|
ajout version récente conf n...
|
1 |
server {
|
| 2 |
listen 80; |
|
| 3 |
server_name paris12.pcf.fr; |
|
| 4 | ||
| 5 |
access_log off; |
|
| 6 | ||
| 7 |
location ~ /\.well-known/acme-challenge {
|
|
| 8 |
allow all; |
|
| 9 |
default_type "text/plain"; |
|
| 10 |
root /var/www/grav; |
|
| 11 |
} |
|
| 12 | ||
| 13 |
location / {
|
|
| 14 |
return 301 https://$host$request_uri; |
|
| 15 |
} |
|
| 16 |
} |
|
| 17 | ||
| 18 |
server {
|
|
| 19 |
listen 443 ssl; |
|
| 20 |
server_name paris12.pcf.fr; |
|
| 21 |
root /var/www/grav; |
|
| 22 |
index index.html index.php; |
|
| 23 | ||
| 24 |
access_log off; |
|
| 25 |
error_log /var/log/nginx/grav/error.log; |
|
| 26 | ||
| 27 |
ssl_certificate /etc/letsencrypt/live/paris12.pcf.fr/fullchain.pem; |
|
| 28 |
ssl_certificate_key /etc/letsencrypt/live/paris12.pcf.fr/privkey.pem; |
|
| 29 | ||
| 30 |
location ^~ /\.well-known/acme-challenge {
|
|
| 31 |
allow all; |
|
| 32 |
default_type "text/plain"; |
|
| 33 |
} |
|
| 34 | ||
| 35 |
location ^~ /cgi-bin/mailman/admin/ {
|
|
| 36 |
return 301 https://listes.pcf.fr$request_uri; |
|
| 37 |
} |
|
| 38 | ||
| 39 |
location / {
|
|
| 40 |
try_files $uri $uri/ /index.php?$query_string; |
|
| 41 |
} |
|
| 42 | ||
| 43 |
# deny all direct access for these folders |
|
| 44 |
location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
|
|
| 45 | ||
| 46 |
# deny running scripts inside core system folders |
|
| 47 |
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
|
|
| 48 | ||
| 49 |
# deny running scripts inside user folder |
|
| 50 |
location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
|
|
| 51 | ||
| 52 |
# deny access to specific files in the root folder |
|
| 53 |
location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
|
|
| 54 | ||
| 55 |
location ~ \.php$ {
|
|
| 56 |
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; |
|
| 57 | ||
| 58 |
fastcgi_split_path_info ^(.+\.php)(/.+)$; |
|
| 59 |
fastcgi_index index.php; |
|
| 60 |
include fastcgi_params; |
|
| 61 |
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; |
|
| 62 |
} |
|
| 63 | ||
| 64 |
location ~* /logements-(e|%C3%A9|é)tudiants-jc {
|
|
| 65 |
rewrite ^.* https://cloud.paris12.pcf.fr/index.php/apps/forms/Pgoe5oGTpwAEFP6F permanent; |
|
| 66 |
} |
|
| 67 |
location ~* /pr(e|%C3%A9|é)pa-soir(e|%C3%A9|é)e-commission-culture {
|
|
| 68 |
rewrite ^.* https://cloud.paris12.pcf.fr/index.php/s/H3YPpQsxcAN5555 permanent; |
|
| 69 |
} |
|
| 70 |
} |
|
| 71 |