server {
listen 80;
server_name bla.com;
root /var/www/htlm;
index index.html index.htm index.php;
access_log /var/log/nginx/example.org.access.log;
error_log /var/log/nginx/example.org.error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# For drush
location = /backup {
deny all;
}
# Prevent user from accessing settings.php directly
location ~ ^/sites/[^/]+/settings.php$ {
deny all;
}
## Replicate the Apache <FilesMatch> directive of Drupal standard
## .htaccess. Disable access to any code files. Return a 404 to curtail
## information disclosure. Hide also the text files.
location ~* ^(?:.+.(?:htaccess|make|txt|log|engine|inc|info|install|module|profile|po|sh|.sql|theme|tpl(?:.php)?|xtmpl)|code-style.pl|/Entries.|/Repository|/Root|/Ta$
return 404;
}
location ~ ../..php$ {
return 403;
}
location / {
try_files $uri $uri/ @apache;
expires max;
access_log off;
}
location @apache {
proxy_pass http://127.0.0.1:8888;
}
# Use an SSH tunnel to access those pages. They shouldn't be visible to
# external peeping eyes.
location = /install.php {
allow 127.0.0.1;
deny all;
}
location = /update.php {
allow 127.0.0.1;
deny all;
}
}
No comments:
Post a Comment