-
Notifications
You must be signed in to change notification settings - Fork 0
/
default.conf
165 lines (136 loc) · 4.86 KB
/
default.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
# Default server
server {
listen 80 default_server;
server_name _;
root /var/www/site/htdocs;
index index.php index.html index.htm;
#####
#
# Example configuration file for TYPO3 CMS - for use with NGINX Webserver.
#
# This file includes settings for the following configuration options:
#
# - Compression via TYPO3
# - Security
# - Settings for URL rewriting
#
# If you want to use it, you have to include the following directives into your "server" block,
# either by manually pasting it there or by using the "include" directive.
#
# IMPORTANT: You may need to change this file depending on your TYPO3 installation!
#
# Lines starting with a # are treated as comment and ignored by the web server.
#
# Questions about this file go to the matching Install mailing list, see
# http://typo3.org/documentation/mailing-lists/
#
####
### Begin: Compression via TYPO3 ###
#
# Compressing resource files will save bandwidth and so improve loading speed especially for users
# with slower internet connections. TYPO3 can compress the .js and .css files for you.
# *) Uncomment the following lines and
# *) Set $TYPO3_CONF_VARS['BE']['compressionLevel'] = '9' for the Backend
# *) Set $TYPO3_CONF_VARS['FE']['compressionLevel'] = '9' together with the TypoScript properties
# config.compressJs and config.compressCss for GZIP compression of Frontend JS and CSS files.
# Enable gzip compression
gzip on;
# Disable gzip compression for browsers that don't support it (in this case MS Internet Explorer
# before version 6 SV1).
#gzip_disable "MSIE [1-6]\.(?!.*SV1)";
# Set the response header Vary: Accept-Encoding.
# Some proxies have a bug in that they serve compressed content to browsers that don't support it.
# By setting the Vary: Accept-Encoding header, you instruct proxies to store both a compressed and
# uncompressed version of the content.
gzip_vary on;
# Enables or disables gzipping of responses for proxied requests depending on the request and response.
gzip_proxied any;
# This tells nginx what file types to compress (text/html is always compressed)
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml;
# Add mime-type for compressed js files.
location ~ \.js\.gzip {
types {
text/javascript gzip;
}
}
# Add mime-type for compressed css files.
location ~ \.css\.gzip {
types {
text/css css;
}
}
### End: Compression via TYPO3 ###
### Begin: Browser caching of resource files ###
# Enable long browser caching for assets. This affects Frontend and Backend and increases performance.
location ~* \.(js|css|png|jpg|jpeg|gif|ico|woff|ttf|svg|eot)$ {
# etag is supported on nginx >= 1.3.3
etag on;
expires 1y;
}
### End: Browser caching of resource files ###
### Begin: Security ###
#
# Prevent information disclosure by blocking files possibly containing sensitive information.
# Block access to hidden" directories or files.
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# Block access files accidentally left on the server.
location (\.(bak|config|sql(\.zip|\.gz|\.bz2)?|ini|log|sh|inc|swp|t3d)|~)$ {
deny all;
access_log off;
log_not_found off;
}
# Restrict access to deleted files in Recycler directories
location ~ ^/fileadmin/(.*/)?_recycler_/ {
deny all;
access_log off;
log_not_found off;
}
# Restrict access to TypoScript files in default templates directories
location ~ ^/fileadmin/templates/.*(\.txt|\.ts)$ {
deny all;
access_log off;
log_not_found off;
}
# Restrict access to Private extension directories
location ~ ^/typo3conf/ext/[^/]+/Resources/Private/ {
deny all;
access_log off;
log_not_found off;
}
### End: Security ###
### Begin: Settings for url rewriting ###
#
# You need rewriting, if you use a URL-Rewriting extension like realurl or cooluri.
# Rule for versioned static files, configured through:
# - $TYPO3_CONF_VARS['BE']['versionNumberInFilename']
# - $TYPO3_CONF_VARS['FE']['versionNumberInFilename']
if (!-e $request_filename) {
rewrite ^(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ $1.$3 last;
}
# Main URL rewriting
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
### End: Settings for url rewriting ###
### End: TYPO3 example configuration for NGINX ###
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 (CentOS)
# or to Unix-socket (Ubuntu)
location ~ \.php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 16k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_read_timeout 300;
}
}