server { listen 80; server_name vegguide.org www.vegguide.org;
return 301 https://$server_name$request_uri; }
server { listen 443 ssl; server_name vegguide.org;
ssl_certificate /etc/letsencrypt/live/vegguide.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/vegguide.org/privkey.pem; include /etc/nginx/snippets/ssl.conf;
return 301 https://www.vegguide.org$request_uri; }
server { listen 443 ssl; server_name www.vegguide.org;
client_max_body_size 25m;
ssl_certificate /etc/letsencrypt/live/www.vegguide.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.vegguide.org/privkey.pem; include /etc/nginx/snippets/ssl.conf;
error_log /var/log/nginx/vegguide.org/error.log; access_log /var/log/nginx/vegguide.org/access.log;
if ( $host != “www.vegguide.org” ) { rewrite ^(.*) http://www.vegguide.org$1 permanent; }
if ( $http_user_agent = “” ) { return 403; }
if ( $http_user_agent ~ (SemrushBot) ) { return 403; }
add_header P3P “policyref="http://www.vegguide.org/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa \DEVa TAIa PSAa PSDa OUR IND PHY ONL COM NAV DEM STA"”;
location ^~ /mailman { rewrite ^(.*) https://lists.vegguide.org:444$1 permanent; }
location ^~ /pipermail { rewrite ^(.*) https://lists.vegguide.org:444$1 permanent; }
#rewrite !^/down.html$ /down.html redirect; location = /down.html { rewrite ^ /; }
set $var_dir /var/lib/vegguide; set $cache_dir /var/cache/vegguide; set $share_dir /usr/local/share/vegguide;
error_page 500 $share_dir/static/500.html; error_page 503 $share_dir/static/503.html;
location = /debug { allow 173.11.48.48/28; deny all; try_files $uri @backend; }
location ~ .*favicon.gif$ { rewrite ^ /favicon.ico permanent; }
location = /favicon.ico { root $share_dir/images; }
location ~ ^/\w+/(css/vegguide-combined.css) { expires max; alias $var_dir/$1; }
location ~ ^(?:/\w+)?/(css|images)(.+) { expires max; alias $share_dir/$1$2; }
location ~ ^(?:/\w+)?/(js/.+) { expires max; alias $var_dir/$1; }
location ^~ static/rss { alias $cache_dir/rss; }
location = /site.rss { root $cache_dir/rss; }
location ^~ /static { alias $share_dir/static; }
location ^~ /w3c { alias $share_dir/w3c; }
location ^~ /api-explorer { alias $share_dir/api-explorer; }
location = /robots.txt { root $share_dir/static; }
location ^~ /entry-images { root $var_dir; }
location ^~ /user-images { root $var_dir; }
location ~ (.*/)?([^/]+).mhtml$ { set $path $1$2; rewrite ^ $path.html permanent; }
location ~ ^.+.rss%3[Ff] { rewrite ^ / permanent; }
location ~ ^/region/(\d+).rss { set $region_id $1; rewrite ^ /region/$region_id/data.rss permanent; }
location ^~ /location { if ( $arg_location_id ~ (\d+) ) { set $region_id $1; rewrite ^/location/view.html /region/$region_id? permanent; rewrite ^/location/data.rss /region/$region_id/data.rss? permanent; rewrite ^/location/most_recent.rss /region/$region_id/recent.rss? permanent; rewrite ^/location/most_recent_vendors.rss /region/$region_id/recent.rss?entries_only=1 permanent; rewrite ^/location/most_recent_reviews.rss /region/$region_id/recent.rss?reviews_only=1 permanent; } rewrite ^ / break; }
location ^~ /vendor { if ( $arg_vendor_id ~ (\d+) ) { set $vendor_id $1; rewrite ^/vendor/view.html /entry/$vendor_id? permanent; rewrite ^/vendor/reviews.html /entry/$vendor_id/reviews? permanent; } rewrite ^ / break; }
location ^~ /user { if ( $arg_user_id ~ (\d+) ) { set $user_id $1; rewrite ^/user/view.html /user/$user_id? permanent; } try_files $uri @backend; }
location = /index.html { rewrite ^ / permanent; }
location = /faq.html { rewrite ^ /site/help permanent; }
location = /rss/data_feed.html { rewrite ^ /site/data_feed permanent; }
location ^~ /rss { rewrite ^ /site/feeds permanent; }
location ^~ /news { rewrite ^ /site/news permanent; }
location ~ ^/rss/static/all\w+.rss { rewrite ^ /site.rss permanent; }
location ^~ /noauth { rewrite ^ / redirect; }
location ^~ /submit/search { rewrite ^ /site/search?search_text=$arg_search permanent; }
location ^~ /plain { return 410; }
location ~ ^/(?:events?|location|logged-in||news|noauth|vendor)/.*.html { return 410; }
location ~ ^/(?:source|privacy|about|contact|info_key|contest|todo).html { return 410; }
location ~ ^/(?:search|printable|location_suggestion|promo_cards|vegsiteinabox).html { return 410; }
location ~ ^/by_(?:name|geocode|zipcode).html { return 410; }
location ^~ /submit { return 410; }
location ^~ /maps/c/ui/HovercardLauncher/dommanifest.js { return 404; }
location ^~ /.api/main.js { return 404; }
location ^~ /ge/v/1/4/loader.js { return 404; }
location ^~ /__utm.gif { return 404; }
location ~ ^/apple-touch-icon(?:-\d+x\d+)?(?:-precomposed)?.png { return 404; }
location ^~ /crossdomain.xml { return 404; }
location ^~ /sitemap.xml { return 404; }
location ^~ /signup { return 404; }
location ^~ /labels.rdf { return 404; }
location ^~ /sugest.css { return 404; }
location ^~ /https://www.paypal.com/cgi-bin/webscr { return 404; }
location ~ .(?:asp|cfn|php|dll)$ { return 404; }
location ~ (?:ikonboard.cgi|YaBB.pl)$ { return 404; }
location ^~ /add.php3 { return 404; }
location ^~ /uds { return 404; }
location ^~ /img { return 404; }
location ^~ /… { return 404; }
location / { try_files $uri @backend; }
location @backend { proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Port $server_port; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffers 32 4k;
proxy_pass http://localhost:8088; } }
server { listen 444 ssl; server_name lists.vegguide.org;
error_log /var/log/nginx/error.log; access_log /var/log/nginx/access.log;
ssl_certificate /etc/nginx/lists.vegguide.org.crt; ssl_certificate_key /etc/nginx/lists.vegguide.org.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers “EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS”;
root /usr/lib/cgi-bin;
location = / { rewrite ^ /mailman/listinfo permanent; }
location / { rewrite ^ /mailman$uri?$args; }
location = mailman { rewrite ^ /mailman/listinfo permanent; }
location /mailman { fastcgi_split_path_info (^/mailman/[^/]*)(.*)$; include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; fastcgi_intercept_errors on; fastcgi_pass unix:/var/run/fcgiwrap.socket; }
location /images/mailman { alias /var/lib/mailman/icons; }
location /pipermail { alias /var/lib/mailman/archives/public; autoindex on; } }