server {
listen 443 ssl default_server;
client_max_body_size 1G;
ssl_certificate "/etc/pki/tls/certs/osinfor2020.crt";
ssl_certificate_key "/etc/pki/tls/private/osinfor2020.key";
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECD SA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA25 6 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !M D5 !EXP !PSK !SRP !DSS !RC4";
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
server_name paginaweb;
root /var/www/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy "strict-origin";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
# add_header Content-Security-Policy "default-src 'self'; font-src *;img-src * data:; script-src *; style-src *";
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* \.php$ {
# With php-fpm unix sockets
fastcgi_pass unix:/run/php-fpm/www.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
expires max;
log_not_found off;
}
# log files
access_log /var/log/nginx/paginaweb.com.access.log;
error_log /var/log/nginx/paginaweb.com.error.log;
}