1 # You may add here your
5 # statements for each of your virtual hosts to this file
8 # You should look at the following URL's in order to grasp a solid understanding
9 # of Nginx configuration files in order to fully unleash the power of Nginx.
10 # http://wiki.nginx.org/Pitfalls
11 # http://wiki.nginx.org/QuickStart
12 # http://wiki.nginx.org/Configuration
14 # Generally, you will want to move this file somewhere, and start with a clean
15 # file but keep this around for reference. Or just disable in sites-enabled.
17 # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
21 #listen 80; ## listen for ipv4; this line is default and implied
22 #listen [::]:80 default_server ipv6only=on; ## listen for ipv6
24 root /usr/share/nginx/www;
25 index index.html index.htm;
27 # Make site accessible from http://localhost/
28 server_name localhost;
31 # First attempt to serve request as file, then
32 # as directory, then fall back to displaying a 404.
33 try_files $uri $uri/ /index.html;
34 # Uncomment to enable naxsi on this location
35 # include /etc/nginx/naxsi.rules
39 alias /usr/share/doc/;
46 # Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
47 #location /RequestDenied {
48 # proxy_pass http://127.0.0.1:8080;
51 #error_page 404 /404.html;
53 # redirect server error pages to the static page /50x.html
55 #error_page 500 502 503 504 /50x.html;
56 #location = /50x.html {
57 # root /usr/share/nginx/www;
60 # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
63 # fastcgi_split_path_info ^(.+\.php)(/.+)$;
64 # # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
66 # # With php5-cgi alone:
67 # fastcgi_pass 127.0.0.1:9000;
69 # fastcgi_pass unix:/var/run/php5-fpm.sock;
70 # fastcgi_index index.php;
71 # include fastcgi_params;
74 # deny access to .htaccess files, if Apache's document root
75 # concurs with nginx's one
83 # another virtual host using mix of IP-, name-, and port-based configuration
87 # listen somename:8080;
88 # server_name somename alias another.alias;
90 # index index.html index.htm;
93 # try_files $uri $uri/ =404;
102 server_name localhost;
105 index index.html index.htm;
108 ssl_certificate cert.pem;
109 ssl_certificate_key cert.key;
111 ssl_session_timeout 5m;
113 ssl_prefer_server_ciphers on;
114 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive
115 ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA';
116 add_header Strict-Transport-Security max-age=15768000; # six months
117 # use this only if all subdomains support HTTPS!
118 # add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
121 try_files $uri $uri/ =404;