/usr/local/vesta/bin/*
|
||||
|
|
|
|||
|
|
@ -31,48 +31,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,48 +27,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -31,50 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,50 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -31,51 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,51 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -51,6 +51,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ Defaults:admin !syslog
|
|||
Defaults:admin !requiretty
|
||||
Defaults:root !requiretty
|
||||
|
||||
admin ALL=(ALL) ALL
|
||||
# sudo is limited to vesta scripts
|
||||
admin ALL=NOPASSWD:/usr/local/vesta/bin/*
|
||||
|
|
|
|||
|
|
@ -31,48 +31,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,48 +27,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -31,50 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,50 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -31,51 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,51 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ Defaults:admin !syslog
|
|||
Defaults:admin !requiretty
|
||||
Defaults:root !requiretty
|
||||
|
||||
admin ALL=(ALL) ALL
|
||||
# sudo is limited to vesta scripts
|
||||
admin ALL=NOPASSWD:/usr/local/vesta/bin/*
|
||||
|
|
|
|||
|
|
@ -31,48 +31,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,48 +27,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -31,50 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,50 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -31,51 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,51 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ Defaults:admin !syslog
|
|||
Defaults:admin !requiretty
|
||||
Defaults:root !requiretty
|
||||
|
||||
admin ALL=(ALL) ALL
|
||||
# sudo is limited to vesta scripts
|
||||
admin ALL=NOPASSWD:/usr/local/vesta/bin/*
|
||||
|
|
|
|||
|
|
@ -31,48 +31,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,48 +27,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -31,50 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,50 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -31,51 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,51 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ Defaults:admin !syslog
|
|||
Defaults:admin !requiretty
|
||||
Defaults:root !requiretty
|
||||
|
||||
admin ALL=(ALL) ALL
|
||||
# sudo is limited to vesta scripts
|
||||
admin ALL=NOPASSWD:/usr/local/vesta/bin/*
|
||||
|
|
|
|||
|
|
@ -31,48 +31,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,48 +27,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -31,50 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,50 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -31,51 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,51 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ Defaults:admin !syslog
|
|||
Defaults:admin !requiretty
|
||||
Defaults:root !requiretty
|
||||
|
||||
admin ALL=(ALL) ALL
|
||||
# sudo is limited to vesta scripts
|
||||
admin ALL=NOPASSWD:/usr/local/vesta/bin/*
|
||||
|
|
|
|||
|
|
@ -31,48 +31,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,48 +27,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -31,50 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,50 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -31,51 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,51 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ Defaults:admin !syslog
|
|||
Defaults:admin !requiretty
|
||||
Defaults:root !requiretty
|
||||
|
||||
admin ALL=(ALL) ALL
|
||||
# sudo is limited to vesta scripts
|
||||
admin ALL=NOPASSWD:/usr/local/vesta/bin/*
|
||||
|
|
|
|||
|
|
@ -31,48 +31,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,48 +27,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -31,50 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,50 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -31,51 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,51 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ Defaults:admin !syslog
|
|||
Defaults:admin !requiretty
|
||||
Defaults:root !requiretty
|
||||
|
||||
admin ALL=(ALL) ALL
|
||||
# sudo is limited to vesta scripts
|
||||
admin ALL=NOPASSWD:/usr/local/vesta/bin/*
|
||||
|
|
|
|||
|
|
@ -31,48 +31,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,48 +27,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -31,50 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,50 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -31,51 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,51 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ Defaults:admin !syslog
|
|||
Defaults:admin !requiretty
|
||||
Defaults:root !requiretty
|
||||
|
||||
admin ALL=(ALL) ALL
|
||||
# sudo is limited to vesta scripts
|
||||
admin ALL=NOPASSWD:/usr/local/vesta/bin/*
|
||||
|
|
|
|||
|
|
@ -31,48 +31,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,48 +27,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -31,50 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,50 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -31,51 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,51 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ Defaults:admin !syslog
|
|||
Defaults:admin !requiretty
|
||||
Defaults:root !requiretty
|
||||
|
||||
admin ALL=(ALL) ALL
|
||||
# sudo is limited to vesta scripts
|
||||
admin ALL=NOPASSWD:/usr/local/vesta/bin/*
|
||||
|
|
|
|||
|
|
@ -31,48 +31,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,48 +27,42 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# For Drupal 6 and bwlow:
|
||||
# Some modules enforce no slash (/) at the end of the URL
|
||||
# Else this rewrite block wouldn't be needed (GlobalRedirect)
|
||||
rewrite ^/(.*)$ /index.php?q=$1;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/imagecache/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
|
|
|
|||
|
|
@ -31,50 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,50 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -31,51 +31,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location / {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -18,7 +18,6 @@ server {
|
|||
access_log off;
|
||||
}
|
||||
|
||||
# Very rarely should these ever be accessed outside of your lan
|
||||
location ~* \.(txt|log)$ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
|
|
@ -28,51 +27,44 @@ server {
|
|||
return 403;
|
||||
}
|
||||
|
||||
# No no for private
|
||||
location ~ ^/sites/.*/private/ {
|
||||
return 403;
|
||||
}
|
||||
|
||||
# Block access to "hidden" files and directories whose names begin with a
|
||||
# period. This includes directories used by version control systems such
|
||||
# as Subversion or Git to store control files.
|
||||
location ~ (^|/)\. {
|
||||
return 403;
|
||||
location ~ ^/sites/[^/]+/files/.*\.php$ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @rewrite;
|
||||
|
||||
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
|
||||
expires max;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$)|^/update.php {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_intercept_errors on;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location @rewrite {
|
||||
# You have 2 options here
|
||||
# For D7 and above:
|
||||
# Clean URLs are handled in drupal_environment_initialize().
|
||||
rewrite ^ /index.php;
|
||||
location ~ /vendor/.*\.php$ {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/sites/.*/files/styles/ {
|
||||
try_files $uri @rewrite;
|
||||
}
|
||||
|
||||
location ~ ^(/[a-z\-]+)?/system/files/ {
|
||||
try_files $uri /index.php?$query_string;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||
try_files $uri @rewrite;
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ '\.php$|^/update.php' {
|
||||
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass %backend_lsnr%;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
}
|
||||
|
||||
error_page 403 /error/404.html;
|
||||
error_page 404 /error/404.html;
|
||||
error_page 500 502 503 504 /error/50x.html;
|
||||
|
|
|
|||
|
|
@ -50,6 +50,7 @@ http {
|
|||
|
||||
# Compression
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue