Permalink
Find file
1996573 Jan 28, 2014
46 lines (35 sloc) 1.21 KB
server {
listen 80;
server_name postfixadmin.domain.tld;
return 301 https://$server_name$request_uri; # enforce https
}
server {
listen 443 ssl;
server_name postfixadmin.domain.tld;
root /srv/http/www/postfixadmin;
index index.php;
charset utf-8;
## SSL settings
ssl_certificate /etc/nginx/ssl/ecdsa/ssl.crt;
ssl_certificate_key /etc/nginx/ssl/ecdsa/ssl.key;
ssl_protocols TLSv1.2;
ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4";
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_ecdh_curve secp521r1;
add_header Strict-Transport-Security max-age=31536000;
# add_header X-Frame-Options DENY;
# auth_basic "Restricted area";
# auth_basic_user_file /etc/nginx/passwd;
location / {
try_files $uri $uri/ index.php;
}
location ~* \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
}
}