# virtual_host # HTTP server { listen 80; server_name virtual_host; access_log /var/log/nginx/directory/virtual_host/access_log combined; error_log /var/log/nginx/directory/virtual_host/error_log warn; ssl off; location / { root /var/nginx/directory/virtual_host; index index.php index.html index.htm; } # PHP fastcgi # managed by spawn-fcgi on localhost:9003 location ~ \.php$ { fastcgi_pass 127.0.0.1:9003; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/nginx/directory/virtual_host$fastcgi_script_name; #fastcgi_param HTTPS on; include fastcgi_params; } # Mailman # proxy to CGI managed by thttpd on localhost:8000 location /listes/ { rewrite ^/listes/$ /listes/listinfo last; proxy_pass http://127.0.0.1:8000/; proxy_set_header Host $host; proxy_intercept_errors on; } location /admin { proxy_pass http://127.0.0.1:8000/admin; proxy_set_header Host $host; proxy_intercept_errors on; } location /listes/images/mailman/ { alias /usr/local/lib/mailman/icons/; } location /pipermail/ { alias /usr/local/lib/mailman/archives/public/; } # protecting the Dokuwiki internal data directories location ~ /wiki/(data|conf|bin|inc)/ { deny all; } # protecting the Dokuwiki internal data directories location ~ /random/wiki/(data|conf|bin|inc)/ { deny all; } # protecting the Dokuwiki internal data directories location ~ /load/wiki/(data|conf|bin|inc)/ { deny all; } location ~ /\.ht { deny all; } } # virtual_host # HTTPS server { listen 443; server_name virtual_host; access_log /var/log/nginx/directory/virtual_host/access_log combined; error_log /var/log/nginx/directory/virtual_host/error_log warn; ssl on; ssl_certificate /etc/ssl/virtual_host.crt; ssl_certificate_key /etc/ssl/private/virtual_host.key; ssl_session_timeout 5m; ssl_protocols TLSv1.2 TLSv1.1 TLSv1; ssl_ciphers HIGH:!ADH:!AECDH:!PSK:!3DES:!MD5; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSLcachevhost:1m; location / { root /var/nginx/directory/virtual_host; index index.php index.html index.htm; } # PHP fastcgi # managed by spawn-fcgi on localhost:9003 location ~ \.php$ { fastcgi_pass 127.0.0.1:9003; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/nginx/directory/virtual_host$fastcgi_script_name; fastcgi_param HTTPS on; include fastcgi_params; } # Mailman # proxy to CGI managed by thttpd on localhost:8000 location /listes/ { rewrite ^/listes/$ /listes/listinfo last; proxy_pass http://127.0.0.1:8000/; proxy_set_header Host $host; proxy_intercept_errors on; } location /admin { proxy_pass http://127.0.0.1:8000/admin; proxy_set_header Host $host; proxy_intercept_errors on; } location /listes/images/mailman/ { alias /usr/local/lib/mailman/icons/; } location /pipermail/ { alias /usr/local/lib/mailman/archives/public/; } # protecting the Dokuwiki internal data directories location ~ /wiki/(data|conf|bin|inc)/ { deny all; } # protecting the Dokuwiki internal data directories location ~ /random/wiki/(data|conf|bin|inc)/ { deny all; } location ~ /\.ht { deny all; } }