rav4s
/
NginX-Config-Files
mirror of https://github.com/Rav4s/NginX-Config-Files
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
Some config files for the NginX web server & reverse proxy server
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
34 KiB
Tree: 4b2d60bfaf
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4b2d60bfaf'
${ noResults }
NginX-Config-Files/reverse-proxy.conf

83 lines
2.5 KiB
Raw Normal View History

Added reverse proxy configuration file
5 years ago
Removed my website name.
5 years ago
Added reverse proxy configuration file
5 years ago
Removed my website name.
5 years ago
Added reverse proxy configuration file
5 years ago
Removed my website name.
5 years ago
Added reverse proxy configuration file
5 years ago
  1. # Redirect www http traffic to www https
  3. server{
  4. listen 80;
  5. server_name www.YOURSITEDOMAIN.com;
  6. return 301 https://www.YOURSITEDOMAIN.com$request_uri;
  7. }
  9. # Redirect non-www http traffic to www https
  11. server {
  12. listen 80;
  13. server_name YOURSITEDOMAIN.com;
  14. return 301 https://www.YOURSITEDOMAIN.com$request_uri;
  15. }
  17. # Redirect non-www https traffic to www https
  19. server {
  20. listen 443;
  21. server_name YOURSITEDOMAIN.com;
  22. return 301 https://www.YOURSITEDOMAIN.com$request_uri;
  24. # SSL configuration
  26. ssl_certificate /etc/letsencrypt/live/YOURSITEDOMAIN.com/fullchain.pem;
  27. ssl_certificate_key /etc/letsencrypt/live/YOURSITEDOMAIN.com/privkey.pem;
  28. ssl on;
  29. ssl_session_cache builtin:1000 shared:SSL:10m;
  30. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  31. ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
  32. ssl_prefer_server_ciphers on;
  33. }
  35. # Main server block for www https
  37. server {
  39. listen 443;
  40. server_name www.YOURSITEDOMAIN.com;
  42. # SSL configuration
  44. ssl_certificate /etc/letsencrypt/live/YOURSITEDOMAIN.com/fullchain.pem;
  45. ssl_certificate_key /etc/letsencrypt/live/YOURSITEDOMAIN.com/privkey.pem;
  46. ssl on;
  47. ssl_session_cache builtin:1000 shared:SSL:10m;
  48. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  49. ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
  50. ssl_prefer_server_ciphers on;
  52. # Set the access log location
  54. access_log /var/log/nginx/YOURSITEDOMAIN.access.log;
  56. location / {
  58. # Set the proxy headers
  60. proxy_set_header Host $host;
  61. proxy_set_header X-Real-IP $remote_addr;
  62. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  63. proxy_set_header X-Forwarded-Proto $scheme;
  65. # Configure which address the request is proxied to
  67. proxy_pass http://YOURSERVER:YOURPORT;
  68. proxy_read_timeout 90;
  69. proxy_redirect http://YOURSERVER:YOURPORT https://www.YOURSITEDOMAIN.com;
  71. # Set the security headers
  73. add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; #HSTS
  74. add_header X-Frame-Options DENY; #Prevents clickjacking
  75. add_header X-Content-Type-Options nosniff; #Prevents mime sniffing
  76. add_header X-XSS-Protection "1; mode=block"; #Prevents cross-site scripting attacks
  77. add_header Referrer-Policy "origin"; #Idk what this actually does
  79. # Rewrite all URI's so they have a trailing slash
  81. rewrite ^([^.]*[^/])$ $1/ permanent;
  82. }
  83. }