Adding Nginx into Git
This commit is contained in:
commit
00293fe90a
|
@ -0,0 +1,8 @@
|
|||
# EasyEngine (ee) protect locations using
|
||||
# HTTP authentication || IP address
|
||||
satisfy any;
|
||||
auth_basic "Restricted Area";
|
||||
auth_basic_user_file htpasswd-ee;
|
||||
# Allowed IP Address List
|
||||
allow 127.0.0.1;
|
||||
deny all;
|
|
@ -0,0 +1,68 @@
|
|||
# NGINX CONFIGURATION FOR COMMON LOCATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
# Basic locations files
|
||||
location = /favicon.ico {
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
expires max;
|
||||
}
|
||||
location = /robots.txt {
|
||||
# Some WordPress plugin gererate robots.txt file
|
||||
# Refer #340 issue
|
||||
try_files $uri $uri/ /index.php?$args;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
# Cache static files
|
||||
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ {
|
||||
add_header "Access-Control-Allow-Origin" "*";
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
expires max;
|
||||
}
|
||||
# Security settings for better privacy
|
||||
# Deny hidden files
|
||||
location ~ /\.well-known {
|
||||
allow all;
|
||||
}
|
||||
location ~ /\. {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
# Deny backup extensions & log files
|
||||
location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html)
|
||||
if ($uri ~* "^.+(readme|license|example)\.(txt|html)$") {
|
||||
return 403;
|
||||
}
|
||||
# Status pages
|
||||
location = /nginx_status {
|
||||
stub_status on;
|
||||
access_log off;
|
||||
include common/acl.conf;
|
||||
}
|
||||
location ~ ^/(status|ping)$ {
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php7;
|
||||
include common/acl.conf;
|
||||
}
|
||||
# EasyEngine (ee) utilities
|
||||
# phpMyAdmin settings
|
||||
location = /pma {
|
||||
return 301 https://$host:22222/db/pma;
|
||||
}
|
||||
location = /phpMyAdmin {
|
||||
return 301 https://$host:22222/db/pma;
|
||||
}
|
||||
location = /phpmyadmin {
|
||||
return 301 https://$host:22222/db/pma;
|
||||
}
|
||||
# Adminer settings
|
||||
location = /adminer {
|
||||
return 301 https://$host:22222/db/adminer;
|
||||
}
|
|
@ -0,0 +1,68 @@
|
|||
# NGINX CONFIGURATION FOR COMMON LOCATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
# Basic locations files
|
||||
location = /favicon.ico {
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
expires max;
|
||||
}
|
||||
location = /robots.txt {
|
||||
# Some WordPress plugin gererate robots.txt file
|
||||
# Refer #340 issue
|
||||
try_files $uri $uri/ /index.php?$args;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
# Cache static files
|
||||
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ {
|
||||
add_header "Access-Control-Allow-Origin" "*";
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
expires max;
|
||||
}
|
||||
# Security settings for better privacy
|
||||
# Deny hidden files
|
||||
location ~ /\.well-known {
|
||||
allow all;
|
||||
}
|
||||
location ~ /\. {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
# Deny backup extensions & log files
|
||||
location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html)
|
||||
if ($uri ~* "^.+(readme|license|example)\.(txt|html)$") {
|
||||
return 403;
|
||||
}
|
||||
# Status pages
|
||||
location = /nginx_status {
|
||||
stub_status on;
|
||||
access_log off;
|
||||
include common/acl.conf;
|
||||
}
|
||||
location ~ ^/(status|ping)$ {
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php;
|
||||
include common/acl.conf;
|
||||
}
|
||||
# EasyEngine (ee) utilities
|
||||
# phpMyAdmin settings
|
||||
location = /pma {
|
||||
return 301 https://$host:22222/db/pma;
|
||||
}
|
||||
location = /phpMyAdmin {
|
||||
return 301 https://$host:22222/db/pma;
|
||||
}
|
||||
location = /phpmyadmin {
|
||||
return 301 https://$host:22222/db/pma;
|
||||
}
|
||||
# Adminer settings
|
||||
location = /adminer {
|
||||
return 301 https://$host:22222/db/adminer;
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
# PHP NGINX CONFIGURATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php?$args;
|
||||
}
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php;
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
# PHP NGINX CONFIGURATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php?$args;
|
||||
}
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php7;
|
||||
}
|
|
@ -0,0 +1,56 @@
|
|||
# Redis NGINX CONFIGURATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
set $skip_cache 0;
|
||||
# POST requests and URL with a query string should always go to php
|
||||
if ($request_method = POST) {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
if ($query_string != "") {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
# Don't cache URL containing the following segments
|
||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php?$args;
|
||||
}
|
||||
|
||||
location /redis-fetch {
|
||||
internal ;
|
||||
set $redis_key $args;
|
||||
redis_pass redis;
|
||||
}
|
||||
location /redis-store {
|
||||
internal ;
|
||||
set_unescape_uri $key $arg_key ;
|
||||
redis2_query set $key $echo_request_body;
|
||||
redis2_query expire $key 14400;
|
||||
redis2_pass redis;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
set $key "nginx-cache:$scheme$request_method$host$request_uri";
|
||||
try_files $uri =404;
|
||||
|
||||
srcache_fetch_skip $skip_cache;
|
||||
srcache_store_skip $skip_cache;
|
||||
|
||||
srcache_response_cache_control off;
|
||||
|
||||
set_escape_uri $escaped_key $key;
|
||||
|
||||
srcache_fetch GET /redis-fetch $key;
|
||||
srcache_store PUT /redis-store key=$escaped_key;
|
||||
|
||||
more_set_headers 'X-SRCache-Fetch-Status $srcache_fetch_status';
|
||||
more_set_headers 'X-SRCache-Store-Status $srcache_store_status';
|
||||
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php7;
|
||||
}
|
|
@ -0,0 +1,31 @@
|
|||
|
||||
# W3TC NGINX CONFIGURATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
set $cache_uri $request_uri;
|
||||
# POST requests and URL with a query string should always go to php
|
||||
if ($request_method = POST) {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
if ($query_string != "") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Don't cache URL containing the following segments
|
||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
||||
location / {
|
||||
try_files /wp-content/cache/page_enhanced/${host}${cache_uri}_index.html $uri $uri/ /index.php?$args;
|
||||
}
|
||||
location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ {
|
||||
try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1;
|
||||
}
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php7;
|
||||
}
|
|
@ -0,0 +1,31 @@
|
|||
|
||||
# W3TC NGINX CONFIGURATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
set $cache_uri $request_uri;
|
||||
# POST requests and URL with a query string should always go to php
|
||||
if ($request_method = POST) {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
if ($query_string != "") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Don't cache URL containing the following segments
|
||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
||||
location / {
|
||||
try_files /wp-content/cache/page_enhanced/${host}${cache_uri}_index.html $uri $uri/ /index.php?$args;
|
||||
}
|
||||
location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ {
|
||||
try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1;
|
||||
}
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php;
|
||||
}
|
|
@ -0,0 +1,21 @@
|
|||
# WordPress COMMON SETTINGS
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
# Limit access to avoid brute force attack
|
||||
location = /wp-login.php {
|
||||
limit_req zone=one burst=1 nodelay;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php7;
|
||||
}
|
||||
# Disable wp-config.txt
|
||||
location = /wp-config.txt {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
# Disallow php in upload folder
|
||||
location /wp-content/uploads/ {
|
||||
location ~ \.php$ {
|
||||
#Prevent Direct Access Of PHP Files From Web Browsers
|
||||
deny all;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,21 @@
|
|||
# WordPress COMMON SETTINGS
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
# Limit access to avoid brute force attack
|
||||
location = /wp-login.php {
|
||||
limit_req zone=one burst=1 nodelay;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php;
|
||||
}
|
||||
# Disable wp-config.txt
|
||||
location = /wp-config.txt {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
# Disallow php in upload folder
|
||||
location /wp-content/uploads/ {
|
||||
location ~ \.php$ {
|
||||
#Prevent Direct Access Of PHP Files From Web Browsers
|
||||
deny all;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,37 @@
|
|||
# WPFC NGINX CONFIGURATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
set $skip_cache 0;
|
||||
# POST requests and URL with a query string should always go to php
|
||||
if ($request_method = POST) {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
if ($query_string != "") {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
# Don't cache URL containing the following segments
|
||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php?$args;
|
||||
}
|
||||
location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ {
|
||||
try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1;
|
||||
}
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php7;
|
||||
fastcgi_cache_bypass $skip_cache;
|
||||
fastcgi_no_cache $skip_cache;
|
||||
fastcgi_cache WORDPRESS;
|
||||
}
|
||||
location ~ /purge(/.*) {
|
||||
fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";
|
||||
access_log off;
|
||||
}
|
|
@ -0,0 +1,37 @@
|
|||
# WPFC NGINX CONFIGURATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
set $skip_cache 0;
|
||||
# POST requests and URL with a query string should always go to php
|
||||
if ($request_method = POST) {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
if ($query_string != "") {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
# Don't cache URL containing the following segments
|
||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
||||
set $skip_cache 1;
|
||||
}
|
||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php?$args;
|
||||
}
|
||||
location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ {
|
||||
try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1;
|
||||
}
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php;
|
||||
fastcgi_cache_bypass $skip_cache;
|
||||
fastcgi_no_cache $skip_cache;
|
||||
fastcgi_cache WORDPRESS;
|
||||
}
|
||||
location ~ /purge(/.*) {
|
||||
fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";
|
||||
access_log off;
|
||||
}
|
|
@ -0,0 +1,31 @@
|
|||
# WPSC NGINX CONFIGURATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
set $cache_uri $request_uri;
|
||||
# POST requests and URL with a query string should always go to php
|
||||
if ($request_method = POST) {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
if ($query_string != "") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Don't cache URL containing the following segments
|
||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
||||
location / {
|
||||
# If we add index.php?$args its break WooCommerce like plugins
|
||||
# Ref: #330
|
||||
try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php;
|
||||
}
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php7;
|
||||
# Following line is needed by WP Super Cache plugin
|
||||
fastcgi_param SERVER_NAME $http_host;
|
||||
}
|
|
@ -0,0 +1,31 @@
|
|||
# WPSC NGINX CONFIGURATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
set $cache_uri $request_uri;
|
||||
# POST requests and URL with a query string should always go to php
|
||||
if ($request_method = POST) {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
if ($query_string != "") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Don't cache URL containing the following segments
|
||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
||||
set $cache_uri 'null cache';
|
||||
}
|
||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
||||
location / {
|
||||
# If we add index.php?$args its break WooCommerce like plugins
|
||||
# Ref: #330
|
||||
try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php;
|
||||
}
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php;
|
||||
# Following line is needed by WP Super Cache plugin
|
||||
fastcgi_param SERVER_NAME $http_host;
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
# WPSUBDIRECTORY NGINX CONFIGURATION
|
||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
||||
if (!-e $request_filename) {
|
||||
# Redirect wp-admin to wp-admin/
|
||||
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
|
||||
# Redirect wp-* files/folders
|
||||
rewrite ^(/[^/]+)?(/wp-.*) $2 last;
|
||||
# Redirect other php files
|
||||
rewrite ^(/[^/]+)?(/.*\.php) $2 last;
|
||||
}
|
|
@ -0,0 +1,2 @@
|
|||
# Block IP Address
|
||||
# deny 1.1.1.1;
|
|
@ -0,0 +1,10 @@
|
|||
# FastCGI cache settings
|
||||
fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m;
|
||||
fastcgi_cache_key "$scheme$request_method$host$request_uri";
|
||||
fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503;
|
||||
fastcgi_cache_valid 200 301 302 404 1h;
|
||||
fastcgi_buffers 16 16k;
|
||||
fastcgi_buffer_size 32k;
|
||||
fastcgi_param SERVER_NAME $http_host;
|
||||
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
|
||||
fastcgi_keep_conn on;
|
|
@ -0,0 +1,10 @@
|
|||
# Common upstream settings
|
||||
upstream php {
|
||||
# server unix:/run/php5-fpm.sock;
|
||||
server 127.0.0.1:9000;
|
||||
}
|
||||
upstream debug {
|
||||
# Debug Pool
|
||||
server 127.0.0.1:9001;
|
||||
}
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param QUERY_STRING $query_string;
|
||||
fastcgi_param REQUEST_METHOD $request_method;
|
||||
fastcgi_param CONTENT_TYPE $content_type;
|
||||
fastcgi_param CONTENT_LENGTH $content_length;
|
||||
|
||||
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
|
||||
fastcgi_param REQUEST_URI $request_uri;
|
||||
fastcgi_param DOCUMENT_URI $document_uri;
|
||||
fastcgi_param DOCUMENT_ROOT $document_root;
|
||||
fastcgi_param SERVER_PROTOCOL $server_protocol;
|
||||
fastcgi_param HTTPS $https if_not_empty;
|
||||
|
||||
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
|
||||
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
|
||||
|
||||
fastcgi_param REMOTE_ADDR $remote_addr;
|
||||
fastcgi_param REMOTE_PORT $remote_port;
|
||||
fastcgi_param SERVER_ADDR $server_addr;
|
||||
fastcgi_param SERVER_PORT $server_port;
|
||||
fastcgi_param SERVER_NAME $server_name;
|
||||
|
||||
# PHP only, required if PHP was built with --enable-force-cgi-redirect
|
||||
fastcgi_param REDIRECT_STATUS 200;
|
|
@ -0,0 +1,28 @@
|
|||
|
||||
fastcgi_param QUERY_STRING $query_string;
|
||||
fastcgi_param REQUEST_METHOD $request_method;
|
||||
fastcgi_param CONTENT_TYPE $content_type;
|
||||
fastcgi_param CONTENT_LENGTH $content_length;
|
||||
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
|
||||
fastcgi_param REQUEST_URI $request_uri;
|
||||
fastcgi_param DOCUMENT_URI $document_uri;
|
||||
fastcgi_param DOCUMENT_ROOT $document_root;
|
||||
fastcgi_param SERVER_PROTOCOL $server_protocol;
|
||||
fastcgi_param HTTPS $https if_not_empty;
|
||||
|
||||
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
|
||||
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
|
||||
|
||||
fastcgi_param REMOTE_ADDR $remote_addr;
|
||||
fastcgi_param REMOTE_PORT $remote_port;
|
||||
fastcgi_param SERVER_ADDR $server_addr;
|
||||
fastcgi_param SERVER_PORT $server_port;
|
||||
fastcgi_param SERVER_NAME $server_name;
|
||||
|
||||
# PHP only, required if PHP was built with --enable-force-cgi-redirect
|
||||
fastcgi_param REDIRECT_STATUS 200;
|
||||
|
||||
# To fix CGI application vulnerability - https://httpoxy.org
|
||||
fastcgi_param HTTP_PROXY "";
|
|
@ -0,0 +1 @@
|
|||
easyengine:r/h9b/YkGBzs2
|
|
@ -0,0 +1,109 @@
|
|||
|
||||
# This map is not a full koi8-r <> utf8 map: it does not contain
|
||||
# box-drawing and some other characters. Besides this map contains
|
||||
# several koi8-u and Byelorussian letters which are not in koi8-r.
|
||||
# If you need a full and standard map, use contrib/unicode2nginx/koi-utf
|
||||
# map instead.
|
||||
|
||||
charset_map koi8-r utf-8 {
|
||||
|
||||
80 E282AC ; # euro
|
||||
|
||||
95 E280A2 ; # bullet
|
||||
|
||||
9A C2A0 ; #
|
||||
|
||||
9E C2B7 ; # ·
|
||||
|
||||
A3 D191 ; # small yo
|
||||
A4 D194 ; # small Ukrainian ye
|
||||
|
||||
A6 D196 ; # small Ukrainian i
|
||||
A7 D197 ; # small Ukrainian yi
|
||||
|
||||
AD D291 ; # small Ukrainian soft g
|
||||
AE D19E ; # small Byelorussian short u
|
||||
|
||||
B0 C2B0 ; # °
|
||||
|
||||
B3 D081 ; # capital YO
|
||||
B4 D084 ; # capital Ukrainian YE
|
||||
|
||||
B6 D086 ; # capital Ukrainian I
|
||||
B7 D087 ; # capital Ukrainian YI
|
||||
|
||||
B9 E28496 ; # numero sign
|
||||
|
||||
BD D290 ; # capital Ukrainian soft G
|
||||
BE D18E ; # capital Byelorussian short U
|
||||
|
||||
BF C2A9 ; # (C)
|
||||
|
||||
C0 D18E ; # small yu
|
||||
C1 D0B0 ; # small a
|
||||
C2 D0B1 ; # small b
|
||||
C3 D186 ; # small ts
|
||||
C4 D0B4 ; # small d
|
||||
C5 D0B5 ; # small ye
|
||||
C6 D184 ; # small f
|
||||
C7 D0B3 ; # small g
|
||||
C8 D185 ; # small kh
|
||||
C9 D0B8 ; # small i
|
||||
CA D0B9 ; # small j
|
||||
CB D0BA ; # small k
|
||||
CC D0BB ; # small l
|
||||
CD D0BC ; # small m
|
||||
CE D0BD ; # small n
|
||||
CF D0BE ; # small o
|
||||
|
||||
D0 D0BF ; # small p
|
||||
D1 D18F ; # small ya
|
||||
D2 D180 ; # small r
|
||||
D3 D181 ; # small s
|
||||
D4 D182 ; # small t
|
||||
D5 D183 ; # small u
|
||||
D6 D0B6 ; # small zh
|
||||
D7 D0B2 ; # small v
|
||||
D8 D18C ; # small soft sign
|
||||
D9 D18B ; # small y
|
||||
DA D0B7 ; # small z
|
||||
DB D188 ; # small sh
|
||||
DC D18D ; # small e
|
||||
DD D189 ; # small shch
|
||||
DE D187 ; # small ch
|
||||
DF D18A ; # small hard sign
|
||||
|
||||
E0 D0AE ; # capital YU
|
||||
E1 D090 ; # capital A
|
||||
E2 D091 ; # capital B
|
||||
E3 D0A6 ; # capital TS
|
||||
E4 D094 ; # capital D
|
||||
E5 D095 ; # capital YE
|
||||
E6 D0A4 ; # capital F
|
||||
E7 D093 ; # capital G
|
||||
E8 D0A5 ; # capital KH
|
||||
E9 D098 ; # capital I
|
||||
EA D099 ; # capital J
|
||||
EB D09A ; # capital K
|
||||
EC D09B ; # capital L
|
||||
ED D09C ; # capital M
|
||||
EE D09D ; # capital N
|
||||
EF D09E ; # capital O
|
||||
|
||||
F0 D09F ; # capital P
|
||||
F1 D0AF ; # capital YA
|
||||
F2 D0A0 ; # capital R
|
||||
F3 D0A1 ; # capital S
|
||||
F4 D0A2 ; # capital T
|
||||
F5 D0A3 ; # capital U
|
||||
F6 D096 ; # capital ZH
|
||||
F7 D092 ; # capital V
|
||||
F8 D0AC ; # capital soft sign
|
||||
F9 D0AB ; # capital Y
|
||||
FA D097 ; # capital Z
|
||||
FB D0A8 ; # capital SH
|
||||
FC D0AD ; # capital E
|
||||
FD D0A9 ; # capital SHCH
|
||||
FE D0A7 ; # capital CH
|
||||
FF D0AA ; # capital hard sign
|
||||
}
|
|
@ -0,0 +1,103 @@
|
|||
|
||||
charset_map koi8-r windows-1251 {
|
||||
|
||||
80 88 ; # euro
|
||||
|
||||
95 95 ; # bullet
|
||||
|
||||
9A A0 ; #
|
||||
|
||||
9E B7 ; # ·
|
||||
|
||||
A3 B8 ; # small yo
|
||||
A4 BA ; # small Ukrainian ye
|
||||
|
||||
A6 B3 ; # small Ukrainian i
|
||||
A7 BF ; # small Ukrainian yi
|
||||
|
||||
AD B4 ; # small Ukrainian soft g
|
||||
AE A2 ; # small Byelorussian short u
|
||||
|
||||
B0 B0 ; # °
|
||||
|
||||
B3 A8 ; # capital YO
|
||||
B4 AA ; # capital Ukrainian YE
|
||||
|
||||
B6 B2 ; # capital Ukrainian I
|
||||
B7 AF ; # capital Ukrainian YI
|
||||
|
||||
B9 B9 ; # numero sign
|
||||
|
||||
BD A5 ; # capital Ukrainian soft G
|
||||
BE A1 ; # capital Byelorussian short U
|
||||
|
||||
BF A9 ; # (C)
|
||||
|
||||
C0 FE ; # small yu
|
||||
C1 E0 ; # small a
|
||||
C2 E1 ; # small b
|
||||
C3 F6 ; # small ts
|
||||
C4 E4 ; # small d
|
||||
C5 E5 ; # small ye
|
||||
C6 F4 ; # small f
|
||||
C7 E3 ; # small g
|
||||
C8 F5 ; # small kh
|
||||
C9 E8 ; # small i
|
||||
CA E9 ; # small j
|
||||
CB EA ; # small k
|
||||
CC EB ; # small l
|
||||
CD EC ; # small m
|
||||
CE ED ; # small n
|
||||
CF EE ; # small o
|
||||
|
||||
D0 EF ; # small p
|
||||
D1 FF ; # small ya
|
||||
D2 F0 ; # small r
|
||||
D3 F1 ; # small s
|
||||
D4 F2 ; # small t
|
||||
D5 F3 ; # small u
|
||||
D6 E6 ; # small zh
|
||||
D7 E2 ; # small v
|
||||
D8 FC ; # small soft sign
|
||||
D9 FB ; # small y
|
||||
DA E7 ; # small z
|
||||
DB F8 ; # small sh
|
||||
DC FD ; # small e
|
||||
DD F9 ; # small shch
|
||||
DE F7 ; # small ch
|
||||
DF FA ; # small hard sign
|
||||
|
||||
E0 DE ; # capital YU
|
||||
E1 C0 ; # capital A
|
||||
E2 C1 ; # capital B
|
||||
E3 D6 ; # capital TS
|
||||
E4 C4 ; # capital D
|
||||
E5 C5 ; # capital YE
|
||||
E6 D4 ; # capital F
|
||||
E7 C3 ; # capital G
|
||||
E8 D5 ; # capital KH
|
||||
E9 C8 ; # capital I
|
||||
EA C9 ; # capital J
|
||||
EB CA ; # capital K
|
||||
EC CB ; # capital L
|
||||
ED CC ; # capital M
|
||||
EE CD ; # capital N
|
||||
EF CE ; # capital O
|
||||
|
||||
F0 CF ; # capital P
|
||||
F1 DF ; # capital YA
|
||||
F2 D0 ; # capital R
|
||||
F3 D1 ; # capital S
|
||||
F4 D2 ; # capital T
|
||||
F5 D3 ; # capital U
|
||||
F6 C6 ; # capital ZH
|
||||
F7 C2 ; # capital V
|
||||
F8 DC ; # capital soft sign
|
||||
F9 DB ; # capital Y
|
||||
FA C7 ; # capital Z
|
||||
FB D8 ; # capital SH
|
||||
FC DD ; # capital E
|
||||
FD D9 ; # capital SHCH
|
||||
FE D7 ; # capital CH
|
||||
FF DA ; # capital hard sign
|
||||
}
|
|
@ -0,0 +1,89 @@
|
|||
|
||||
types {
|
||||
text/html html htm shtml;
|
||||
text/css css;
|
||||
text/xml xml;
|
||||
image/gif gif;
|
||||
image/jpeg jpeg jpg;
|
||||
application/javascript js;
|
||||
application/atom+xml atom;
|
||||
application/rss+xml rss;
|
||||
|
||||
text/mathml mml;
|
||||
text/plain txt;
|
||||
text/vnd.sun.j2me.app-descriptor jad;
|
||||
text/vnd.wap.wml wml;
|
||||
text/x-component htc;
|
||||
|
||||
image/png png;
|
||||
image/tiff tif tiff;
|
||||
image/vnd.wap.wbmp wbmp;
|
||||
image/x-icon ico;
|
||||
image/x-jng jng;
|
||||
image/x-ms-bmp bmp;
|
||||
image/svg+xml svg svgz;
|
||||
image/webp webp;
|
||||
|
||||
application/font-woff woff;
|
||||
application/java-archive jar war ear;
|
||||
application/json json;
|
||||
application/mac-binhex40 hqx;
|
||||
application/msword doc;
|
||||
application/pdf pdf;
|
||||
application/postscript ps eps ai;
|
||||
application/rtf rtf;
|
||||
application/vnd.apple.mpegurl m3u8;
|
||||
application/vnd.ms-excel xls;
|
||||
application/vnd.ms-fontobject eot;
|
||||
application/vnd.ms-powerpoint ppt;
|
||||
application/vnd.wap.wmlc wmlc;
|
||||
application/vnd.google-earth.kml+xml kml;
|
||||
application/vnd.google-earth.kmz kmz;
|
||||
application/x-7z-compressed 7z;
|
||||
application/x-cocoa cco;
|
||||
application/x-java-archive-diff jardiff;
|
||||
application/x-java-jnlp-file jnlp;
|
||||
application/x-makeself run;
|
||||
application/x-perl pl pm;
|
||||
application/x-pilot prc pdb;
|
||||
application/x-rar-compressed rar;
|
||||
application/x-redhat-package-manager rpm;
|
||||
application/x-sea sea;
|
||||
application/x-shockwave-flash swf;
|
||||
application/x-stuffit sit;
|
||||
application/x-tcl tcl tk;
|
||||
application/x-x509-ca-cert der pem crt;
|
||||
application/x-xpinstall xpi;
|
||||
application/xhtml+xml xhtml;
|
||||
application/xspf+xml xspf;
|
||||
application/zip zip;
|
||||
|
||||
application/octet-stream bin exe dll;
|
||||
application/octet-stream deb;
|
||||
application/octet-stream dmg;
|
||||
application/octet-stream iso img;
|
||||
application/octet-stream msi msp msm;
|
||||
|
||||
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
|
||||
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
|
||||
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
|
||||
|
||||
audio/midi mid midi kar;
|
||||
audio/mpeg mp3;
|
||||
audio/ogg ogg;
|
||||
audio/x-m4a m4a;
|
||||
audio/x-realaudio ra;
|
||||
|
||||
video/3gpp 3gpp 3gp;
|
||||
video/mp2t ts;
|
||||
video/mp4 mp4;
|
||||
video/mpeg mpeg mpg;
|
||||
video/quicktime mov;
|
||||
video/webm webm;
|
||||
video/x-flv flv;
|
||||
video/x-m4v m4v;
|
||||
video/x-mng mng;
|
||||
video/x-ms-asf asx asf;
|
||||
video/x-ms-wmv wmv;
|
||||
video/x-msvideo avi;
|
||||
}
|
|
@ -0,0 +1,83 @@
|
|||
##################################
|
||||
## INTERNAL RULES IDS:1-999 ##
|
||||
##################################
|
||||
#@MainRule "msg:weird request, unable to parse" id:1;
|
||||
#@MainRule "msg:request too big, stored on disk and not parsed" id:2;
|
||||
#@MainRule "msg:invalid hex encoding, null bytes" id:10;
|
||||
#@MainRule "msg:unknown content-type" id:11;
|
||||
#@MainRule "msg:invalid formatted url" id:12;
|
||||
#@MainRule "msg:invalid POST format" id:13;
|
||||
#@MainRule "msg:invalid POST boundary" id:14;
|
||||
#@MainRule "msg:invalid JSON" id:15;
|
||||
#@MainRule "msg:empty POST" id:16;
|
||||
#@MainRule "msg:libinjection_sql" id:17;
|
||||
#@MainRule "msg:libinjection_xss" id:18;
|
||||
|
||||
##################################
|
||||
## SQL Injections IDs:1000-1099 ##
|
||||
##################################
|
||||
MainRule "rx:select|union|update|delete|insert|table|from|ascii|hex|unhex|drop" "msg:sql keywords" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1000;
|
||||
MainRule "str:\"" "msg:double quote" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8,$XSS:8" id:1001;
|
||||
MainRule "str:0x" "msg:0x, possible hex encoding" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:2" id:1002;
|
||||
## Hardcore rules
|
||||
MainRule "str:/*" "msg:mysql comment (/*)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1003;
|
||||
MainRule "str:*/" "msg:mysql comment (*/)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1004;
|
||||
MainRule "str:|" "msg:mysql keyword (|)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1005;
|
||||
MainRule "str:&&" "msg:mysql keyword (&&)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1006;
|
||||
## end of hardcore rules
|
||||
MainRule "str:--" "msg:mysql comment (--)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1007;
|
||||
MainRule "str:;" "msg:semicolon" "mz:BODY|URL|ARGS" "s:$SQL:4,$XSS:8" id:1008;
|
||||
MainRule "str:=" "msg:equal sign in var, probable sql/xss" "mz:ARGS|BODY" "s:$SQL:2" id:1009;
|
||||
MainRule "str:(" "msg:open parenthesis, probable sql/xss" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1010;
|
||||
MainRule "str:)" "msg:close parenthesis, probable sql/xss" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1011;
|
||||
MainRule "str:'" "msg:simple quote" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$SQL:4,$XSS:8" id:1013;
|
||||
MainRule "str:," "msg:comma" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1015;
|
||||
MainRule "str:#" "msg:mysql comment (#)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1016;
|
||||
MainRule "str:@@" "msg:double arobase (@@)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1017;
|
||||
|
||||
###############################
|
||||
## OBVIOUS RFI IDs:1100-1199 ##
|
||||
###############################
|
||||
MainRule "str:http://" "msg:http:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1100;
|
||||
MainRule "str:https://" "msg:https:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1101;
|
||||
MainRule "str:ftp://" "msg:ftp:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1102;
|
||||
MainRule "str:php://" "msg:php:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1103;
|
||||
MainRule "str:sftp://" "msg:sftp:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1104;
|
||||
MainRule "str:zlib://" "msg:zlib:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1105;
|
||||
MainRule "str:data://" "msg:data:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1106;
|
||||
MainRule "str:glob://" "msg:glob:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1107;
|
||||
MainRule "str:phar://" "msg:phar:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1108;
|
||||
MainRule "str:file://" "msg:file:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1109;
|
||||
MainRule "str:gopher://" "msg:gopher:// scheme" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$RFI:8" id:1110;
|
||||
|
||||
#######################################
|
||||
## Directory traversal IDs:1200-1299 ##
|
||||
#######################################
|
||||
MainRule "str:.." "msg:double dot" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1200;
|
||||
MainRule "str:/etc/passwd" "msg:obvious probe" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1202;
|
||||
MainRule "str:c:\\" "msg:obvious windows path" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1203;
|
||||
MainRule "str:cmd.exe" "msg:obvious probe" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1204;
|
||||
MainRule "str:\\" "msg:backslash" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:4" id:1205;
|
||||
#MainRule "str:/" "msg:slash in args" "mz:ARGS|BODY|$HEADERS_VAR:Cookie" "s:$TRAVERSAL:2" id:1206;
|
||||
|
||||
########################################
|
||||
## Cross Site Scripting IDs:1300-1399 ##
|
||||
########################################
|
||||
MainRule "str:<" "msg:html open tag" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1302;
|
||||
MainRule "str:>" "msg:html close tag" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1303;
|
||||
MainRule "str:[" "msg:open square backet ([), possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1310;
|
||||
MainRule "str:]" "msg:close square bracket (]), possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
|
||||
MainRule "str:~" "msg:tilde (~) character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
|
||||
MainRule "str:`" "msg:grave accent (`)" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
|
||||
MainRule "rx:%[23]." "msg:double encoding" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
|
||||
|
||||
####################################
|
||||
## Evading tricks IDs: 1400-1500 ##
|
||||
####################################
|
||||
MainRule "str:&#" "msg:utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
|
||||
MainRule "str:%U" "msg:M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
|
||||
|
||||
#############################
|
||||
## File uploads: 1500-1600 ##
|
||||
#############################
|
||||
MainRule "rx:\.ph|\.asp|\.ht" "msg:asp/php file upload" "mz:FILE_EXT" "s:$UPLOAD:8" id:1500;
|
|
@ -0,0 +1,128 @@
|
|||
user www-data;
|
||||
worker_processes auto;
|
||||
worker_rlimit_nofile 100000;
|
||||
pid /run/nginx.pid;
|
||||
|
||||
events {
|
||||
worker_connections 4096;
|
||||
multi_accept on;
|
||||
}
|
||||
|
||||
http {
|
||||
##
|
||||
# EasyEngine Settings
|
||||
##
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
keepalive_timeout 30;
|
||||
types_hash_max_size 2048;
|
||||
|
||||
server_tokens off;
|
||||
reset_timedout_connection on;
|
||||
add_header X-Powered-By "EasyEngine 3.8.1";
|
||||
add_header rt-Fastcgi-Cache $upstream_cache_status;
|
||||
|
||||
# Limit Request
|
||||
limit_req_status 403;
|
||||
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
|
||||
|
||||
# Proxy Settings
|
||||
# set_real_ip_from proxy-server-ip;
|
||||
# real_ip_header X-Forwarded-For;
|
||||
|
||||
fastcgi_read_timeout 300;
|
||||
client_max_body_size 100m;
|
||||
|
||||
##
|
||||
# SSL Settings
|
||||
##
|
||||
|
||||
ssl_session_cache shared:SSL:20m;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHADHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!ECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
|
||||
##
|
||||
# Basic Settings
|
||||
##
|
||||
# server_names_hash_bucket_size 64;
|
||||
# server_name_in_redirect off;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
##
|
||||
# Logging Settings
|
||||
##
|
||||
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
# Log format Settings
|
||||
log_format rt_cache '$remote_addr $upstream_response_time $upstream_cache_status [$time_local] '
|
||||
'$http_host "$request" $status $body_bytes_sent '
|
||||
'"$http_referer" "$http_user_agent"';
|
||||
|
||||
##
|
||||
# Gzip Settings
|
||||
##
|
||||
|
||||
gzip on;
|
||||
gzip_disable "msie6";
|
||||
|
||||
gzip_vary on;
|
||||
gzip_proxied any;
|
||||
gzip_comp_level 6;
|
||||
gzip_buffers 16 8k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_types
|
||||
application/atom+xml
|
||||
application/javascript
|
||||
application/json
|
||||
application/rss+xml
|
||||
application/vnd.ms-fontobject
|
||||
application/x-font-ttf
|
||||
application/x-web-app-manifest+json
|
||||
application/xhtml+xml
|
||||
application/xml
|
||||
font/opentype
|
||||
image/svg+xml
|
||||
image/x-icon
|
||||
text/css
|
||||
text/plain
|
||||
text/x-component
|
||||
text/xml
|
||||
text/javascript;
|
||||
|
||||
##
|
||||
# Virtual Host Configs
|
||||
##
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
include /etc/nginx/sites-enabled/*;
|
||||
}
|
||||
|
||||
|
||||
#mail {
|
||||
# # See sample authentication script at:
|
||||
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
|
||||
#
|
||||
# # auth_http localhost/auth.php;
|
||||
# # pop3_capabilities "TOP" "USER";
|
||||
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
|
||||
#
|
||||
# server {
|
||||
# listen localhost:110;
|
||||
# protocol pop3;
|
||||
# proxy on;
|
||||
# }
|
||||
#
|
||||
# server {
|
||||
# listen localhost:143;
|
||||
# protocol imap;
|
||||
# proxy on;
|
||||
# }
|
||||
#}
|
|
@ -0,0 +1,4 @@
|
|||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
@ -0,0 +1,16 @@
|
|||
|
||||
scgi_param REQUEST_METHOD $request_method;
|
||||
scgi_param REQUEST_URI $request_uri;
|
||||
scgi_param QUERY_STRING $query_string;
|
||||
scgi_param CONTENT_TYPE $content_type;
|
||||
|
||||
scgi_param DOCUMENT_URI $document_uri;
|
||||
scgi_param DOCUMENT_ROOT $document_root;
|
||||
scgi_param SCGI 1;
|
||||
scgi_param SERVER_PROTOCOL $server_protocol;
|
||||
scgi_param HTTPS $https if_not_empty;
|
||||
|
||||
scgi_param REMOTE_ADDR $remote_addr;
|
||||
scgi_param REMOTE_PORT $remote_port;
|
||||
scgi_param SERVER_PORT $server_port;
|
||||
scgi_param SERVER_NAME $server_name;
|
|
@ -0,0 +1,64 @@
|
|||
# EasyEngine admin NGINX CONFIGURATION
|
||||
|
||||
server {
|
||||
|
||||
listen 22222 default_server ssl http2;
|
||||
|
||||
access_log /var/log/nginx/22222.access.log rt_cache;
|
||||
error_log /var/log/nginx/22222.error.log;
|
||||
|
||||
ssl_certificate /var/www/22222/cert/22222.crt;
|
||||
ssl_certificate_key /var/www/22222/cert/22222.key;
|
||||
|
||||
# Force HTTP to HTTPS
|
||||
error_page 497 =200 https://$host:22222$request_uri;
|
||||
|
||||
root /var/www/22222/htdocs;
|
||||
index index.php index.htm index.html;
|
||||
|
||||
# Turn on directory listing
|
||||
autoindex on;
|
||||
|
||||
# HTTP Authentication on port 22222
|
||||
include common/acl.conf;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php?$args;
|
||||
}
|
||||
|
||||
# Display menu at location /fpm/status/
|
||||
location = /fpm/status/ {}
|
||||
|
||||
location ~ /fpm/status/(.*) {
|
||||
try_files $uri =404;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_NAME /status;
|
||||
fastcgi_pass $1;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass php;
|
||||
}
|
||||
|
||||
# ViMbAdmin Rules
|
||||
location = /vimbadmin/ {
|
||||
return 301 $scheme://$host:22222/vimbadmin/public/;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|jpg|gif|png)$ {
|
||||
root /var/www/22222/htdocs/;
|
||||
}
|
||||
|
||||
location ~* /vimbadmin/public/(.*)/(.*) {
|
||||
root /var/www/22222/htdocs/vimbadmin/public;
|
||||
try_files $uri $uri/ /vimbadmin/public/index.php?$args;
|
||||
}
|
||||
|
||||
location ~* /vimbadmin/public/(.*) {
|
||||
root /var/www/22222/htdocs/vimbadmin/public;
|
||||
try_files $uri $uri/ /vimbadmin/public/index.php?$args;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,83 @@
|
|||
##
|
||||
# You should look at the following URL's in order to grasp a solid understanding
|
||||
# of Nginx configuration files in order to fully unleash the power of Nginx.
|
||||
# http://wiki.nginx.org/Pitfalls
|
||||
# http://wiki.nginx.org/QuickStart
|
||||
# http://wiki.nginx.org/Configuration
|
||||
#
|
||||
# Generally, you will want to move this file somewhere, and start with a clean
|
||||
# file but keep this around for reference. Or just disable in sites-enabled.
|
||||
#
|
||||
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
|
||||
##
|
||||
|
||||
# Default server configuration
|
||||
#
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
# SSL configuration
|
||||
#
|
||||
# listen 443 ssl default_server;
|
||||
# listen [::]:443 ssl default_server;
|
||||
#
|
||||
# Self signed certs generated by the ssl-cert package
|
||||
# Don't use them in a production server!
|
||||
# include snippets/snakeoil.conf;
|
||||
#
|
||||
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don’t use SSLv3 ref: POODLE
|
||||
# ssl_ciphers HIGH:!aNULL:!MD5;
|
||||
# ssl_prefer_server_ciphers on;
|
||||
|
||||
root /var/www/html;
|
||||
|
||||
# Add index.php to the list if you are using PHP
|
||||
index index.html index.htm index.nginx-debian.html;
|
||||
|
||||
server_name _;
|
||||
|
||||
location / {
|
||||
# First attempt to serve request as file, then
|
||||
# as directory, then fall back to displaying a 404.
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
||||
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# include snippets/fastcgi-php.conf;
|
||||
#
|
||||
# # With php5-cgi alone:
|
||||
# fastcgi_pass 127.0.0.1:9000;
|
||||
# # With php5-fpm:
|
||||
# fastcgi_pass unix:/var/run/php5-fpm.sock;
|
||||
#}
|
||||
|
||||
# deny access to .htaccess files, if Apache's document root
|
||||
# concurs with nginx's one
|
||||
#
|
||||
#location ~ /\.ht {
|
||||
# deny all;
|
||||
#}
|
||||
}
|
||||
|
||||
|
||||
# Virtual Host configuration for example.com
|
||||
#
|
||||
# You can move that to a different file under sites-available/ and symlink that
|
||||
# to sites-enabled/ to enable it.
|
||||
#
|
||||
#server {
|
||||
# listen 80;
|
||||
# listen [::]:80;
|
||||
#
|
||||
# server_name example.com;
|
||||
#
|
||||
# root /var/www/example.com;
|
||||
# index index.html;
|
||||
#
|
||||
# location / {
|
||||
# try_files $uri $uri/ =404;
|
||||
# }
|
||||
#}
|
|
@ -0,0 +1 @@
|
|||
/etc/nginx/sites-available/22222
|
|
@ -0,0 +1 @@
|
|||
/etc/nginx/sites-available/default
|
|
@ -0,0 +1,13 @@
|
|||
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
|
||||
# Check that the PHP script exists before passing it
|
||||
try_files $fastcgi_script_name =404;
|
||||
|
||||
# Bypass the fact that try_files resets $fastcgi_path_info
|
||||
# see: http://trac.nginx.org/nginx/ticket/321
|
||||
set $path_info $fastcgi_path_info;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
|
||||
fastcgi_index index.php;
|
||||
include fastcgi.conf;
|
|
@ -0,0 +1,5 @@
|
|||
# Self signed certificates generated by the ssl-cert package
|
||||
# Don't use them in a production server!
|
||||
|
||||
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
|
||||
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
|
|
@ -0,0 +1,16 @@
|
|||
|
||||
uwsgi_param QUERY_STRING $query_string;
|
||||
uwsgi_param REQUEST_METHOD $request_method;
|
||||
uwsgi_param CONTENT_TYPE $content_type;
|
||||
uwsgi_param CONTENT_LENGTH $content_length;
|
||||
|
||||
uwsgi_param REQUEST_URI $request_uri;
|
||||
uwsgi_param PATH_INFO $document_uri;
|
||||
uwsgi_param DOCUMENT_ROOT $document_root;
|
||||
uwsgi_param SERVER_PROTOCOL $server_protocol;
|
||||
uwsgi_param HTTPS $https if_not_empty;
|
||||
|
||||
uwsgi_param REMOTE_ADDR $remote_addr;
|
||||
uwsgi_param REMOTE_PORT $remote_port;
|
||||
uwsgi_param SERVER_PORT $server_port;
|
||||
uwsgi_param SERVER_NAME $server_name;
|
|
@ -0,0 +1,125 @@
|
|||
# This map is not a full windows-1251 <> utf8 map: it does not
|
||||
# contain Serbian and Macedonian letters. If you need a full map,
|
||||
# use contrib/unicode2nginx/win-utf map instead.
|
||||
|
||||
charset_map windows-1251 utf-8 {
|
||||
|
||||
82 E2809A; # single low-9 quotation mark
|
||||
|
||||
84 E2809E; # double low-9 quotation mark
|
||||
85 E280A6; # ellipsis
|
||||
86 E280A0; # dagger
|
||||
87 E280A1; # double dagger
|
||||
88 E282AC; # euro
|
||||
89 E280B0; # per mille
|
||||
|
||||
91 E28098; # left single quotation mark
|
||||
92 E28099; # right single quotation mark
|
||||
93 E2809C; # left double quotation mark
|
||||
94 E2809D; # right double quotation mark
|
||||
95 E280A2; # bullet
|
||||
96 E28093; # en dash
|
||||
97 E28094; # em dash
|
||||
|
||||
99 E284A2; # trade mark sign
|
||||
|
||||
A0 C2A0; #
|
||||
A1 D18E; # capital Byelorussian short U
|
||||
A2 D19E; # small Byelorussian short u
|
||||
|
||||
A4 C2A4; # currency sign
|
||||
A5 D290; # capital Ukrainian soft G
|
||||
A6 C2A6; # borken bar
|
||||
A7 C2A7; # section sign
|
||||
A8 D081; # capital YO
|
||||
A9 C2A9; # (C)
|
||||
AA D084; # capital Ukrainian YE
|
||||
AB C2AB; # left-pointing double angle quotation mark
|
||||
AC C2AC; # not sign
|
||||
AD C2AD; # soft hypen
|
||||
AE C2AE; # (R)
|
||||
AF D087; # capital Ukrainian YI
|
||||
|
||||
B0 C2B0; # °
|
||||
B1 C2B1; # plus-minus sign
|
||||
B2 D086; # capital Ukrainian I
|
||||
B3 D196; # small Ukrainian i
|
||||
B4 D291; # small Ukrainian soft g
|
||||
B5 C2B5; # micro sign
|
||||
B6 C2B6; # pilcrow sign
|
||||
B7 C2B7; # ·
|
||||
B8 D191; # small yo
|
||||
B9 E28496; # numero sign
|
||||
BA D194; # small Ukrainian ye
|
||||
BB C2BB; # right-pointing double angle quotation mark
|
||||
|
||||
BF D197; # small Ukrainian yi
|
||||
|
||||
C0 D090; # capital A
|
||||
C1 D091; # capital B
|
||||
C2 D092; # capital V
|
||||
C3 D093; # capital G
|
||||
C4 D094; # capital D
|
||||
C5 D095; # capital YE
|
||||
C6 D096; # capital ZH
|
||||
C7 D097; # capital Z
|
||||
C8 D098; # capital I
|
||||
C9 D099; # capital J
|
||||
CA D09A; # capital K
|
||||
CB D09B; # capital L
|
||||
CC D09C; # capital M
|
||||
CD D09D; # capital N
|
||||
CE D09E; # capital O
|
||||
CF D09F; # capital P
|
||||
|
||||
D0 D0A0; # capital R
|
||||
D1 D0A1; # capital S
|
||||
D2 D0A2; # capital T
|
||||
D3 D0A3; # capital U
|
||||
D4 D0A4; # capital F
|
||||
D5 D0A5; # capital KH
|
||||
D6 D0A6; # capital TS
|
||||
D7 D0A7; # capital CH
|
||||
D8 D0A8; # capital SH
|
||||
D9 D0A9; # capital SHCH
|
||||
DA D0AA; # capital hard sign
|
||||
DB D0AB; # capital Y
|
||||
DC D0AC; # capital soft sign
|
||||
DD D0AD; # capital E
|
||||
DE D0AE; # capital YU
|
||||
DF D0AF; # capital YA
|
||||
|
||||
E0 D0B0; # small a
|
||||
E1 D0B1; # small b
|
||||
E2 D0B2; # small v
|
||||
E3 D0B3; # small g
|
||||
E4 D0B4; # small d
|
||||
E5 D0B5; # small ye
|
||||
E6 D0B6; # small zh
|
||||
E7 D0B7; # small z
|
||||
E8 D0B8; # small i
|
||||
E9 D0B9; # small j
|
||||
EA D0BA; # small k
|
||||
EB D0BB; # small l
|
||||
EC D0BC; # small m
|
||||
ED D0BD; # small n
|
||||
EE D0BE; # small o
|
||||
EF D0BF; # small p
|
||||
|
||||
F0 D180; # small r
|
||||
F1 D181; # small s
|
||||
F2 D182; # small t
|
||||
F3 D183; # small u
|
||||
F4 D184; # small f
|
||||
F5 D185; # small kh
|
||||
F6 D186; # small ts
|
||||
F7 D187; # small ch
|
||||
F8 D188; # small sh
|
||||
F9 D189; # small shch
|
||||
FA D18A; # small hard sign
|
||||
FB D18B; # small y
|
||||
FC D18C; # small soft sign
|
||||
FD D18D; # small e
|
||||
FE D18E; # small yu
|
||||
FF D18F; # small ya
|
||||
}
|
Loading…
Reference in New Issue