rav4s
/
NginX-Config-Files
mirror of https://github.com/Rav4s/NginX-Config-Files
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
Some config files for the NginX web server & reverse proxy server
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14 Commits
1 Branch
0 Tags
34 KiB
Branch: main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
NginX-Config-Files/reverse-proxy.conf

86 lines
2.6 KiB
Raw Permalink Normal View History

Added information at top of config
5 years ago
Added reverse proxy configuration file
5 years ago
Removed my website name.
5 years ago
Added reverse proxy configuration file
5 years ago
Removed my website name.
5 years ago
Added reverse proxy configuration file
5 years ago
Removed my website name.
5 years ago
Added reverse proxy configuration file
5 years ago
Update reverse-proxy.conf
4 years ago
Added reverse proxy configuration file
5 years ago
  1. # Example configuration for a www-subdomain
  3. # Redirect www http traffic to www https
  5. server{
  6. listen 80;
  7. server_name www.YOURSITEDOMAIN.com;
  8. return 301 https://www.YOURSITEDOMAIN.com$request_uri;
  9. }
  11. # Redirect non-www http traffic to www https
  13. server {
  14. listen 80;
  15. server_name YOURSITEDOMAIN.com;
  16. return 301 https://www.YOURSITEDOMAIN.com$request_uri;
  17. }
  19. # Redirect non-www https traffic to www https
  21. server {
  22. listen 443;
  23. server_name YOURSITEDOMAIN.com;
  24. return 301 https://www.YOURSITEDOMAIN.com$request_uri;
  26. # SSL configuration
  28. ssl_certificate /etc/letsencrypt/live/YOURSITEDOMAIN.com/fullchain.pem;
  29. ssl_certificate_key /etc/letsencrypt/live/YOURSITEDOMAIN.com/privkey.pem;
  30. ssl on;
  31. ssl_session_cache builtin:1000 shared:SSL:10m;
  32. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  33. ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
  34. ssl_prefer_server_ciphers on;
  35. }
  37. # Main server block for www https
  39. server {
  41. listen 443;
  42. server_name www.YOURSITEDOMAIN.com;
  44. # SSL configuration
  46. ssl_certificate /etc/letsencrypt/live/YOURSITEDOMAIN.com/fullchain.pem;
  47. ssl_certificate_key /etc/letsencrypt/live/YOURSITEDOMAIN.com/privkey.pem;
  48. ssl on;
  49. ssl_session_cache builtin:1000 shared:SSL:10m;
  50. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  51. ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
  52. ssl_prefer_server_ciphers on;
  54. # Set the access log location
  56. access_log /var/log/nginx/YOURSITEDOMAIN.access.log;
  58. location / {
  60. # Set the proxy headers
  62. proxy_set_header Host $host;
  63. proxy_set_header X-Real-IP $remote_addr;
  64. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  65. proxy_set_header X-Forwarded-Proto $scheme;
  67. # Configure which address the request is proxied to
  69. proxy_pass http://YOURSERVER:YOURPORT;
  70. proxy_read_timeout 90;
  71. proxy_redirect http://YOURSERVER:YOURPORT https://www.YOURSITEDOMAIN.com;
  73. # Set the security headers
  75. add_header Permissions-Policy "interest-cohort=()"; # Don't allow Google FLoC
  76. add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; #HSTS
  77. add_header X-Frame-Options DENY; #Prevents clickjacking
  78. add_header X-Content-Type-Options nosniff; #Prevents mime sniffing
  79. add_header X-XSS-Protection "1; mode=block"; #Prevents cross-site scripting attacks
  80. add_header Referrer-Policy "origin"; #Idk what this actually does
  82. # Rewrite all URI's so they have a trailing slash
  84. rewrite ^([^.]*[^/])$ $1/ permanent;
  85. }
  86. }