github
/
flarum
mirror of https://github.com/flarum/flarum
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

revert formatting changes

pull/60/head
VirtuBox 2018-12-22 06:11:27 +01:00
parent 5f38b350f7
commit f6d34376cd
1 changed files with 30 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
.nginx.conf
View File

@ -15,50 +15,58 @@
# Pass requests that don't refer directly to files in the filesystem to index.php
location / {
try_files $uri $uri/ /index.php?$args;
try_files $uri $uri/ /index.php?$args;
}
# Pass requests to fastcgi upstream
# just use the upstream example above
# just use the upstream example above
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php;
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php;
}
# The following directives are based on best practices from H5BP Nginx Server Configs
# https://github.com/h5bp/server-configs-nginx
# Expire rules for static content
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
add_header Cache-Control "max-age=0";
add_header Cache-Control "max-age=0";
}
location ~* \.(?:rss|atom)$ {
add_header Cache-Control "max-age=3600";
add_header Cache-Control "max-age=3600";
}
# allow browser cache for all static assets
# allow browser cache for all static assets
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|jpe?g|gif|cur|heic|png|tiff|ico|zip|webm|mp3|aac|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$ {
# enable CORS
add_header "Access-Control-Allow-Origin" "*";
access_log off;
# do not log 404 errors for static files
log_not_found off;
expires max;
# enable CORS
add_header "Access-Control-Allow-Origin" "*";
access_log off;
# do not log 404 errors for static files
log_not_found off;
expires max;
}
# allow browser cache for 30d on css & js files
location ~* \.(?:css(\.map)?|js(\.map)?)$ {
add_header "Access-Control-Allow-Origin" "*";
access_log off;
log_not_found off;
expires 30d;
# enable CORS
add_header "Access-Control-Allow-Origin" "*";
# do not log 404 errors for static files
access_log off;
log_not_found off;
expires 30d;
}
# Security settings for better privacy
# Deny hidden files & directory, excepted .well-known
location ~ /\.(?!well-known\/) {
deny all;
deny all;
}
# Deny backup extensions & log files and return 403 forbidden
location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" {
deny all;
deny all;
}
# Gzip compression
@ -67,7 +75,8 @@ gzip_comp_level 5;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types application/atom+xml
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json