69 lines
1.5 KiB
Plaintext
69 lines
1.5 KiB
Plaintext
Exemple pour nginx en ssl
|
|
|
|
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
|
|
server_name your_domain www.your_domain;
|
|
|
|
location ~ /.well-known/acme-challenge {
|
|
allow all;
|
|
root /var/www/html;
|
|
}
|
|
|
|
location / {
|
|
rewrite ^ https://$host$request_uri? permanent;
|
|
}
|
|
}
|
|
server {
|
|
listen 443 ssl;
|
|
listen [::]:443 ssl;
|
|
server_name your_domain www.your_domain;
|
|
|
|
index index.php index.html index.htm;
|
|
|
|
root /var/www/html;
|
|
|
|
server_tokens off;
|
|
|
|
ssl_certificate /etc/letsencrypt/live/your_domain/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/your_domain/privkey.pem;
|
|
|
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
|
add_header X-XSS-Protection "1; mode=block" always;
|
|
add_header X-Content-Type-Options "nosniff" always;
|
|
add_header Referrer-Policy "no-referrer-when-downgrade" always;
|
|
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
|
|
|
|
<location / {
|
|
try_files $uri $uri/ /index.php$is_args$args;
|
|
}
|
|
|
|
rewrite ^/core/authorize.php/core/authorize.php(.*)$ /core/authorize.php$1;
|
|
|
|
location ~ \.php$ {
|
|
try_files $uri =404;
|
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
|
fastcgi_pass drupal:9000;
|
|
fastcgi_index index.php;
|
|
include fastcgi_params;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
|
}
|
|
|
|
location ~ /\.ht {
|
|
deny all;
|
|
}
|
|
|
|
location = /favicon.ico {
|
|
log_not_found off; access_log off;
|
|
}
|
|
location = /robots.txt {
|
|
log_not_found off; access_log off; allow all;
|
|
}
|
|
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
|
|
expires max;
|
|
log_not_found off;
|
|
}
|
|
}
|