Initial
This commit is contained in:
Alexey Berezhok
77
install/rpm/templates/web/nginx/caching.stpl
Executable file
77
install/rpm/templates/web/nginx/caching.stpl
Executable file
@@ -0,0 +1,77 @@
|
||||
#=========================================================================#
|
||||
# Default Web Domain Template #
|
||||
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
|
||||
# https://hestiacp.com/docs/server-administration/web-templates.html #
|
||||
#=========================================================================#
|
||||
|
||||
server {
|
||||
listen %ip%:%proxy_ssl_port% ssl;
|
||||
server_name %domain_idn% %alias_idn%;
|
||||
error_log /var/log/%web_system%/domains/%domain%.error.log error;
|
||||
|
||||
ssl_certificate %ssl_pem%;
|
||||
ssl_certificate_key %ssl_key%;
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
# TLS 1.3 0-RTT anti-replay
|
||||
if ($anti_replay = 307) { return 307 https://$host$request_uri; }
|
||||
if ($anti_replay = 425) { return 425; }
|
||||
|
||||
|
||||
include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
|
||||
|
||||
location ~ /\.(?!well-known\/|file) {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
|
||||
location / {
|
||||
proxy_pass https://%ip%:%web_ssl_port%;
|
||||
|
||||
proxy_cache %domain%;
|
||||
proxy_cache_valid 200 5m;
|
||||
proxy_cache_valid 301 302 10m;
|
||||
proxy_cache_valid 404 10m;
|
||||
proxy_cache_bypass $no_cache $cookie_session $http_x_update;
|
||||
proxy_no_cache $no_cache;
|
||||
|
||||
set $no_cache 0;
|
||||
|
||||
if ($request_uri ~* "/wp-admin/|/wp-json/|wp-.*.php|xmlrpc.php|/store.*|/cart.*|/my-account.*|/checkout.*|/user/|/admin/|/administrator/|/manager/|index.php") {
|
||||
set $no_cache 1;
|
||||
}
|
||||
|
||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|woocommerce_items_in_cart|woocommerce_cart_hash|PHPSESSID") {
|
||||
set $no_cache 1;
|
||||
}
|
||||
|
||||
if ($http_cookie ~ SESS) {
|
||||
set $no_cache 1;
|
||||
}
|
||||
|
||||
location ~* ^.+\.(%proxy_extensions%)$ {
|
||||
try_files $uri @fallback;
|
||||
|
||||
root %sdocroot%;
|
||||
access_log /var/log/%web_system%/domains/%domain%.log combined;
|
||||
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
|
||||
|
||||
expires max;
|
||||
|
||||
proxy_cache off;
|
||||
}
|
||||
}
|
||||
|
||||
location @fallback {
|
||||
proxy_pass https://%ip%:%web_ssl_port%;
|
||||
}
|
||||
|
||||
location /error/ {
|
||||
alias %home%/%user%/web/%domain%/document_errors/;
|
||||
}
|
||||
|
||||
proxy_hide_header Upgrade;
|
||||
|
||||
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
|
||||
}
|
||||
Reference in New Issue
Block a user