add chdir settings to php-fpm pools
* add chdir = / to unix socket php-fpm pools * cleanup old files and folders
This commit is contained in:
parent
260910017e
commit
e62301de87
|
@ -1,88 +0,0 @@
|
||||||
/*
|
|
||||||
|
|
||||||
Atom One Dark by Daniel Gamage
|
|
||||||
Original One Dark Syntax theme from https://github.com/atom/one-dark-syntax
|
|
||||||
|
|
||||||
base: #282c34
|
|
||||||
mono-1: #abb2bf
|
|
||||||
mono-2: #818896
|
|
||||||
mono-3: #5c6370
|
|
||||||
hue-1: #56b6c2
|
|
||||||
hue-2: #61aeee
|
|
||||||
hue-3: #c678dd
|
|
||||||
hue-4: #98c379
|
|
||||||
hue-5: #e06c75
|
|
||||||
hue-5-2: #be5046
|
|
||||||
hue-6: #d19a66
|
|
||||||
hue-6-2: #e6c07b
|
|
||||||
|
|
||||||
*/
|
|
||||||
|
|
||||||
.hljs {
|
|
||||||
display: block;
|
|
||||||
overflow-x: auto;
|
|
||||||
padding: 0.5em;
|
|
||||||
color: #abb2bf;
|
|
||||||
background: #282c34;
|
|
||||||
}
|
|
||||||
|
|
||||||
.hljs-comment,
|
|
||||||
.hljs-quote {
|
|
||||||
color: #5c6370;
|
|
||||||
font-style: italic;
|
|
||||||
}
|
|
||||||
|
|
||||||
.hljs-doctag,
|
|
||||||
.hljs-keyword,
|
|
||||||
.hljs-formula {
|
|
||||||
color: #c678dd;
|
|
||||||
}
|
|
||||||
|
|
||||||
.hljs-literal {
|
|
||||||
color: #56b6c2;
|
|
||||||
}
|
|
||||||
|
|
||||||
.hljs-string,
|
|
||||||
.hljs-regexp,
|
|
||||||
.hljs-addition,
|
|
||||||
.hljs-attribute,
|
|
||||||
.hljs-meta-string {
|
|
||||||
color: #98c379;
|
|
||||||
}
|
|
||||||
|
|
||||||
.hljs-built_in,
|
|
||||||
.hljs-class .hljs-title {
|
|
||||||
color: #e6c07b;
|
|
||||||
}
|
|
||||||
|
|
||||||
.hljs-attr,
|
|
||||||
.hljs-variable,
|
|
||||||
.hljs-template-variable,
|
|
||||||
.hljs-type,
|
|
||||||
.hljs-selector-class,
|
|
||||||
.hljs-selector-attr,
|
|
||||||
.hljs-selector-pseudo,
|
|
||||||
.hljs-number {
|
|
||||||
color: #d19a66;
|
|
||||||
}
|
|
||||||
|
|
||||||
.hljs-symbol,
|
|
||||||
.hljs-bullet,
|
|
||||||
.hljs-link,
|
|
||||||
.hljs-meta,
|
|
||||||
.hljs-selector-id,
|
|
||||||
.hljs-title {
|
|
||||||
color: #61aeee;
|
|
||||||
}
|
|
||||||
|
|
||||||
.hljs-emphasis {
|
|
||||||
font-style: italic;
|
|
||||||
}
|
|
||||||
|
|
||||||
.hljs-strong {
|
|
||||||
font-weight: bold;
|
|
||||||
}
|
|
||||||
|
|
||||||
.hljs-link {
|
|
||||||
text-decoration: underline;
|
|
||||||
}
|
|
|
@ -1,7 +0,0 @@
|
||||||
---
|
|
||||||
---
|
|
||||||
|
|
||||||
@import 'jekyll-theme-cayman';
|
|
||||||
@media screen and (min-width: 64em) {
|
|
||||||
max-width: 72rem;
|
|
||||||
}
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because it is too large
Load Diff
Binary file not shown.
|
@ -1,9 +0,0 @@
|
||||||
[Definition]
|
|
||||||
|
|
||||||
# Option: failregex
|
|
||||||
# Notes.: Auto block short UDP.
|
|
||||||
# Values: TEXT
|
|
||||||
#
|
|
||||||
failregex = ^.*kernel: UDP: short packet: From <HOST>:.*$
|
|
||||||
|
|
||||||
ignoreregex =
|
|
|
@ -1,3 +0,0 @@
|
||||||
[Definition]
|
|
||||||
failregex = ^<HOST>.* "POST .*/wp-login.php([/\?#\\].*)? HTTP/.*" 200
|
|
||||||
ignoreregex =
|
|
|
@ -1,4 +0,0 @@
|
||||||
[Definition]
|
|
||||||
failregex = ^ \[error\] \d+#\d+: .* forbidden .*, client: <HOST>, .*$
|
|
||||||
|
|
||||||
ignoreregex =
|
|
|
@ -1,24 +0,0 @@
|
||||||
[recidive]
|
|
||||||
enabled = true
|
|
||||||
|
|
||||||
[nginx-http-auth]
|
|
||||||
enabled = true
|
|
||||||
|
|
||||||
[nginx-botsearch]
|
|
||||||
enabled = true
|
|
||||||
|
|
||||||
[ee-wordpress]
|
|
||||||
enabled = true
|
|
||||||
filter = ee-wordpress
|
|
||||||
action = iptables-multiport[name="ee-wordpress", port="http,https"]
|
|
||||||
logpath = /var/log/nginx/*access.log
|
|
||||||
maxretry = 5
|
|
||||||
|
|
||||||
[nginx-forbidden]
|
|
||||||
enabled = true
|
|
||||||
filter = nginx-forbidden
|
|
||||||
port = http,https
|
|
||||||
logpath = /var/log/nginx/*error*.log
|
|
||||||
findtime = 60
|
|
||||||
bantime = 6000
|
|
||||||
maxretry = 3
|
|
|
@ -1,8 +0,0 @@
|
||||||
[ddos]
|
|
||||||
enabled = true
|
|
||||||
port = 27015
|
|
||||||
protocol = udp
|
|
||||||
filter = ddos
|
|
||||||
logpath = /var/log/kern.log
|
|
||||||
maxretry = 3
|
|
||||||
bantime = 6000
|
|
|
@ -1,187 +0,0 @@
|
||||||
# MariaDB database server configuration file.
|
|
||||||
#
|
|
||||||
# You can copy this file to one of:
|
|
||||||
# - "/etc/mysql/my.cnf" to set global options,
|
|
||||||
# - "~/.my.cnf" to set user-specific options.
|
|
||||||
#
|
|
||||||
# One can use all long options that the program supports.
|
|
||||||
# Run program with --help to get a list of available options and with
|
|
||||||
# --print-defaults to see which it would actually understand and use.
|
|
||||||
#
|
|
||||||
# For explanations see
|
|
||||||
# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
|
|
||||||
|
|
||||||
# This will be passed to all mysql clients
|
|
||||||
# It has been reported that passwords should be enclosed with ticks/quotes
|
|
||||||
# escpecially if they contain "#" chars...
|
|
||||||
# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
|
|
||||||
[client]
|
|
||||||
port = 3306
|
|
||||||
socket = /var/run/mysqld/mysqld.sock
|
|
||||||
|
|
||||||
[mysqld_safe]
|
|
||||||
socket = /var/run/mysqld/mysqld.sock
|
|
||||||
nice = 0
|
|
||||||
|
|
||||||
[mysqld]
|
|
||||||
#
|
|
||||||
# * Basic Settings
|
|
||||||
#
|
|
||||||
user = mysql
|
|
||||||
pid-file = /var/run/mysqld/mysqld.pid
|
|
||||||
socket = /var/run/mysqld/mysqld.sock
|
|
||||||
port = 3306
|
|
||||||
basedir = /usr
|
|
||||||
datadir = /var/lib/mysql
|
|
||||||
tmpdir = /tmp
|
|
||||||
lc_messages_dir = /usr/share/mysql
|
|
||||||
lc_messages = en_US
|
|
||||||
skip-external-locking
|
|
||||||
performance_schema = ON
|
|
||||||
#
|
|
||||||
# Instead of skip-networking the default is now to listen only on
|
|
||||||
# localhost which is more compatible and is not less secure.
|
|
||||||
bind-address = ::ffff:127.0.0.1
|
|
||||||
#
|
|
||||||
# * Fine Tuning
|
|
||||||
#
|
|
||||||
max_connections = 100
|
|
||||||
connect_timeout = 5
|
|
||||||
wait_timeout = 60
|
|
||||||
max_allowed_packet = 16M
|
|
||||||
thread_cache_size = 128
|
|
||||||
sort_buffer_size = 4M
|
|
||||||
bulk_insert_buffer_size = 16M
|
|
||||||
tmp_table_size = 64M
|
|
||||||
max_heap_table_size = 64M
|
|
||||||
#
|
|
||||||
# * MyISAM
|
|
||||||
#
|
|
||||||
# This replaces the startup script and checks MyISAM tables if needed
|
|
||||||
# the first time they are touched. On error, make copy and try a repair.
|
|
||||||
myisam_recover_options = BACKUP
|
|
||||||
key_buffer_size = 128M
|
|
||||||
open-files-limit = 500000
|
|
||||||
table_open_cache = 500000
|
|
||||||
myisam_sort_buffer_size = 512M
|
|
||||||
concurrent_insert = 2
|
|
||||||
read_buffer_size = 2M
|
|
||||||
read_rnd_buffer_size = 1M
|
|
||||||
#
|
|
||||||
# * Query Cache Configuration
|
|
||||||
#
|
|
||||||
# Cache only tiny result sets, so we can fit more in the query cache.
|
|
||||||
query_cache_limit = 128K
|
|
||||||
query_cache_size = 0
|
|
||||||
# for more write intensive setups, set to DEMAND or OFF
|
|
||||||
query_cache_type = 0
|
|
||||||
#
|
|
||||||
# * Logging and Replication
|
|
||||||
#
|
|
||||||
# Both location gets rotated by the cronjob.
|
|
||||||
# Be aware that this log type is a performance killer.
|
|
||||||
# As of 5.1 you can enable the log at runtime!
|
|
||||||
#general_log_file = /var/log/mysql/mysql.log
|
|
||||||
#general_log = 1
|
|
||||||
#
|
|
||||||
# Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf.
|
|
||||||
#
|
|
||||||
# we do want to know about network errors and such
|
|
||||||
log_warnings = 2
|
|
||||||
#
|
|
||||||
# Enable the slow query log to see queries with especially long duration
|
|
||||||
slow_query_log = 1
|
|
||||||
slow_query_log_file = /var/log/mysql/mariadb-slow.log
|
|
||||||
long_query_time = 10
|
|
||||||
#log_slow_rate_limit = 1000
|
|
||||||
log_slow_verbosity = query_plan
|
|
||||||
|
|
||||||
#log-queries-not-using-indexes
|
|
||||||
#log_slow_admin_statements
|
|
||||||
#
|
|
||||||
# The following can be used as easy to replay backup logs or for replication.
|
|
||||||
# note: if you are setting up a replication slave, see README.Debian about
|
|
||||||
# other settings you may need to change.
|
|
||||||
#server-id = 1
|
|
||||||
#report_host = master1
|
|
||||||
#auto_increment_increment = 2
|
|
||||||
#auto_increment_offset = 1
|
|
||||||
#log_bin = /var/log/mysql/mariadb-bin
|
|
||||||
#log_bin_index = /var/log/mysql/mariadb-bin.index
|
|
||||||
# not fab for performance, but safer
|
|
||||||
#sync_binlog = 1
|
|
||||||
#expire_logs_days = 10
|
|
||||||
#max_binlog_size = 100M
|
|
||||||
# slaves
|
|
||||||
#relay_log = /var/log/mysql/relay-bin
|
|
||||||
#relay_log_index = /var/log/mysql/relay-bin.index
|
|
||||||
#relay_log_info_file = /var/log/mysql/relay-bin.info
|
|
||||||
#log_slave_updates
|
|
||||||
#read_only
|
|
||||||
#
|
|
||||||
# If applications support it, this stricter sql_mode prevents some
|
|
||||||
# mistakes like inserting invalid dates etc.
|
|
||||||
#sql_mode = NO_ENGINE_SUBSTITUTION,TRADITIONAL
|
|
||||||
#
|
|
||||||
# * InnoDB
|
|
||||||
#
|
|
||||||
# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
|
|
||||||
# Read the manual for more InnoDB related options. There are many!
|
|
||||||
default_storage_engine = InnoDB
|
|
||||||
# you can't just change log file size, requires special procedure
|
|
||||||
innodb_log_file_size = 256M
|
|
||||||
innodb_buffer_pool_size = 2G
|
|
||||||
innodb_log_buffer_size = 512M
|
|
||||||
innodb_file_per_table = 1
|
|
||||||
innodb_open_files = 500000
|
|
||||||
innodb_io_capacity = 500000
|
|
||||||
innodb_flush_method = O_DIRECT
|
|
||||||
#
|
|
||||||
# * Security Features
|
|
||||||
#
|
|
||||||
# Read the manual, too, if you want chroot!
|
|
||||||
# chroot = /var/lib/mysql/
|
|
||||||
#
|
|
||||||
# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
|
|
||||||
#
|
|
||||||
# ssl-ca=/etc/mysql/cacert.pem
|
|
||||||
# ssl-cert=/etc/mysql/server-cert.pem
|
|
||||||
# ssl-key=/etc/mysql/server-key.pem
|
|
||||||
|
|
||||||
#
|
|
||||||
# * Galera-related settings
|
|
||||||
#
|
|
||||||
[galera]
|
|
||||||
# Mandatory settings
|
|
||||||
#wsrep_on=ON
|
|
||||||
#wsrep_provider=
|
|
||||||
#wsrep_cluster_address=
|
|
||||||
#binlog_format=row
|
|
||||||
#default_storage_engine=InnoDB
|
|
||||||
#innodb_autoinc_lock_mode=2
|
|
||||||
#
|
|
||||||
# Allow server to accept connections on all interfaces.
|
|
||||||
#
|
|
||||||
#bind-address=0.0.0.0
|
|
||||||
#
|
|
||||||
# Optional setting
|
|
||||||
#wsrep_slave_threads=1
|
|
||||||
#innodb_flush_log_at_trx_commit=0
|
|
||||||
|
|
||||||
[mysqldump]
|
|
||||||
quick
|
|
||||||
quote-names
|
|
||||||
max_allowed_packet = 16M
|
|
||||||
|
|
||||||
[mysql]
|
|
||||||
#no-auto-rehash # faster start of mysql but no tab completion
|
|
||||||
|
|
||||||
[isamchk]
|
|
||||||
key_buffer = 16M
|
|
||||||
|
|
||||||
#
|
|
||||||
# * IMPORTANT: Additional settings that can override those from this file!
|
|
||||||
# The files must end with '.cnf', otherwise they'll be ignored.
|
|
||||||
#
|
|
||||||
!include /etc/mysql/mariadb.cnf
|
|
||||||
!includedir /etc/mysql/conf.d/
|
|
|
@ -1,8 +0,0 @@
|
||||||
# EasyEngine (ee) protect locations using
|
|
||||||
# HTTP authentication || IP address
|
|
||||||
satisfy any;
|
|
||||||
auth_basic "Restricted Area";
|
|
||||||
auth_basic_user_file htpasswd-ee;
|
|
||||||
# Allowed IP Address List
|
|
||||||
allow 127.0.0.1;
|
|
||||||
deny all;
|
|
|
@ -1,16 +0,0 @@
|
||||||
error_page 400 /400-error.html;
|
|
||||||
error_page 401 /401-error.html;
|
|
||||||
error_page 403 /403-error.html;
|
|
||||||
error_page 404 /404-error.html;
|
|
||||||
error_page 500 /500-error.html;
|
|
||||||
error_page 503 /503-error.html;
|
|
||||||
error_page 504 /504-error.html;
|
|
||||||
|
|
||||||
location ~ /*-error.html {
|
|
||||||
try_files $1-error.html @error;
|
|
||||||
internal;
|
|
||||||
}
|
|
||||||
|
|
||||||
location @error {
|
|
||||||
root /var/www/error/_site;
|
|
||||||
}
|
|
|
@ -1,2 +0,0 @@
|
||||||
# Warning : this line enable HSTS for your subdomain (ngx_http_headers_module is required) (15768000 seconds = 6 months)
|
|
||||||
add_header Strict-Transport-Security "max-age=31536000; preload";
|
|
|
@ -1,3 +0,0 @@
|
||||||
# Warning : this line enable HSTS for your domain and all subdomains (ngx_http_headers_module is required) (15768000 seconds = 6 months)
|
|
||||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
|
|
||||||
|
|
|
@ -1,116 +0,0 @@
|
||||||
# NGINX CONFIGURATION FOR COMMON LOCATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
# Basic locations files
|
|
||||||
location = /favicon.ico {
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires max;
|
|
||||||
}
|
|
||||||
location = /robots.txt {
|
|
||||||
# Some WordPress plugin gererate robots.txt file
|
|
||||||
# Refer #340 issue
|
|
||||||
try_files $uri $uri/ /index.php?$args;
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
}
|
|
||||||
# Cache static files
|
|
||||||
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|zip|webm|mp3|aac|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$ {
|
|
||||||
add_header "Access-Control-Allow-Origin" "*";
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires max;
|
|
||||||
}
|
|
||||||
# Cache css & js files
|
|
||||||
location ~* \.(?:css(\.map)?|js(\.map)?)$ {
|
|
||||||
add_header "Access-Control-Allow-Origin" "*";
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires 30d;
|
|
||||||
}
|
|
||||||
# Security settings for better privacy
|
|
||||||
# Deny hidden files
|
|
||||||
location ~ /\.(?!well-known\/) {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Use the directory /var/www/html to valide acme-challenge
|
|
||||||
# just create the sub-directories .well-known/acme-challenge and set www-data as owner
|
|
||||||
# #
|
|
||||||
# chown -R www-data:www-data /var/www/html && sudo -u www-data mkdir -p /var/www/html/.well-known/acme-challenge
|
|
||||||
# #
|
|
||||||
location /.well-known/acme-challenge/ {
|
|
||||||
alias /var/www/html/.well-known/acme-challenge/;
|
|
||||||
}
|
|
||||||
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files
|
|
||||||
location ~* "/(^$|readme|license|example|README|changelog)\.(txt|html|md)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Deny backup extensions & log files and return 403 forbidden
|
|
||||||
location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# common nginx configuration to block sql injection and other attacks
|
|
||||||
location ~* "(eval\()" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(127\.0\.0\.1)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "([a-z0-9]{2000})" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(javascript\:)(.*)(\;)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(base64_encode)(.*)(\()" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(GLOBALS|REQUEST)(=|\[|%)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(<|%3C).*script.*(>|%3)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(boot\.ini|etc/passwd|self/environ)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(thumbs?(_editor|open)?|tim(thumb)?)\.php" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(\'|\")(.*)(drop|insert|md5|select|union)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(https?|ftp|php):/" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(=\\\'|=\\%27|/\\\'/?)\." {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(~|`|<|>|:|;|%|\\|\s|\{|\}|\[|\]|\|)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "/(^$|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Status pages
|
|
||||||
location = /nginx_status {
|
|
||||||
stub_status on;
|
|
||||||
access_log off;
|
|
||||||
include common/acl.conf;
|
|
||||||
}
|
|
||||||
location ~ ^/(status|ping)$ {
|
|
||||||
include fastcgi_params;
|
|
||||||
include common/acl.conf;
|
|
||||||
fastcgi_pass php7;
|
|
||||||
}
|
|
|
@ -1,118 +0,0 @@
|
||||||
# NGINX CONFIGURATION FOR COMMON LOCATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
# Basic locations files
|
|
||||||
location = /favicon.ico {
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires max;
|
|
||||||
}
|
|
||||||
location = /robots.txt {
|
|
||||||
# Some WordPress plugin gererate robots.txt file
|
|
||||||
# Refer #340 issue
|
|
||||||
try_files $uri $uri/ /index.php?$args;
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
}
|
|
||||||
# Cache static files
|
|
||||||
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|zip|webm|mp3|aac|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$
|
|
||||||
{
|
|
||||||
add_header "Access-Control-Allow-Origin" "*";
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires max;
|
|
||||||
}
|
|
||||||
# Cache css & js files
|
|
||||||
location ~* \.(?:css(\.map)?|js(\.map)?)$
|
|
||||||
{
|
|
||||||
add_header "Access-Control-Allow-Origin" "*";
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires 30d;
|
|
||||||
}
|
|
||||||
# Security settings for better privacy
|
|
||||||
# Deny hidden files
|
|
||||||
location ~ /\.(?!well-known\/) {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Use the directory /var/www/html to valide acme-challenge
|
|
||||||
# just create the sub-directories .well-known/acme-challenge
|
|
||||||
####
|
|
||||||
# sudo chown -R www-data:www-data /var/www/html && sudo -u www-data mkdir -p /var/www/html/.well-known/acme-challenge
|
|
||||||
####
|
|
||||||
# location /.well-known/acme-challenge/ {
|
|
||||||
# alias /var/www/html/.well-known/acme-challenge/;
|
|
||||||
# }
|
|
||||||
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files
|
|
||||||
location ~* "/(^$|readme|license|example|README|changelog)\.(txt|html|md)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Deny backup extensions & log files and return 403 forbidden
|
|
||||||
location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# common nginx configuration to block sql injection and other attacks
|
|
||||||
location ~* "(eval\()" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(127\.0\.0\.1)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "([a-z0-9]{2000})" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(javascript\:)(.*)(\;)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(base64_encode)(.*)(\()" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(GLOBALS|REQUEST)(=|\[|%)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(<|%3C).*script.*(>|%3)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(boot\.ini|etc/passwd|self/environ)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(thumbs?(_editor|open)?|tim(thumb)?)\.php" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(\'|\")(.*)(drop|insert|md5|select|union)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(https?|ftp|php):/" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(=\\\'|=\\%27|/\\\'/?)\." {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(~|`|<|>|:|;|%|\\|\s|\{|\}|\[|\]|\|)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "/(^$|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Status pages
|
|
||||||
location /nginx_status {
|
|
||||||
stub_status on;
|
|
||||||
access_log off;
|
|
||||||
include common/acl.conf;
|
|
||||||
}
|
|
||||||
location ~ ^/(status|ping) {
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php71;
|
|
||||||
include common/acl.conf;
|
|
||||||
}
|
|
|
@ -1,122 +0,0 @@
|
||||||
# NGINX CONFIGURATION FOR COMMON LOCATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
# Basic locations files
|
|
||||||
location = /favicon.ico {
|
|
||||||
try_files /favicon.ico @empty;
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires max;
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
location @empty {
|
|
||||||
empty_gif;
|
|
||||||
}
|
|
||||||
location = /robots.txt {
|
|
||||||
# Some WordPress plugin gererate robots.txt file
|
|
||||||
# Refer #340 issue
|
|
||||||
try_files $uri $uri/ /index.php?$args;
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
}
|
|
||||||
# Cache static files
|
|
||||||
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|zip|webm|mp3|aac|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$ {
|
|
||||||
add_header "Access-Control-Allow-Origin" "*";
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires max;
|
|
||||||
}
|
|
||||||
# Cache css & js files
|
|
||||||
location ~* \.(?:css(\.map)?|js(\.map)?)$ {
|
|
||||||
add_header "Access-Control-Allow-Origin" "*";
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires 30d;
|
|
||||||
}
|
|
||||||
# Security settings for better privacy
|
|
||||||
# Deny hidden files
|
|
||||||
location ~ /\.(?!well-known\/) {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Use the directory /var/www/html to valide acme-challenge
|
|
||||||
# just create the sub-directories .well-known/acme-challenge
|
|
||||||
####
|
|
||||||
# sudo chown -R www-data:www-data /var/www/html && sudo -u www-data mkdir -p /var/www/html/.well-known/acme-challenge
|
|
||||||
####
|
|
||||||
# location /.well-known/acme-challenge/ {
|
|
||||||
# alias /var/www/html/.well-known/acme-challenge/;
|
|
||||||
# }
|
|
||||||
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files
|
|
||||||
location ~* "/(^$|readme|license|example|README|LEGALNOTICE|INSTALLATION|CHANGELOG)\.(txt|html|md)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Deny backup extensions & log files and return 403 forbidden
|
|
||||||
location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# common nginx configuration to block sql injection and other attacks
|
|
||||||
location ~* "(eval\()" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(127\.0\.0\.1)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "([a-z0-9]{2000})" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(javascript\:)(.*)(\;)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(base64_encode)(.*)(\()" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(GLOBALS|REQUEST)(=|\[|%)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(<|%3C).*script.*(>|%3)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(boot\.ini|etc/passwd|self/environ)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(thumbs?(_editor|open)?|tim(thumb)?)\.php" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(\'|\")(.*)(drop|insert|md5|select|union)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(https?|ftp|php):/" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(=\\\'|=\\%27|/\\\'/?)\." {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(~|`|<|>|:|;|%|\\|\s|\{|\}|\[|\]|\|)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "/(^$|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell|config|settings|configuration)\.php" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Status pages
|
|
||||||
location /nginx_status {
|
|
||||||
stub_status on;
|
|
||||||
access_log off;
|
|
||||||
include common/acl.conf;
|
|
||||||
}
|
|
||||||
location ~ ^/(status|ping) {
|
|
||||||
include fastcgi_params;
|
|
||||||
include common/acl.conf;
|
|
||||||
fastcgi_pass php72;
|
|
||||||
}
|
|
|
@ -1,112 +0,0 @@
|
||||||
# NGINX CONFIGURATION FOR COMMON LOCATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
# Basic locations files
|
|
||||||
location = /favicon.ico {
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires max;
|
|
||||||
}
|
|
||||||
location = /robots.txt {
|
|
||||||
# Some WordPress plugin gererate robots.txt file
|
|
||||||
# Refer #340 issue
|
|
||||||
try_files $uri $uri/ /index.php?$args;
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
}
|
|
||||||
# Cache static files
|
|
||||||
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|zip|webm|mp3|aac|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$ {
|
|
||||||
add_header "Access-Control-Allow-Origin" "*";
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires max;
|
|
||||||
}
|
|
||||||
# Cache css & js files
|
|
||||||
location ~* \.(?:css(\.map)?|js(\.map)?)$ {
|
|
||||||
add_header "Access-Control-Allow-Origin" "*";
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires 30d;
|
|
||||||
}
|
|
||||||
# Security settings for better privacy
|
|
||||||
# Deny hidden files
|
|
||||||
location ~ /\.(?!well-known\/) {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Use the directory /var/www/html to valide acme-challenge
|
|
||||||
# just create the sub-directories .well-known/acme-challenge and set www-data as owner
|
|
||||||
# #
|
|
||||||
# chown -R www-data:www-data /var/www/html && sudo -u www-data mkdir -p /var/www/html/.well-known/acme-challenge
|
|
||||||
# #
|
|
||||||
location /.well-known/acme-challenge/ {
|
|
||||||
alias /var/www/html/.well-known/acme-challenge/;
|
|
||||||
}
|
|
||||||
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files
|
|
||||||
location ~* "/(^$|readme|license|example|README|changelog)\.(txt|html|md)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Deny backup extensions & log files and return 403 forbidden
|
|
||||||
location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# common nginx configuration to block sql injection and other attacks
|
|
||||||
location ~* "(eval\()" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(127\.0\.0\.1)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "([a-z0-9]{2000})" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(javascript\:)(.*)(\;)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(base64_encode)(.*)(\()" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(GLOBALS|REQUEST)(=|\[|%)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(<|%3C).*script.*(>|%3)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(boot\.ini|etc/passwd|self/environ)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(thumbs?(_editor|open)?|tim(thumb)?)\.php" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(\'|\")(.*)(drop|insert|md5|select|union)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(https?|ftp|php):/" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(=\\\'|=\\%27|/\\\'/?)\." {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~ "(~|`|<|>|:|;|%|\\|\s|\{|\}|\[|\]|\|)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
location ~* "/(^$|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php" {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# Status pages
|
|
||||||
location = /nginx_status {
|
|
||||||
stub_status on;
|
|
||||||
access_log off;
|
|
||||||
include common/acl.conf;
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
##OCSP settings
|
|
||||||
ssl_stapling on;
|
|
||||||
ssl_stapling_verify on;
|
|
||||||
#ssl_trusted_certificate /etc/ssl/private/ocsp-certs.pem; # <- Add signing certs here
|
|
|
@ -1,30 +0,0 @@
|
||||||
pagespeed on;
|
|
||||||
# Ensure requests for pagespeed optimized resources go to the pagespeed handler
|
|
||||||
# and no extraneous headers get set.
|
|
||||||
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
|
|
||||||
add_header "" "";
|
|
||||||
}
|
|
||||||
location ~ "^/pagespeed_static/" { }
|
|
||||||
location ~ "^/ngx_pagespeed_beacon$" { }
|
|
||||||
pagespeed RewriteLevel PassThrough;
|
|
||||||
pagespeed EnableFilters combine_css;
|
|
||||||
pagespeed EnableFilters combine_javascript;
|
|
||||||
pagespeed EnableFilters rewrite_javascript;
|
|
||||||
#pagespeed EnableFilters rewrite_images;
|
|
||||||
#pagespeed EnableFilters defer_javascript;
|
|
||||||
#pagespeed EnableFilters convert_to_webp_lossless;
|
|
||||||
#pagespeed EnableFilters resize_rendered_image_dimensions;
|
|
||||||
pagespeed PreserveUrlRelativity on;
|
|
||||||
#pagespeed MaxCombinedCssBytes -1;
|
|
||||||
pagespeed AvoidRenamingIntrospectiveJavascript on;
|
|
||||||
#pagespeed MaxInlinedPreviewImagesIndex -1;
|
|
||||||
pagespeed EnableFilters convert_meta_tags,extend_cache,rewrite_javascript_inline;
|
|
||||||
pagespeed Domain *.virtubox.net;
|
|
||||||
|
|
||||||
location /ngx_pagespeed_statistics { include common/acl.conf; }
|
|
||||||
location /ngx_pagespeed_global_statistics { include common/acl.conf; }
|
|
||||||
location /ngx_pagespeed_message { include common/acl.conf; }
|
|
||||||
location /pagespeed_console { include common/acl.conf; }
|
|
||||||
location ~ ^/pagespeed_admin { include common/acl.conf; }
|
|
||||||
location ~ ^/pagespeed_global_admin { include common/acl.conf; }
|
|
||||||
|
|
|
@ -1,10 +0,0 @@
|
||||||
# PHP NGINX CONFIGURATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ /index.php?$args;
|
|
||||||
}
|
|
||||||
location ~ \.php$ {
|
|
||||||
try_files $uri =404;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php71;
|
|
||||||
}
|
|
|
@ -1,10 +0,0 @@
|
||||||
# PHP NGINX CONFIGURATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ /index.php?$args;
|
|
||||||
}
|
|
||||||
location ~ \.php$ {
|
|
||||||
try_files $uri =404;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php72;
|
|
||||||
}
|
|
|
@ -1,21 +0,0 @@
|
||||||
# nginx common web app exploits protection
|
|
||||||
|
|
||||||
location ~* "(eval\()" { deny all; }
|
|
||||||
location ~* "(127\.0\.0\.1)" { deny all; }
|
|
||||||
location ~* "([a-z0-9]{2000})" { deny all; }
|
|
||||||
location ~* "(javascript\:)(.*)(\;)" { deny all; }
|
|
||||||
location ~* "(base64_encode)(.*)(\()" { deny all; }
|
|
||||||
location ~* "(GLOBALS|REQUEST)(=|\[|%)" { deny all; }
|
|
||||||
location ~* "(<|%3C).*script.*(>|%3)" { deny all; }
|
|
||||||
location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" { deny all; }
|
|
||||||
location ~* "(boot\.ini|etc/passwd|self/environ)" { deny all; }
|
|
||||||
location ~* "(thumbs?(_editor|open)?|tim(thumb)?)\.php" { deny all; }
|
|
||||||
location ~* "(\'|\")(.*)(drop|insert|md5|select|union)" { deny all; }
|
|
||||||
location ~* "(https?|ftp|php):/" { deny all; }
|
|
||||||
location ~* "(=\\\'|=\\%27|/\\\'/?)\." { deny all; }
|
|
||||||
location ~ "(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")" { deny all; }
|
|
||||||
location ~ "(~|`|<|>|:|;|%|\\|\s|\{|\}|\[|\]|\|)" { deny all; }
|
|
||||||
location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" { deny all; }
|
|
||||||
location ~* "(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ)" { deny all; }
|
|
||||||
location ~* "\.(aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf)$" { deny all; }
|
|
||||||
location ~* "/(^$|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php" { deny all; }
|
|
|
@ -1,56 +0,0 @@
|
||||||
# Redis NGINX CONFIGURATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
set $skip_cache 0;
|
|
||||||
# POST requests and URL with a query string should always go to php
|
|
||||||
if ($request_method = POST) {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
if ($query_string != "") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Don't cache URL containing the following segments
|
|
||||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
|
||||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ /index.php?$args;
|
|
||||||
}
|
|
||||||
|
|
||||||
location /redis-fetch {
|
|
||||||
internal ;
|
|
||||||
set $redis_key $args;
|
|
||||||
redis_pass redis;
|
|
||||||
}
|
|
||||||
location /redis-store {
|
|
||||||
internal ;
|
|
||||||
set_unescape_uri $key $arg_key ;
|
|
||||||
redis2_query set $key $echo_request_body;
|
|
||||||
redis2_query expire $key 14400;
|
|
||||||
redis2_pass redis;
|
|
||||||
}
|
|
||||||
|
|
||||||
location ~ \.php$ {
|
|
||||||
set $key "nginx-cache:$scheme$request_method$host$request_uri";
|
|
||||||
try_files $uri =404;
|
|
||||||
|
|
||||||
srcache_fetch_skip $skip_cache;
|
|
||||||
srcache_store_skip $skip_cache;
|
|
||||||
|
|
||||||
srcache_response_cache_control off;
|
|
||||||
|
|
||||||
set_escape_uri $escaped_key $key;
|
|
||||||
|
|
||||||
srcache_fetch GET /redis-fetch $key;
|
|
||||||
srcache_store PUT /redis-store key=$escaped_key;
|
|
||||||
|
|
||||||
more_set_headers 'X-SRCache-Fetch-Status $srcache_fetch_status';
|
|
||||||
more_set_headers 'X-SRCache-Store-Status $srcache_store_status';
|
|
||||||
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php71;
|
|
||||||
}
|
|
|
@ -1,56 +0,0 @@
|
||||||
# Redis NGINX CONFIGURATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
set $skip_cache 0;
|
|
||||||
# POST requests and URL with a query string should always go to php
|
|
||||||
if ($request_method = POST) {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
if ($query_string != "") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Don't cache URL containing the following segments
|
|
||||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
|
||||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ /index.php?$args;
|
|
||||||
}
|
|
||||||
|
|
||||||
location /redis-fetch {
|
|
||||||
internal ;
|
|
||||||
set $redis_key $args;
|
|
||||||
redis_pass redis;
|
|
||||||
}
|
|
||||||
location /redis-store {
|
|
||||||
internal ;
|
|
||||||
set_unescape_uri $key $arg_key ;
|
|
||||||
redis2_query set $key $echo_request_body;
|
|
||||||
redis2_query expire $key 14400;
|
|
||||||
redis2_pass redis;
|
|
||||||
}
|
|
||||||
|
|
||||||
location ~ \.php$ {
|
|
||||||
set $key "nginx-cache:$scheme$request_method$host$request_uri";
|
|
||||||
try_files $uri =404;
|
|
||||||
|
|
||||||
srcache_fetch_skip $skip_cache;
|
|
||||||
srcache_store_skip $skip_cache;
|
|
||||||
|
|
||||||
srcache_response_cache_control off;
|
|
||||||
|
|
||||||
set_escape_uri $escaped_key $key;
|
|
||||||
|
|
||||||
srcache_fetch GET /redis-fetch $key;
|
|
||||||
srcache_store PUT /redis-store key=$escaped_key;
|
|
||||||
|
|
||||||
more_set_headers 'X-SRCache-Fetch-Status $srcache_fetch_status';
|
|
||||||
more_set_headers 'X-SRCache-Store-Status $srcache_store_status';
|
|
||||||
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php72;
|
|
||||||
}
|
|
|
@ -1,31 +0,0 @@
|
||||||
|
|
||||||
# W3TC NGINX CONFIGURATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
set $cache_uri $request_uri;
|
|
||||||
# POST requests and URL with a query string should always go to php
|
|
||||||
if ($request_method = POST) {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
if ($query_string != "") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Don't cache URL containing the following segments
|
|
||||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
|
||||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
|
||||||
location / {
|
|
||||||
try_files /wp-content/cache/page_enhanced/${host}${cache_uri}_index.html $uri $uri/ /index.php?$args;
|
|
||||||
}
|
|
||||||
location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ {
|
|
||||||
try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1;
|
|
||||||
}
|
|
||||||
location ~ \.php$ {
|
|
||||||
try_files $uri =404;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php71;
|
|
||||||
}
|
|
|
@ -1,31 +0,0 @@
|
||||||
|
|
||||||
# W3TC NGINX CONFIGURATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
set $cache_uri $request_uri;
|
|
||||||
# POST requests and URL with a query string should always go to php
|
|
||||||
if ($request_method = POST) {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
if ($query_string != "") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Don't cache URL containing the following segments
|
|
||||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
|
||||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
|
||||||
location / {
|
|
||||||
try_files /wp-content/cache/page_enhanced/${host}${cache_uri}_index.html $uri $uri/ /index.php?$args;
|
|
||||||
}
|
|
||||||
location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ {
|
|
||||||
try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1;
|
|
||||||
}
|
|
||||||
location ~ \.php$ {
|
|
||||||
try_files $uri =404;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php72;
|
|
||||||
}
|
|
|
@ -1,37 +0,0 @@
|
||||||
# WordPress COMMON SETTINGS
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
# Limit access to avoid brute force attack
|
|
||||||
location = /wp-login.php {
|
|
||||||
limit_req zone=one burst=1 nodelay;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php7;
|
|
||||||
}
|
|
||||||
# Disable wp-config.txt
|
|
||||||
location = /wp-config.txt {
|
|
||||||
deny all;
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
}
|
|
||||||
# Disallow php in upload folder and add webp rewrite
|
|
||||||
location /wp-content/uploads/ {
|
|
||||||
location ~ \.php$ {
|
|
||||||
#Prevent Direct Access Of PHP Files From Web Browsers
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# webp rewrite rules
|
|
||||||
location ~ \.(png|jpe?g)$ {
|
|
||||||
add_header Vary "Accept-Encoding";
|
|
||||||
add_header "Access-Control-Allow-Origin" "*";
|
|
||||||
add_header Cache-Control "public, no-transform";
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires max;
|
|
||||||
try_files $uri$webp_suffix $uri =404;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
# mitigate DoS attack CVE with WordPress script concatenation
|
|
||||||
# add the following line to wp-config.php
|
|
||||||
# define( 'CONCATENATE_SCRIPTS', false );
|
|
||||||
location ~ \/wp-admin\/load-(scripts|styles).php {
|
|
||||||
deny all;
|
|
||||||
}
|
|
|
@ -1,37 +0,0 @@
|
||||||
# WordPress COMMON SETTINGS
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
# Limit access to avoid brute force attack
|
|
||||||
location = /wp-login.php {
|
|
||||||
limit_req zone=one burst=1 nodelay;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php71;
|
|
||||||
}
|
|
||||||
# Disable wp-config.txt
|
|
||||||
location = /wp-config.txt {
|
|
||||||
deny all;
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
}
|
|
||||||
# Disallow php in upload folder and add webp rewrite
|
|
||||||
location /wp-content/uploads/ {
|
|
||||||
location ~ \.php$ {
|
|
||||||
#Prevent Direct Access Of PHP Files From Web Browsers
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# webp rewrite rules
|
|
||||||
location ~ \.(png|jpe?g)$ {
|
|
||||||
add_header Vary "Accept-Encoding";
|
|
||||||
add_header "Access-Control-Allow-Origin" "*";
|
|
||||||
add_header Cache-Control "public, no-transform";
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires max;
|
|
||||||
try_files $uri$webp_suffix $uri =404;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
# mitigate DoS attack CVE with WordPress script concatenation
|
|
||||||
# add the following line to wp-config.php
|
|
||||||
# define( 'CONCATENATE_SCRIPTS', false );
|
|
||||||
location ~ \/wp-admin\/load-(scripts|styles).php {
|
|
||||||
deny all;
|
|
||||||
}
|
|
|
@ -1,37 +0,0 @@
|
||||||
# WordPress COMMON SETTINGS
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
# Limit access to avoid brute force attack
|
|
||||||
location = /wp-login.php {
|
|
||||||
limit_req zone=one burst=1 nodelay;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php72;
|
|
||||||
}
|
|
||||||
# Disable wp-config.txt
|
|
||||||
location = /wp-config.txt {
|
|
||||||
deny all;
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
}
|
|
||||||
# Disallow php in upload folder and add webp rewrite
|
|
||||||
location /wp-content/uploads/ {
|
|
||||||
location ~ \.php$ {
|
|
||||||
#Prevent Direct Access Of PHP Files From Web Browsers
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
# webp rewrite rules
|
|
||||||
location ~ \.(png|jpe?g)$ {
|
|
||||||
add_header Vary "Accept-Encoding";
|
|
||||||
add_header "Access-Control-Allow-Origin" "*";
|
|
||||||
add_header Cache-Control "public, no-transform";
|
|
||||||
access_log off;
|
|
||||||
log_not_found off;
|
|
||||||
expires max;
|
|
||||||
try_files $uri$webp_suffix $uri =404;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
# mitigate DoS attack CVE with WordPress script concatenation
|
|
||||||
# add the following line to wp-config.php
|
|
||||||
# define( 'CONCATENATE_SCRIPTS', false );
|
|
||||||
location ~ \/wp-admin\/load-(scripts|styles).php {
|
|
||||||
deny all;
|
|
||||||
}
|
|
|
@ -1,37 +0,0 @@
|
||||||
# WPFC NGINX CONFIGURATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
set $skip_cache 0;
|
|
||||||
# POST requests and URL with a query string should always go to php
|
|
||||||
if ($request_method = POST) {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
if ($query_string != "") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Don't cache URL containing the following segments
|
|
||||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
|
||||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ /index.php?$args;
|
|
||||||
}
|
|
||||||
location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ {
|
|
||||||
try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1;
|
|
||||||
}
|
|
||||||
location ~ \.php$ {
|
|
||||||
try_files $uri =404;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php71;
|
|
||||||
fastcgi_cache_bypass $skip_cache;
|
|
||||||
fastcgi_no_cache $skip_cache;
|
|
||||||
fastcgi_cache WORDPRESS;
|
|
||||||
}
|
|
||||||
location ~ /purge(/.*) {
|
|
||||||
fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";
|
|
||||||
access_log off;
|
|
||||||
}
|
|
|
@ -1,37 +0,0 @@
|
||||||
# WPFC NGINX CONFIGURATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
set $skip_cache 0;
|
|
||||||
# POST requests and URL with a query string should always go to php
|
|
||||||
if ($request_method = POST) {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
if ($query_string != "") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Don't cache URL containing the following segments
|
|
||||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
|
||||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
|
||||||
set $skip_cache 1;
|
|
||||||
}
|
|
||||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ /index.php?$args;
|
|
||||||
}
|
|
||||||
location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ {
|
|
||||||
try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1;
|
|
||||||
}
|
|
||||||
location ~ \.php$ {
|
|
||||||
try_files $uri =404;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php72;
|
|
||||||
fastcgi_cache_bypass $skip_cache;
|
|
||||||
fastcgi_no_cache $skip_cache;
|
|
||||||
fastcgi_cache WORDPRESS;
|
|
||||||
}
|
|
||||||
location ~ /purge(/.*) {
|
|
||||||
fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";
|
|
||||||
access_log off;
|
|
||||||
}
|
|
|
@ -1,31 +0,0 @@
|
||||||
# WPSC NGINX CONFIGURATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
set $cache_uri $request_uri;
|
|
||||||
# POST requests and URL with a query string should always go to php
|
|
||||||
if ($request_method = POST) {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
if ($query_string != "") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Don't cache URL containing the following segments
|
|
||||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
|
||||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
|
||||||
location / {
|
|
||||||
# If we add index.php?$args its break WooCommerce like plugins
|
|
||||||
# Ref: #330
|
|
||||||
try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php;
|
|
||||||
}
|
|
||||||
location ~ \.php$ {
|
|
||||||
try_files $uri =404;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php71;
|
|
||||||
# Following line is needed by WP Super Cache plugin
|
|
||||||
fastcgi_param SERVER_NAME $http_host;
|
|
||||||
}
|
|
|
@ -1,31 +0,0 @@
|
||||||
# WPSC NGINX CONFIGURATION
|
|
||||||
# DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee)
|
|
||||||
set $cache_uri $request_uri;
|
|
||||||
# POST requests and URL with a query string should always go to php
|
|
||||||
if ($request_method = POST) {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
if ($query_string != "") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Don't cache URL containing the following segments
|
|
||||||
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*\.php|index.php|/feed/|.*sitemap.*\.xml)") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Don't use the cache for logged in users or recent commenter or customer with items in cart
|
|
||||||
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart") {
|
|
||||||
set $cache_uri 'null cache';
|
|
||||||
}
|
|
||||||
# Use cached or actual file if they exists, Otherwise pass request to WordPress
|
|
||||||
location / {
|
|
||||||
# If we add index.php?$args its break WooCommerce like plugins
|
|
||||||
# Ref: #330
|
|
||||||
try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php;
|
|
||||||
}
|
|
||||||
location ~ \.php$ {
|
|
||||||
try_files $uri =404;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php72;
|
|
||||||
# Following line is needed by WP Super Cache plugin
|
|
||||||
fastcgi_param SERVER_NAME $http_host;
|
|
||||||
}
|
|
|
@ -1,27 +0,0 @@
|
||||||
# $remote_addr rewriting in case of NGINX behind CloudFlare.
|
|
||||||
# See also mod_cloudflare Apache module configuration.
|
|
||||||
|
|
||||||
set_real_ip_from 103.21.244.0/22;
|
|
||||||
set_real_ip_from 103.22.200.0/22;
|
|
||||||
set_real_ip_from 103.31.4.0/22;
|
|
||||||
set_real_ip_from 104.16.0.0/12;
|
|
||||||
set_real_ip_from 108.162.192.0/18;
|
|
||||||
set_real_ip_from 131.0.72.0/22;
|
|
||||||
set_real_ip_from 141.101.64.0/18;
|
|
||||||
set_real_ip_from 162.158.0.0/15;
|
|
||||||
set_real_ip_from 172.64.0.0/13;
|
|
||||||
set_real_ip_from 173.245.48.0/20;
|
|
||||||
set_real_ip_from 188.114.96.0/20;
|
|
||||||
set_real_ip_from 190.93.240.0/20;
|
|
||||||
set_real_ip_from 197.234.240.0/22;
|
|
||||||
set_real_ip_from 198.41.128.0/17;
|
|
||||||
set_real_ip_from 2400:cb00::/32;
|
|
||||||
set_real_ip_from 2606:4700::/32;
|
|
||||||
set_real_ip_from 2803:f800::/32;
|
|
||||||
set_real_ip_from 2405:b500::/32;
|
|
||||||
set_real_ip_from 2405:8100::/32;
|
|
||||||
set_real_ip_from 2c0f:f248::/32;
|
|
||||||
set_real_ip_from 2a06:98c0::/29;
|
|
||||||
|
|
||||||
real_ip_header CF-Connecting-IP;
|
|
||||||
#real_ip_header X-Forwarded-For;
|
|
|
@ -1,19 +0,0 @@
|
||||||
# FastCGI cache settings
|
|
||||||
fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m;
|
|
||||||
fastcgi_cache_key "$scheme$request_method$host$request_uri";
|
|
||||||
fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503;
|
|
||||||
fastcgi_buffers 256 32k;
|
|
||||||
fastcgi_buffer_size 256k;
|
|
||||||
fastcgi_connect_timeout 4s;
|
|
||||||
fastcgi_send_timeout 120s;
|
|
||||||
fastcgi_busy_buffers_size 512k;
|
|
||||||
fastcgi_temp_file_write_size 512K;
|
|
||||||
fastcgi_param SERVER_NAME $http_host;
|
|
||||||
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
|
|
||||||
fastcgi_keep_conn on;
|
|
||||||
|
|
||||||
#Others
|
|
||||||
open_file_cache max=2000 inactive=20s;
|
|
||||||
open_file_cache_valid 60s;
|
|
||||||
open_file_cache_min_uses 5;
|
|
||||||
open_file_cache_errors off;
|
|
|
@ -1,42 +0,0 @@
|
||||||
map $http_x_requested_with $http_request_no_cache {
|
|
||||||
default 0;
|
|
||||||
XMLHttpRequest 1;
|
|
||||||
}
|
|
||||||
map $http_cookie $cookie_no_cache {
|
|
||||||
default 0;
|
|
||||||
"~*wordpress_[a-f0-9]+" 1;
|
|
||||||
"~*wp-postpass" 1;
|
|
||||||
"~*wordpress_logged_in" 1;
|
|
||||||
"~*wordpress_no_cache" 1;
|
|
||||||
"~*comment_author" 1;
|
|
||||||
"~*woocommerce_items_in_cart" 1;
|
|
||||||
"~*woocommerce_cart_hash" 1;
|
|
||||||
"~*wptouch_switch_toogle" 1;
|
|
||||||
"~*comment_author_email_" 1;
|
|
||||||
}
|
|
||||||
map $request_uri $uri_no_cache {
|
|
||||||
default 0;
|
|
||||||
"~*/wp-admin/" 1;
|
|
||||||
"~*/wp-[a-zA-Z0-9-]+.php" 1;
|
|
||||||
"~*/feed/" 1;
|
|
||||||
"~*/index.php" 1;
|
|
||||||
"~*/[a-z0-9_-]+-sitemap([0-9]+)?.xml" 1;
|
|
||||||
"~*/sitemap(_index)?.xml" 1;
|
|
||||||
"~*/wp-comments-popup.php" 1;
|
|
||||||
"~*/wp-links-opml.php" 1;
|
|
||||||
"~*/wp-locations.php" 1;
|
|
||||||
"~*/wp-.*.php" 1;
|
|
||||||
"~*/xmlrpc.php" 1;
|
|
||||||
"~*/wp-app.php" 1;
|
|
||||||
"~*/wp-login.php" 1;
|
|
||||||
"~*/wp-register.php" 1;
|
|
||||||
"~*/wp-mail.php" 1;
|
|
||||||
}
|
|
||||||
map $query_string $query_no_cache {
|
|
||||||
default 1;
|
|
||||||
"" 0;
|
|
||||||
}
|
|
||||||
map $http_request_no_cache$cookie_no_cache$uri_no_cache$query_no_cache $skip_cache {
|
|
||||||
default 1;
|
|
||||||
0000 0;
|
|
||||||
}
|
|
|
@ -1,35 +0,0 @@
|
||||||
# Common upstream settings
|
|
||||||
upstream php {
|
|
||||||
# server unix:/run/php5-fpm.sock;
|
|
||||||
server 127.0.0.1:9000;
|
|
||||||
}
|
|
||||||
upstream debug {
|
|
||||||
# Debug Pool
|
|
||||||
server 127.0.0.1:9001;
|
|
||||||
}
|
|
||||||
# php7.0-fpm
|
|
||||||
upstream php7 {
|
|
||||||
server 127.0.0.1:9070;
|
|
||||||
}
|
|
||||||
|
|
||||||
upstream debug7 {
|
|
||||||
server 127.0.0.1:9170;
|
|
||||||
}
|
|
||||||
# php7.1-fpm
|
|
||||||
upstream php71 {
|
|
||||||
server 127.0.0.1:9080;
|
|
||||||
}
|
|
||||||
# php7.2-fpm
|
|
||||||
upstream php72 {
|
|
||||||
server 127.0.0.1:9090;
|
|
||||||
}
|
|
||||||
# redis
|
|
||||||
upstream redis {
|
|
||||||
server 127.0.0.1:6379;
|
|
||||||
keepalive 10;
|
|
||||||
}
|
|
||||||
# netdata (optional)
|
|
||||||
upstream netdata {
|
|
||||||
server 127.0.0.1:19999;
|
|
||||||
keepalive 64;
|
|
||||||
}
|
|
|
@ -1,4 +0,0 @@
|
||||||
map $http_accept $webp_suffix {
|
|
||||||
default "";
|
|
||||||
"~*webp" ".webp";
|
|
||||||
}
|
|
|
@ -1,91 +0,0 @@
|
||||||
|
|
||||||
types {
|
|
||||||
text/html html htm shtml;
|
|
||||||
text/css css;
|
|
||||||
text/xml xml;
|
|
||||||
image/gif gif;
|
|
||||||
image/jpeg jpeg jpg;
|
|
||||||
application/javascript js;
|
|
||||||
application/atom+xml atom;
|
|
||||||
application/rss+xml rss;
|
|
||||||
|
|
||||||
text/mathml mml;
|
|
||||||
text/plain txt;
|
|
||||||
text/vnd.sun.j2me.app-descriptor jad;
|
|
||||||
text/vnd.wap.wml wml;
|
|
||||||
text/x-component htc;
|
|
||||||
|
|
||||||
image/png png;
|
|
||||||
image/tiff tif tiff;
|
|
||||||
image/vnd.wap.wbmp wbmp;
|
|
||||||
image/x-icon ico;
|
|
||||||
image/x-jng jng;
|
|
||||||
image/x-ms-bmp bmp;
|
|
||||||
image/svg+xml svg svgz;
|
|
||||||
image/webp webp;
|
|
||||||
|
|
||||||
application/font-woff woff;
|
|
||||||
application/font-woff2 woff2;
|
|
||||||
application/x-font-ttf ttf;
|
|
||||||
application/java-archive jar war ear;
|
|
||||||
application/json json;
|
|
||||||
application/mac-binhex40 hqx;
|
|
||||||
application/msword doc;
|
|
||||||
application/pdf pdf;
|
|
||||||
application/postscript ps eps ai;
|
|
||||||
application/rtf rtf;
|
|
||||||
application/vnd.apple.mpegurl m3u8;
|
|
||||||
application/vnd.ms-excel xls;
|
|
||||||
application/vnd.ms-fontobject eot;
|
|
||||||
application/vnd.ms-powerpoint ppt;
|
|
||||||
application/vnd.wap.wmlc wmlc;
|
|
||||||
application/vnd.google-earth.kml+xml kml;
|
|
||||||
application/vnd.google-earth.kmz kmz;
|
|
||||||
application/x-7z-compressed 7z;
|
|
||||||
application/x-cocoa cco;
|
|
||||||
application/x-java-archive-diff jardiff;
|
|
||||||
application/x-java-jnlp-file jnlp;
|
|
||||||
application/x-makeself run;
|
|
||||||
application/x-perl pl pm;
|
|
||||||
application/x-pilot prc pdb;
|
|
||||||
application/x-rar-compressed rar;
|
|
||||||
application/x-redhat-package-manager rpm;
|
|
||||||
application/x-sea sea;
|
|
||||||
application/x-shockwave-flash swf;
|
|
||||||
application/x-stuffit sit;
|
|
||||||
application/x-tcl tcl tk;
|
|
||||||
application/x-x509-ca-cert der pem crt;
|
|
||||||
application/x-xpinstall xpi;
|
|
||||||
application/xhtml+xml xhtml;
|
|
||||||
application/xspf+xml xspf;
|
|
||||||
application/zip zip;
|
|
||||||
|
|
||||||
application/octet-stream bin exe dll;
|
|
||||||
application/octet-stream deb;
|
|
||||||
application/octet-stream dmg;
|
|
||||||
application/octet-stream iso img;
|
|
||||||
application/octet-stream msi msp msm;
|
|
||||||
|
|
||||||
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
|
|
||||||
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
|
|
||||||
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
|
|
||||||
|
|
||||||
audio/midi mid midi kar;
|
|
||||||
audio/mpeg mp3;
|
|
||||||
audio/ogg ogg;
|
|
||||||
audio/x-m4a m4a;
|
|
||||||
audio/x-realaudio ra;
|
|
||||||
|
|
||||||
video/3gpp 3gpp 3gp;
|
|
||||||
video/mp2t ts;
|
|
||||||
video/mp4 mp4;
|
|
||||||
video/mpeg mpeg mpg;
|
|
||||||
video/quicktime mov;
|
|
||||||
video/webm webm;
|
|
||||||
video/x-flv flv;
|
|
||||||
video/x-m4v m4v;
|
|
||||||
video/x-mng mng;
|
|
||||||
video/x-ms-asf asx asf;
|
|
||||||
video/x-ms-wmv wmv;
|
|
||||||
video/x-msvideo avi;
|
|
||||||
}
|
|
|
@ -1,167 +0,0 @@
|
||||||
user www-data;
|
|
||||||
worker_processes auto;
|
|
||||||
worker_cpu_affinity auto;
|
|
||||||
worker_rlimit_nofile 100000;
|
|
||||||
pid /run/nginx.pid;
|
|
||||||
|
|
||||||
events
|
|
||||||
{
|
|
||||||
worker_connections 16384;
|
|
||||||
multi_accept on;
|
|
||||||
use epoll;
|
|
||||||
}
|
|
||||||
|
|
||||||
http
|
|
||||||
{
|
|
||||||
##
|
|
||||||
# EasyEngine Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
sendfile on;
|
|
||||||
sendfile_max_chunk 512k;
|
|
||||||
|
|
||||||
tcp_nopush on;
|
|
||||||
tcp_nodelay on;
|
|
||||||
|
|
||||||
keepalive_timeout 8;
|
|
||||||
keepalive_requests 500;
|
|
||||||
|
|
||||||
lingering_time 20s;
|
|
||||||
lingering_timeout 5s;
|
|
||||||
|
|
||||||
server_tokens off;
|
|
||||||
reset_timedout_connection on;
|
|
||||||
add_header X-Powered-By "EasyEngine v3.8.1 - Optimized by VirtuBox";
|
|
||||||
add_header rt-Fastcgi-Cache $upstream_cache_status;
|
|
||||||
|
|
||||||
# Limit Request
|
|
||||||
limit_req_status 403;
|
|
||||||
limit_req_zone $remote_addr_ipscrub zone=one:10m rate=1r/s;
|
|
||||||
|
|
||||||
#Simple DOS mitigation
|
|
||||||
##Max c/s by ip
|
|
||||||
#limit_conn_zone $binary_remote_addr zone=limit_per_ip:10m;
|
|
||||||
#limit_conn limit_per_ip 80;
|
|
||||||
|
|
||||||
##Max rq/s by ip
|
|
||||||
#limit_req_zone $binary_remote_addr zone=allips:10m rate=400r/s;
|
|
||||||
#limit_req zone=allips burst=400 nodelay;
|
|
||||||
|
|
||||||
# Proxy Settings
|
|
||||||
# set_real_ip_from proxy-server-ip;
|
|
||||||
# real_ip_header X-Forwarded-For;
|
|
||||||
|
|
||||||
fastcgi_read_timeout 300;
|
|
||||||
client_max_body_size 100m;
|
|
||||||
|
|
||||||
#See - https://www.nginx.com/blog/thread-pools-boost-performance-9x/
|
|
||||||
aio threads;
|
|
||||||
|
|
||||||
# tls dynamic records patch directive
|
|
||||||
ssl_dyn_rec_enable on;
|
|
||||||
|
|
||||||
# nginx-vts-status module
|
|
||||||
vhost_traffic_status_zone;
|
|
||||||
|
|
||||||
resolver 8.8.8.8 1.1.1.1 valid=300s;
|
|
||||||
resolver_timeout 10;
|
|
||||||
|
|
||||||
##
|
|
||||||
# GeoIP module configuration, before removing comments
|
|
||||||
# read the tutorial : https://gist.github.com/VirtuBox/9ed03c9bd9169202c358a8be181b7840
|
|
||||||
##
|
|
||||||
#geoip_country /usr/share/GeoIP/GeoIP.dat;
|
|
||||||
#geoip_city /usr/share/GeoIP/GeoIPCity.dat;
|
|
||||||
|
|
||||||
##
|
|
||||||
# SSL Settings
|
|
||||||
##
|
|
||||||
# intermediate configuration. tweak to your needs.
|
|
||||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
|
|
||||||
ssl_ciphers 'TLS13+AESGCM+AES128:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
|
|
||||||
ssl_prefer_server_ciphers on;
|
|
||||||
ssl_session_cache shared:SSL:50m;
|
|
||||||
ssl_session_timeout 1d;
|
|
||||||
ssl_session_tickets off;
|
|
||||||
ssl_ecdh_curve X25519:sect571r1:secp521r1:secp384r1;
|
|
||||||
|
|
||||||
##Common headers for security
|
|
||||||
more_set_headers "X-Frame-Options : SAMEORIGIN";
|
|
||||||
more_set_headers "X-Xss-Protection : 1; mode=block";
|
|
||||||
more_set_headers "X-Content-Type-Options : nosniff";
|
|
||||||
more_set_headers "Referrer-Policy : strict-origin-when-cross-origin";
|
|
||||||
|
|
||||||
##
|
|
||||||
# Basic Settings
|
|
||||||
##
|
|
||||||
# server_names_hash_bucket_size 64;
|
|
||||||
# server_name_in_redirect off;
|
|
||||||
|
|
||||||
include /etc/nginx/mime.types;
|
|
||||||
default_type application/octet-stream;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Logging Settings
|
|
||||||
# access_log disabled for performance
|
|
||||||
##
|
|
||||||
|
|
||||||
access_log off;
|
|
||||||
error_log /var/log/nginx/error.log;
|
|
||||||
|
|
||||||
# Log format Settings
|
|
||||||
log_format rt_cache '$remote_addr_ipscrub $upstream_response_time $upstream_cache_status [$time_local] '
|
|
||||||
'$http_host "$request" $status $body_bytes_sent '
|
|
||||||
'"$http_referer" "$http_user_agent" $server_protocol';
|
|
||||||
|
|
||||||
# ipscrub settings
|
|
||||||
ipscrub_period_seconds 3600;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Gzip Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
gzip on;
|
|
||||||
gzip_disable "msie6";
|
|
||||||
|
|
||||||
gzip_vary on;
|
|
||||||
gzip_proxied any;
|
|
||||||
gzip_comp_level 6;
|
|
||||||
gzip_buffers 16 8k;
|
|
||||||
gzip_http_version 1.1;
|
|
||||||
gzip_types
|
|
||||||
application/atom+xml
|
|
||||||
application/javascript
|
|
||||||
application/json
|
|
||||||
application/rss+xml
|
|
||||||
application/vnd.ms-fontobject
|
|
||||||
application/x-font-ttf
|
|
||||||
application/x-web-app-manifest+json
|
|
||||||
application/xhtml+xml
|
|
||||||
application/xml
|
|
||||||
font/opentype
|
|
||||||
image/svg+xml
|
|
||||||
image/x-icon
|
|
||||||
text/css
|
|
||||||
text/plain
|
|
||||||
text/x-component
|
|
||||||
text/xml
|
|
||||||
text/javascript;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Brotli Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
brotli on;
|
|
||||||
brotli_static on;
|
|
||||||
brotli_buffers 16 8k;
|
|
||||||
brotli_comp_level 6;
|
|
||||||
brotli_types *;
|
|
||||||
|
|
||||||
|
|
||||||
##
|
|
||||||
# Virtual Host Configs
|
|
||||||
##
|
|
||||||
include /etc/nginx/conf.d/*.conf;
|
|
||||||
include /etc/nginx/sites-enabled/*;
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,186 +0,0 @@
|
||||||
user www-data;
|
|
||||||
worker_processes auto;
|
|
||||||
worker_cpu_affinity auto;
|
|
||||||
worker_rlimit_nofile 100000;
|
|
||||||
pid /run/nginx.pid;
|
|
||||||
|
|
||||||
events
|
|
||||||
{
|
|
||||||
worker_connections 16384;
|
|
||||||
multi_accept on;
|
|
||||||
use epoll;
|
|
||||||
}
|
|
||||||
|
|
||||||
http
|
|
||||||
{
|
|
||||||
##
|
|
||||||
# EasyEngine Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
sendfile on;
|
|
||||||
sendfile_max_chunk 512k;
|
|
||||||
|
|
||||||
tcp_nopush on;
|
|
||||||
tcp_nodelay on;
|
|
||||||
|
|
||||||
keepalive_timeout 8;
|
|
||||||
keepalive_requests 500;
|
|
||||||
|
|
||||||
lingering_time 20s;
|
|
||||||
lingering_timeout 5s;
|
|
||||||
|
|
||||||
server_tokens off;
|
|
||||||
reset_timedout_connection on;
|
|
||||||
add_header X-Powered-By "EasyEngine v3.8.1 - Optimized by VirtuBox";
|
|
||||||
add_header rt-Fastcgi-Cache $upstream_cache_status;
|
|
||||||
|
|
||||||
# Limit Request
|
|
||||||
limit_req_status 403;
|
|
||||||
limit_req_zone $remote_addr_ipscrub zone=one:10m rate=1r/s;
|
|
||||||
|
|
||||||
#Simple DOS mitigation
|
|
||||||
##Max c/s by ip
|
|
||||||
#limit_conn_zone $binary_remote_addr zone=limit_per_ip:10m;
|
|
||||||
#limit_conn limit_per_ip 80;
|
|
||||||
|
|
||||||
##Max rq/s by ip
|
|
||||||
#limit_req_zone $binary_remote_addr zone=allips:10m rate=400r/s;
|
|
||||||
#limit_req zone=allips burst=400 nodelay;
|
|
||||||
|
|
||||||
# Proxy Settings
|
|
||||||
# set_real_ip_from proxy-server-ip;
|
|
||||||
# real_ip_header X-Forwarded-For;
|
|
||||||
|
|
||||||
fastcgi_read_timeout 120s;
|
|
||||||
client_max_body_size 100m;
|
|
||||||
|
|
||||||
#See - https://www.nginx.com/blog/thread-pools-boost-performance-9x/
|
|
||||||
aio threads;
|
|
||||||
|
|
||||||
# tls dynamic records patch directive
|
|
||||||
ssl_dyn_rec_enable on;
|
|
||||||
|
|
||||||
# nginx-vts-status module
|
|
||||||
vhost_traffic_status_zone;
|
|
||||||
|
|
||||||
resolver 8.8.8.8 1.1.1.1 valid=300s;
|
|
||||||
resolver_timeout 10;
|
|
||||||
|
|
||||||
##
|
|
||||||
# GeoIP module configuration, before removing comments
|
|
||||||
# read the tutorial : https://gist.github.com/VirtuBox/9ed03c9bd9169202c358a8be181b7840
|
|
||||||
##
|
|
||||||
#geoip_country /usr/share/GeoIP/GeoIP.dat;
|
|
||||||
#geoip_city /usr/share/GeoIP/GeoIPCity.dat;
|
|
||||||
|
|
||||||
##
|
|
||||||
# SSL Settings
|
|
||||||
##
|
|
||||||
ssl_protocols TLSv1.2;
|
|
||||||
ssl_ciphers 'EECDH+CHACHA20:EECDH+AESGCM';
|
|
||||||
ssl_prefer_server_ciphers on;
|
|
||||||
ssl_session_cache shared:SSL:50m;
|
|
||||||
ssl_session_timeout 1d;
|
|
||||||
ssl_session_tickets off;
|
|
||||||
ssl_ecdh_curve X25519:P-521:P-384:P-256;
|
|
||||||
|
|
||||||
##Common headers for security
|
|
||||||
more_set_headers "X-Frame-Options : SAMEORIGIN";
|
|
||||||
more_set_headers "X-Xss-Protection : 1; mode=block";
|
|
||||||
more_set_headers "X-Content-Type-Options : nosniff";
|
|
||||||
more_set_headers "Referrer-Policy : strict-origin-when-cross-origin";
|
|
||||||
##
|
|
||||||
# Basic Settings
|
|
||||||
##
|
|
||||||
# server_names_hash_bucket_size 64;
|
|
||||||
# server_name_in_redirect off;
|
|
||||||
|
|
||||||
include /etc/nginx/mime.types;
|
|
||||||
default_type application/octet-stream;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Logging Settings
|
|
||||||
# access_log disabled for performance
|
|
||||||
##
|
|
||||||
|
|
||||||
access_log off;
|
|
||||||
error_log /var/log/nginx/error.log;
|
|
||||||
|
|
||||||
# Log format Settings
|
|
||||||
log_format rt_cache '$remote_addr_ipscrub $upstream_response_time $upstream_cache_status [$time_local] '
|
|
||||||
'$http_host "$request" $status $body_bytes_sent '
|
|
||||||
'"$http_referer" "$http_user_agent" $server_protocol';
|
|
||||||
|
|
||||||
# ipscrub settings
|
|
||||||
ipscrub_period_seconds 3600;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Gzip Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
gzip on;
|
|
||||||
gzip_disable "msie6";
|
|
||||||
|
|
||||||
gzip_vary on;
|
|
||||||
gzip_proxied any;
|
|
||||||
gzip_comp_level 6;
|
|
||||||
gzip_buffers 16 8k;
|
|
||||||
gzip_http_version 1.1;
|
|
||||||
gzip_types
|
|
||||||
application/atom+xml
|
|
||||||
application/javascript
|
|
||||||
application/json
|
|
||||||
application/rss+xml
|
|
||||||
application/vnd.ms-fontobject
|
|
||||||
application/x-font-ttf
|
|
||||||
application/x-web-app-manifest+json
|
|
||||||
application/xhtml+xml
|
|
||||||
application/xml
|
|
||||||
font/opentype
|
|
||||||
image/svg+xml
|
|
||||||
image/x-icon
|
|
||||||
text/css
|
|
||||||
text/plain
|
|
||||||
text/x-component
|
|
||||||
text/xml
|
|
||||||
text/javascript;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Brotli Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
brotli on;
|
|
||||||
brotli_static on;
|
|
||||||
brotli_buffers 16 8k;
|
|
||||||
brotli_comp_level 6;
|
|
||||||
brotli_types *;
|
|
||||||
|
|
||||||
|
|
||||||
##
|
|
||||||
# Virtual Host Configs
|
|
||||||
##
|
|
||||||
include /etc/nginx/conf.d/*.conf;
|
|
||||||
include /etc/nginx/sites-enabled/*;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
#mail {
|
|
||||||
# # See sample authentication script at:
|
|
||||||
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
|
|
||||||
#
|
|
||||||
# # auth_http localhost/auth.php;
|
|
||||||
# # pop3_capabilities "TOP" "USER";
|
|
||||||
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
|
|
||||||
#
|
|
||||||
# server {
|
|
||||||
# listen localhost:110;
|
|
||||||
# protocol pop3;
|
|
||||||
# proxy on;
|
|
||||||
# }
|
|
||||||
#
|
|
||||||
# server {
|
|
||||||
# listen localhost:143;
|
|
||||||
# protocol imap;
|
|
||||||
# proxy on;
|
|
||||||
# }
|
|
||||||
#}
|
|
|
@ -1,188 +0,0 @@
|
||||||
user www-data;
|
|
||||||
worker_processes auto;
|
|
||||||
worker_cpu_affinity auto;
|
|
||||||
worker_rlimit_nofile 100000;
|
|
||||||
pid /run/nginx.pid;
|
|
||||||
|
|
||||||
events
|
|
||||||
{
|
|
||||||
worker_connections 16384;
|
|
||||||
multi_accept on;
|
|
||||||
use epoll;
|
|
||||||
}
|
|
||||||
|
|
||||||
http
|
|
||||||
{
|
|
||||||
##
|
|
||||||
# EasyEngine Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
sendfile on;
|
|
||||||
sendfile_max_chunk 512k;
|
|
||||||
|
|
||||||
tcp_nopush on;
|
|
||||||
tcp_nodelay on;
|
|
||||||
|
|
||||||
keepalive_timeout 8;
|
|
||||||
keepalive_requests 500;
|
|
||||||
|
|
||||||
lingering_time 20s;
|
|
||||||
lingering_timeout 5s;
|
|
||||||
|
|
||||||
server_tokens off;
|
|
||||||
reset_timedout_connection on;
|
|
||||||
add_header X-Powered-By "EasyEngine v3.8.1 - Optimized by VirtuBox";
|
|
||||||
add_header rt-Fastcgi-Cache $upstream_cache_status;
|
|
||||||
|
|
||||||
# Limit Request
|
|
||||||
limit_req_status 403;
|
|
||||||
limit_req_zone $remote_addr_ipscrub zone=one:10m rate=1r/s;
|
|
||||||
|
|
||||||
#Simple DOS mitigation
|
|
||||||
##Max c/s by ip
|
|
||||||
#limit_conn_zone $binary_remote_addr zone=limit_per_ip:10m;
|
|
||||||
#limit_conn limit_per_ip 80;
|
|
||||||
|
|
||||||
##Max rq/s by ip
|
|
||||||
#limit_req_zone $binary_remote_addr zone=allips:10m rate=400r/s;
|
|
||||||
#limit_req zone=allips burst=400 nodelay;
|
|
||||||
|
|
||||||
# Proxy Settings
|
|
||||||
# set_real_ip_from proxy-server-ip;
|
|
||||||
# real_ip_header X-Forwarded-For;
|
|
||||||
|
|
||||||
fastcgi_read_timeout 120s;
|
|
||||||
client_max_body_size 100m;
|
|
||||||
|
|
||||||
#See - https://www.nginx.com/blog/thread-pools-boost-performance-9x/
|
|
||||||
aio threads;
|
|
||||||
|
|
||||||
# tls dynamic records patch directive
|
|
||||||
ssl_dyn_rec_enable on;
|
|
||||||
|
|
||||||
# nginx-vts-status module
|
|
||||||
vhost_traffic_status_zone;
|
|
||||||
|
|
||||||
# dns resolver for oscp
|
|
||||||
resolver 8.8.8.8 1.1.1.1 valid=300s;
|
|
||||||
resolver_timeout 10;
|
|
||||||
|
|
||||||
##
|
|
||||||
# GeoIP module configuration, before removing comments
|
|
||||||
# read the tutorial : https://gist.github.com/VirtuBox/9ed03c9bd9169202c358a8be181b7840
|
|
||||||
##
|
|
||||||
#geoip_country /usr/share/GeoIP/GeoIP.dat;
|
|
||||||
#geoip_city /usr/share/GeoIP/GeoIPCity.dat;
|
|
||||||
|
|
||||||
##
|
|
||||||
# SSL Settings
|
|
||||||
##
|
|
||||||
ssl_protocols TLSv1.2 TLSv1.3;
|
|
||||||
ssl_ciphers 'TLS13+AESGCM+AES128:EECDH+AES128';
|
|
||||||
ssl_prefer_server_ciphers on;
|
|
||||||
ssl_session_cache shared:SSL:50m;
|
|
||||||
ssl_session_timeout 1d;
|
|
||||||
ssl_session_tickets off;
|
|
||||||
ssl_ecdh_curve X25519:sect571r1:secp521r1:secp384r1;
|
|
||||||
|
|
||||||
##Common headers for security
|
|
||||||
more_set_headers "X-Frame-Options : SAMEORIGIN";
|
|
||||||
more_set_headers "X-Xss-Protection : 1; mode=block";
|
|
||||||
more_set_headers "X-Content-Type-Options : nosniff";
|
|
||||||
more_set_headers "Referrer-Policy : strict-origin-when-cross-origin";
|
|
||||||
|
|
||||||
##
|
|
||||||
# Basic Settings
|
|
||||||
##
|
|
||||||
# server_names_hash_bucket_size 64;
|
|
||||||
# server_name_in_redirect off;
|
|
||||||
|
|
||||||
include /etc/nginx/mime.types;
|
|
||||||
default_type application/octet-stream;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Logging Settings
|
|
||||||
# access_log disabled for performance
|
|
||||||
##
|
|
||||||
|
|
||||||
access_log off;
|
|
||||||
error_log /var/log/nginx/error.log;
|
|
||||||
|
|
||||||
# Log format Settings
|
|
||||||
log_format rt_cache '$remote_addr_ipscrub $upstream_response_time $upstream_cache_status [$time_local] '
|
|
||||||
'$http_host "$request" $status $body_bytes_sent '
|
|
||||||
'"$http_referer" "$http_user_agent" $server_protocol';
|
|
||||||
|
|
||||||
# ipscrub settings
|
|
||||||
ipscrub_period_seconds 3600;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Gzip Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
gzip on;
|
|
||||||
gzip_disable "msie6";
|
|
||||||
|
|
||||||
gzip_vary on;
|
|
||||||
gzip_proxied any;
|
|
||||||
gzip_comp_level 6;
|
|
||||||
gzip_buffers 16 8k;
|
|
||||||
gzip_http_version 1.1;
|
|
||||||
gzip_types
|
|
||||||
application/atom+xml
|
|
||||||
application/javascript
|
|
||||||
application/json
|
|
||||||
application/rss+xml
|
|
||||||
application/vnd.ms-fontobject
|
|
||||||
application/x-font-ttf
|
|
||||||
application/x-web-app-manifest+json
|
|
||||||
application/xhtml+xml
|
|
||||||
application/xml
|
|
||||||
font/opentype
|
|
||||||
image/svg+xml
|
|
||||||
image/x-icon
|
|
||||||
text/css
|
|
||||||
text/plain
|
|
||||||
text/x-component
|
|
||||||
text/xml
|
|
||||||
text/javascript;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Brotli Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
brotli on;
|
|
||||||
brotli_static on;
|
|
||||||
brotli_buffers 16 8k;
|
|
||||||
brotli_comp_level 6;
|
|
||||||
brotli_types *;
|
|
||||||
|
|
||||||
|
|
||||||
##
|
|
||||||
# Virtual Host Configs
|
|
||||||
##
|
|
||||||
include /etc/nginx/conf.d/*.conf;
|
|
||||||
include /etc/nginx/sites-enabled/*;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
#mail {
|
|
||||||
# # See sample authentication script at:
|
|
||||||
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
|
|
||||||
#
|
|
||||||
# # auth_http localhost/auth.php;
|
|
||||||
# # pop3_capabilities "TOP" "USER";
|
|
||||||
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
|
|
||||||
#
|
|
||||||
# server {
|
|
||||||
# listen localhost:110;
|
|
||||||
# protocol pop3;
|
|
||||||
# proxy on;
|
|
||||||
# }
|
|
||||||
#
|
|
||||||
# server {
|
|
||||||
# listen localhost:143;
|
|
||||||
# protocol imap;
|
|
||||||
# proxy on;
|
|
||||||
# }
|
|
||||||
#}
|
|
|
@ -1,13 +0,0 @@
|
||||||
proxy_set_header Host $http_host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
|
|
||||||
proxy_buffering on;
|
|
||||||
proxy_buffer_size 128k;
|
|
||||||
proxy_buffers 256 16k;
|
|
||||||
proxy_busy_buffers_size 256k;
|
|
||||||
proxy_temp_file_write_size 256k;
|
|
||||||
proxy_max_temp_file_size 0;
|
|
||||||
proxy_read_timeout 3000;
|
|
||||||
proxy_send_timeout 3000;
|
|
|
@ -1,90 +0,0 @@
|
||||||
# EasyEngine admin NGINX CONFIGURATION
|
|
||||||
|
|
||||||
server {
|
|
||||||
|
|
||||||
listen 22222 default_server ssl http2;
|
|
||||||
|
|
||||||
access_log off;
|
|
||||||
error_log /var/log/nginx/22222.error.log;
|
|
||||||
|
|
||||||
ssl_certificate /var/www/22222/cert/22222.crt;
|
|
||||||
ssl_certificate_key /var/www/22222/cert/22222.key;
|
|
||||||
|
|
||||||
# Force HTTP to HTTPS
|
|
||||||
error_page 497 =200 https://$host:22222$request_uri;
|
|
||||||
|
|
||||||
root /var/www/22222/htdocs;
|
|
||||||
index index.php index.htm index.html;
|
|
||||||
|
|
||||||
# Turn on directory listing
|
|
||||||
autoindex on;
|
|
||||||
|
|
||||||
# HTTP Authentication on port 22222
|
|
||||||
include common/acl.conf;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ /index.php?$args;
|
|
||||||
}
|
|
||||||
|
|
||||||
# nginx-vts-status
|
|
||||||
location /vts_status {
|
|
||||||
vhost_traffic_status_display;
|
|
||||||
vhost_traffic_status_display_format html;
|
|
||||||
}
|
|
||||||
|
|
||||||
# Display menu at location /fpm/status/
|
|
||||||
location = /fpm/status/ {}
|
|
||||||
|
|
||||||
location ~ /fpm/status/(.*) {
|
|
||||||
try_files $uri =404;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_param SCRIPT_NAME /status;
|
|
||||||
fastcgi_pass $1;
|
|
||||||
}
|
|
||||||
|
|
||||||
location ~ \.php$ {
|
|
||||||
try_files $uri =404;
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php7;
|
|
||||||
}
|
|
||||||
|
|
||||||
# ViMbAdmin Rules
|
|
||||||
location = /vimbadmin/ {
|
|
||||||
return 301 $scheme://$host:22222/vimbadmin/public/;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
location ~* /vimbadmin/public/(.*)/(.*) {
|
|
||||||
root /var/www/22222/htdocs/vimbadmin/public;
|
|
||||||
try_files $uri $uri/ /vimbadmin/public/index.php?$args;
|
|
||||||
}
|
|
||||||
|
|
||||||
location ~* /vimbadmin/public/(.*) {
|
|
||||||
root /var/www/22222/htdocs/vimbadmin/public;
|
|
||||||
try_files $uri $uri/ /vimbadmin/public/index.php?$args;
|
|
||||||
}
|
|
||||||
|
|
||||||
location /netdata {
|
|
||||||
return 301 /netdata/;
|
|
||||||
}
|
|
||||||
|
|
||||||
location ~ /netdata/(?<ndpath>.*) {
|
|
||||||
proxy_redirect off;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
|
|
||||||
proxy_set_header X-Forwarded-Host $host;
|
|
||||||
proxy_set_header X-Forwarded-Server $host;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_http_version 1.1;
|
|
||||||
proxy_pass_request_headers on;
|
|
||||||
proxy_set_header Connection "keep-alive";
|
|
||||||
proxy_store off;
|
|
||||||
proxy_pass http://netdata/$ndpath$is_args$args;
|
|
||||||
|
|
||||||
gzip on;
|
|
||||||
gzip_proxied any;
|
|
||||||
gzip_types *;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -1,112 +0,0 @@
|
||||||
##
|
|
||||||
# You should look at the following URL's in order to grasp a solid understanding
|
|
||||||
# of Nginx configuration files in order to fully unleash the power of Nginx.
|
|
||||||
# http://wiki.nginx.org/Pitfalls
|
|
||||||
# http://wiki.nginx.org/QuickStart
|
|
||||||
# http://wiki.nginx.org/Configuration
|
|
||||||
#
|
|
||||||
# Generally, you will want to move this file somewhere, and start with a clean
|
|
||||||
# file but keep this around for reference. Or just disable in sites-enabled.
|
|
||||||
#
|
|
||||||
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
|
|
||||||
##
|
|
||||||
|
|
||||||
# Default server configuration
|
|
||||||
#
|
|
||||||
|
|
||||||
server {
|
|
||||||
listen 80 default_server;
|
|
||||||
listen [::]:80 default_server;
|
|
||||||
|
|
||||||
# SSL configuration
|
|
||||||
#
|
|
||||||
# listen 443 ssl default_server;
|
|
||||||
# listen [::]:443 ssl default_server;
|
|
||||||
#
|
|
||||||
# Self signed certs generated by the ssl-cert package
|
|
||||||
# Don't use them in a production server!
|
|
||||||
# include snippets/snakeoil.conf;
|
|
||||||
#
|
|
||||||
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don’t use SSLv3 ref: POODLE
|
|
||||||
# ssl_ciphers HIGH:!aNULL:!MD5;
|
|
||||||
# ssl_prefer_server_ciphers on;
|
|
||||||
|
|
||||||
root /var/www/html;
|
|
||||||
|
|
||||||
# Add index.php to the list if you are using PHP
|
|
||||||
index index.html index.htm index.nginx-debian.html;
|
|
||||||
|
|
||||||
server_name _;
|
|
||||||
|
|
||||||
access_log off;
|
|
||||||
error_log /var/log/nginx/default.error.log;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
# First attempt to serve request as file, then
|
|
||||||
# as directory, then fall back to displaying a 404.
|
|
||||||
try_files $uri $uri/ =404;
|
|
||||||
}
|
|
||||||
|
|
||||||
location /stub_status {
|
|
||||||
stub_status on;
|
|
||||||
access_log off;
|
|
||||||
allow 127.0.0.1;
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
# Status pages
|
|
||||||
location /nginx_status {
|
|
||||||
stub_status on;
|
|
||||||
access_log off;
|
|
||||||
allow 127.0.0.1;
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
|
|
||||||
# phpfpm pool monitoring
|
|
||||||
location ~ ^/(status|ping) {
|
|
||||||
include fastcgi_params;
|
|
||||||
fastcgi_pass php7;
|
|
||||||
include common/acl.conf;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
|
||||||
#
|
|
||||||
#location ~ \.php$ {
|
|
||||||
# include snippets/fastcgi-php.conf;
|
|
||||||
#
|
|
||||||
# # With php5-cgi alone:
|
|
||||||
# fastcgi_pass 127.0.0.1:9000;
|
|
||||||
# # With php5-fpm:
|
|
||||||
# fastcgi_pass unix:/var/run/php5-fpm.sock;
|
|
||||||
#}
|
|
||||||
|
|
||||||
# deny access to .htaccess files, if Apache's document root
|
|
||||||
# concurs with nginx's one
|
|
||||||
#
|
|
||||||
#location ~ /\.ht {
|
|
||||||
# deny all;
|
|
||||||
#}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
# Virtual Host configuration for example.com
|
|
||||||
#
|
|
||||||
# You can move that to a different file under sites-available/ and symlink that
|
|
||||||
# to sites-enabled/ to enable it.
|
|
||||||
#
|
|
||||||
#server {
|
|
||||||
# listen 80;
|
|
||||||
# listen [::]:80;
|
|
||||||
#
|
|
||||||
# server_name example.com;
|
|
||||||
#
|
|
||||||
# root /var/www/example.com;
|
|
||||||
# index index.html;
|
|
||||||
#
|
|
||||||
# location / {
|
|
||||||
# try_files $uri $uri/ =404;
|
|
||||||
# }
|
|
||||||
#}
|
|
|
@ -1,72 +0,0 @@
|
||||||
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
|
|
||||||
|
|
||||||
driftfile /var/lib/ntp/ntp.drift
|
|
||||||
|
|
||||||
# Enable this if you want statistics to be logged.
|
|
||||||
#statsdir /var/log/ntpstats/
|
|
||||||
|
|
||||||
statistics loopstats peerstats clockstats
|
|
||||||
filegen loopstats file loopstats type day enable
|
|
||||||
filegen peerstats file peerstats type day enable
|
|
||||||
filegen clockstats file clockstats type day enable
|
|
||||||
|
|
||||||
# Specify one or more NTP servers.
|
|
||||||
|
|
||||||
# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
|
|
||||||
# on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for
|
|
||||||
# more information.
|
|
||||||
#pool 0.ubuntu.pool.ntp.org iburst
|
|
||||||
#pool 1.ubuntu.pool.ntp.org iburst
|
|
||||||
#pool 2.ubuntu.pool.ntp.org iburst
|
|
||||||
#pool 3.ubuntu.pool.ntp.org iburst
|
|
||||||
|
|
||||||
server 0.fr.pool.ntp.org
|
|
||||||
server 1.fr.pool.ntp.org
|
|
||||||
server 2.fr.pool.ntp.org
|
|
||||||
server 3.fr.pool.ntp.org
|
|
||||||
|
|
||||||
|
|
||||||
# Use Ubuntu's ntp server as a fallback.
|
|
||||||
#pool ntp.ubuntu.com
|
|
||||||
|
|
||||||
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
|
|
||||||
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
|
|
||||||
# might also be helpful.
|
|
||||||
#
|
|
||||||
# Note that "restrict" applies to both servers and clients, so a configuration
|
|
||||||
# that might be intended to block requests from certain clients could also end
|
|
||||||
# up blocking replies from your own upstream servers.
|
|
||||||
|
|
||||||
# By default, exchange time with everybody, but don't allow configuration.
|
|
||||||
restrict -4 default kod notrap nomodify nopeer noquery limited
|
|
||||||
restrict -6 default kod notrap nomodify nopeer noquery limited
|
|
||||||
|
|
||||||
# Local users may interrogate the ntp server more closely.
|
|
||||||
restrict 127.0.0.1
|
|
||||||
restrict ::1
|
|
||||||
|
|
||||||
# Needed for adding pool entries
|
|
||||||
restrict source notrap nomodify noquery
|
|
||||||
|
|
||||||
# Clients from this (example!) subnet have unlimited access, but only if
|
|
||||||
# cryptographically authenticated.
|
|
||||||
#restrict 192.168.123.0 mask 255.255.255.0 notrust
|
|
||||||
|
|
||||||
|
|
||||||
# If you want to provide time to your local subnet, change the next line.
|
|
||||||
# (Again, the address is an example only.)
|
|
||||||
#broadcast 192.168.123.255
|
|
||||||
|
|
||||||
# If you want to listen to time broadcasts on your local subnet, de-comment the
|
|
||||||
# next lines. Please do this only if you trust everybody on the network!
|
|
||||||
#disable auth
|
|
||||||
#broadcastclient
|
|
||||||
|
|
||||||
#Changes recquired to use pps synchonisation as explained in documentation:
|
|
||||||
#http://www.ntp.org/ntpfaq/NTP-s-config-adv.htm#AEN3918
|
|
||||||
|
|
||||||
#server 127.127.8.1 mode 135 prefer # Meinberg GPS167 with PPS
|
|
||||||
#fudge 127.127.8.1 time1 0.0042 # relative to PPS for my hardware
|
|
||||||
|
|
||||||
#server 127.127.22.1 # ATOM(PPS)
|
|
||||||
#fudge 127.127.22.1 flag3 1 # enable PPS API
|
|
|
@ -1,191 +0,0 @@
|
||||||
[PHP]
|
|
||||||
engine = On
|
|
||||||
short_open_tag = Off
|
|
||||||
precision = 14
|
|
||||||
output_buffering = 8096
|
|
||||||
zlib.output_compression = Off
|
|
||||||
implicit_flush = Off
|
|
||||||
unserialize_callback_func =
|
|
||||||
serialize_precision = 17
|
|
||||||
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
|
|
||||||
disable_classes =
|
|
||||||
zend.enable_gc = On
|
|
||||||
expose_php = Off
|
|
||||||
max_execution_time = 300
|
|
||||||
max_input_time = 600
|
|
||||||
max_input_vars = 10000
|
|
||||||
memory_limit = -1
|
|
||||||
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
|
|
||||||
display_errors = Off
|
|
||||||
display_startup_errors = Off
|
|
||||||
log_errors = On
|
|
||||||
log_errors_max_len = 1024
|
|
||||||
ignore_repeated_errors = Off
|
|
||||||
ignore_repeated_source = Off
|
|
||||||
report_memleaks = On
|
|
||||||
track_errors = Off
|
|
||||||
html_errors = On
|
|
||||||
variables_order = "GPCS"
|
|
||||||
request_order = "GP"
|
|
||||||
register_argc_argv = Off
|
|
||||||
auto_globals_jit = On
|
|
||||||
post_max_size = 128M
|
|
||||||
auto_prepend_file =
|
|
||||||
auto_append_file =
|
|
||||||
default_mimetype = "text/html"
|
|
||||||
default_charset = "UTF-8"
|
|
||||||
doc_root =
|
|
||||||
user_dir =
|
|
||||||
enable_dl = Off
|
|
||||||
file_uploads = On
|
|
||||||
upload_max_filesize = 128M
|
|
||||||
max_file_uploads = 20
|
|
||||||
allow_url_fopen = On
|
|
||||||
allow_url_include = Off
|
|
||||||
default_socket_timeout = 60
|
|
||||||
|
|
||||||
[CLI Server]
|
|
||||||
cli_server.color = On
|
|
||||||
|
|
||||||
[Date]
|
|
||||||
date.timezone = Europe/Paris
|
|
||||||
|
|
||||||
[filter]
|
|
||||||
|
|
||||||
[iconv]
|
|
||||||
|
|
||||||
[intl]
|
|
||||||
|
|
||||||
[sqlite3]
|
|
||||||
|
|
||||||
[Pcre]
|
|
||||||
|
|
||||||
[Pdo]
|
|
||||||
|
|
||||||
[Pdo_mysql]
|
|
||||||
pdo_mysql.cache_size = 2000
|
|
||||||
pdo_mysql.default_socket =
|
|
||||||
|
|
||||||
[Phar]
|
|
||||||
|
|
||||||
[mail function]
|
|
||||||
smtp = localhost
|
|
||||||
smtp_port = 25
|
|
||||||
mail.add_x_header = On
|
|
||||||
|
|
||||||
[SQL]
|
|
||||||
sql.safe_mode = Off
|
|
||||||
|
|
||||||
[ODBC]
|
|
||||||
odbc.allow_persistent = On
|
|
||||||
odbc.check_persistent = On
|
|
||||||
odbc.max_persistent = -1
|
|
||||||
odbc.max_links = -1
|
|
||||||
odbc.defaultlrl = 4096
|
|
||||||
odbc.defaultbinmode = 1
|
|
||||||
|
|
||||||
[Interbase]
|
|
||||||
ibase.allow_persistent = 1
|
|
||||||
ibase.max_persistent = -1
|
|
||||||
ibase.max_links = -1
|
|
||||||
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
|
|
||||||
ibase.dateformat = "%Y-%m-%d"
|
|
||||||
ibase.timeformat = "%H:%M:%S"
|
|
||||||
|
|
||||||
[MySQLi]
|
|
||||||
mysqli.max_persistent = -1
|
|
||||||
mysqli.allow_persistent = On
|
|
||||||
mysqli.max_links = -1
|
|
||||||
mysqli.cache_size = 2000
|
|
||||||
mysqli.default_port = 3306
|
|
||||||
mysqli.default_socket =
|
|
||||||
mysqli.default_host =
|
|
||||||
mysqli.default_user =
|
|
||||||
mysqli.default_pw =
|
|
||||||
mysqli.reconnect = Off
|
|
||||||
|
|
||||||
[mysqlnd]
|
|
||||||
mysqlnd.collect_statistics = On
|
|
||||||
mysqlnd.collect_memory_statistics = Off
|
|
||||||
|
|
||||||
[OCI8]
|
|
||||||
|
|
||||||
[OCI8]
|
|
||||||
|
|
||||||
[PostgreSQL]
|
|
||||||
pgsql.allow_persistent = On
|
|
||||||
pgsql.auto_reset_persistent = Off
|
|
||||||
pgsql.max_persistent = -1
|
|
||||||
pgsql.max_links = -1
|
|
||||||
pgsql.ignore_notice = 0
|
|
||||||
pgsql.log_notice = 0
|
|
||||||
|
|
||||||
[bcmath]
|
|
||||||
bcmath.scale = 0
|
|
||||||
|
|
||||||
[browscap]
|
|
||||||
|
|
||||||
[Session]
|
|
||||||
session.save_handler = files
|
|
||||||
session.use_strict_mode = 0
|
|
||||||
session.use_cookies = 1
|
|
||||||
session.use_only_cookies = 1
|
|
||||||
session.name = PHPSESSID
|
|
||||||
session.auto_start = 0
|
|
||||||
session.cookie_lifetime = 0
|
|
||||||
session.cookie_path = /
|
|
||||||
session.cookie_domain =
|
|
||||||
session.cookie_httponly =
|
|
||||||
session.serialize_handler = php
|
|
||||||
session.gc_probability = 0
|
|
||||||
session.gc_divisor = 1000
|
|
||||||
session.gc_maxlifetime = 1440
|
|
||||||
session.referer_check =
|
|
||||||
session.cache_limiter = nocache
|
|
||||||
session.cache_expire = 180
|
|
||||||
session.use_trans_sid = 0
|
|
||||||
|
|
||||||
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
|
|
||||||
|
|
||||||
[Assertion]
|
|
||||||
zend.assertions = -1
|
|
||||||
|
|
||||||
[COM]
|
|
||||||
|
|
||||||
[mbstring]
|
|
||||||
|
|
||||||
[gd]
|
|
||||||
|
|
||||||
[exif]
|
|
||||||
|
|
||||||
[Tidy]
|
|
||||||
tidy.clean_output = Off
|
|
||||||
|
|
||||||
[soap]
|
|
||||||
soap.wsdl_cache_enabled = 1
|
|
||||||
soap.wsdl_cache_dir = "/tmp"
|
|
||||||
soap.wsdl_cache_ttl = 86400
|
|
||||||
soap.wsdl_cache_limit = 5
|
|
||||||
|
|
||||||
[sysvshm]
|
|
||||||
|
|
||||||
[ldap]
|
|
||||||
ldap.max_links = -1
|
|
||||||
|
|
||||||
[mcrypt]
|
|
||||||
|
|
||||||
[dba]
|
|
||||||
|
|
||||||
[opcache]
|
|
||||||
opcache.enable=1
|
|
||||||
opcache.enable_cli=1
|
|
||||||
opcache.interned_strings_buffer=8
|
|
||||||
opcache.max_accelerated_files=10000
|
|
||||||
opcache.memory_consumption=256
|
|
||||||
opcache.save_comments=1
|
|
||||||
opcache.revalidate_freq=1
|
|
||||||
|
|
||||||
|
|
||||||
[curl]
|
|
||||||
|
|
||||||
[openssl]
|
|
|
@ -1,191 +0,0 @@
|
||||||
[PHP]
|
|
||||||
engine = On
|
|
||||||
short_open_tag = Off
|
|
||||||
precision = 14
|
|
||||||
output_buffering = 8096
|
|
||||||
zlib.output_compression = Off
|
|
||||||
implicit_flush = Off
|
|
||||||
unserialize_callback_func =
|
|
||||||
serialize_precision = 17
|
|
||||||
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
|
|
||||||
disable_classes =
|
|
||||||
zend.enable_gc = On
|
|
||||||
expose_php = Off
|
|
||||||
max_execution_time = 300
|
|
||||||
max_input_time = 600
|
|
||||||
max_input_vars = 10000
|
|
||||||
memory_limit = 256M
|
|
||||||
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
|
|
||||||
display_errors = Off
|
|
||||||
display_startup_errors = Off
|
|
||||||
log_errors = On
|
|
||||||
log_errors_max_len = 1024
|
|
||||||
ignore_repeated_errors = Off
|
|
||||||
ignore_repeated_source = Off
|
|
||||||
report_memleaks = On
|
|
||||||
track_errors = Off
|
|
||||||
html_errors = On
|
|
||||||
variables_order = "GPCS"
|
|
||||||
request_order = "GP"
|
|
||||||
register_argc_argv = Off
|
|
||||||
auto_globals_jit = On
|
|
||||||
post_max_size = 128M
|
|
||||||
auto_prepend_file =
|
|
||||||
auto_append_file =
|
|
||||||
default_mimetype = "text/html"
|
|
||||||
default_charset = "UTF-8"
|
|
||||||
doc_root =
|
|
||||||
user_dir =
|
|
||||||
enable_dl = Off
|
|
||||||
file_uploads = On
|
|
||||||
upload_max_filesize = 128M
|
|
||||||
max_file_uploads = 20
|
|
||||||
allow_url_fopen = On
|
|
||||||
allow_url_include = Off
|
|
||||||
default_socket_timeout = 60
|
|
||||||
|
|
||||||
[CLI Server]
|
|
||||||
cli_server.color = On
|
|
||||||
|
|
||||||
[Date]
|
|
||||||
date.timezone = Europe/Paris
|
|
||||||
|
|
||||||
[filter]
|
|
||||||
|
|
||||||
[iconv]
|
|
||||||
|
|
||||||
[intl]
|
|
||||||
|
|
||||||
[sqlite3]
|
|
||||||
|
|
||||||
[Pcre]
|
|
||||||
|
|
||||||
[Pdo]
|
|
||||||
|
|
||||||
[Pdo_mysql]
|
|
||||||
pdo_mysql.cache_size = 2000
|
|
||||||
pdo_mysql.default_socket =
|
|
||||||
|
|
||||||
[Phar]
|
|
||||||
|
|
||||||
[mail function]
|
|
||||||
smtp = localhost
|
|
||||||
smtp_port = 25
|
|
||||||
mail.add_x_header = On
|
|
||||||
|
|
||||||
[SQL]
|
|
||||||
sql.safe_mode = Off
|
|
||||||
|
|
||||||
[ODBC]
|
|
||||||
odbc.allow_persistent = On
|
|
||||||
odbc.check_persistent = On
|
|
||||||
odbc.max_persistent = -1
|
|
||||||
odbc.max_links = -1
|
|
||||||
odbc.defaultlrl = 4096
|
|
||||||
odbc.defaultbinmode = 1
|
|
||||||
|
|
||||||
[Interbase]
|
|
||||||
ibase.allow_persistent = 1
|
|
||||||
ibase.max_persistent = -1
|
|
||||||
ibase.max_links = -1
|
|
||||||
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
|
|
||||||
ibase.dateformat = "%Y-%m-%d"
|
|
||||||
ibase.timeformat = "%H:%M:%S"
|
|
||||||
|
|
||||||
[MySQLi]
|
|
||||||
mysqli.max_persistent = -1
|
|
||||||
mysqli.allow_persistent = On
|
|
||||||
mysqli.max_links = -1
|
|
||||||
mysqli.cache_size = 2000
|
|
||||||
mysqli.default_port = 3306
|
|
||||||
mysqli.default_socket =
|
|
||||||
mysqli.default_host =
|
|
||||||
mysqli.default_user =
|
|
||||||
mysqli.default_pw =
|
|
||||||
mysqli.reconnect = Off
|
|
||||||
|
|
||||||
[mysqlnd]
|
|
||||||
mysqlnd.collect_statistics = On
|
|
||||||
mysqlnd.collect_memory_statistics = Off
|
|
||||||
|
|
||||||
[OCI8]
|
|
||||||
|
|
||||||
[OCI8]
|
|
||||||
|
|
||||||
[PostgreSQL]
|
|
||||||
pgsql.allow_persistent = On
|
|
||||||
pgsql.auto_reset_persistent = Off
|
|
||||||
pgsql.max_persistent = -1
|
|
||||||
pgsql.max_links = -1
|
|
||||||
pgsql.ignore_notice = 0
|
|
||||||
pgsql.log_notice = 0
|
|
||||||
|
|
||||||
[bcmath]
|
|
||||||
bcmath.scale = 0
|
|
||||||
|
|
||||||
[browscap]
|
|
||||||
|
|
||||||
[Session]
|
|
||||||
session.save_handler = files
|
|
||||||
session.use_strict_mode = 0
|
|
||||||
session.use_cookies = 1
|
|
||||||
session.use_only_cookies = 1
|
|
||||||
session.name = PHPSESSID
|
|
||||||
session.auto_start = 0
|
|
||||||
session.cookie_lifetime = 0
|
|
||||||
session.cookie_path = /
|
|
||||||
session.cookie_domain =
|
|
||||||
session.cookie_httponly =
|
|
||||||
session.serialize_handler = php
|
|
||||||
session.gc_probability = 0
|
|
||||||
session.gc_divisor = 1000
|
|
||||||
session.gc_maxlifetime = 1440
|
|
||||||
session.referer_check =
|
|
||||||
session.cache_limiter = nocache
|
|
||||||
session.cache_expire = 180
|
|
||||||
session.use_trans_sid = 0
|
|
||||||
|
|
||||||
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
|
|
||||||
|
|
||||||
[Assertion]
|
|
||||||
zend.assertions = -1
|
|
||||||
|
|
||||||
[COM]
|
|
||||||
|
|
||||||
[mbstring]
|
|
||||||
|
|
||||||
[gd]
|
|
||||||
|
|
||||||
[exif]
|
|
||||||
|
|
||||||
[Tidy]
|
|
||||||
tidy.clean_output = Off
|
|
||||||
|
|
||||||
[soap]
|
|
||||||
soap.wsdl_cache_enabled = 1
|
|
||||||
soap.wsdl_cache_dir = "/tmp"
|
|
||||||
soap.wsdl_cache_ttl = 86400
|
|
||||||
soap.wsdl_cache_limit = 5
|
|
||||||
|
|
||||||
[sysvshm]
|
|
||||||
|
|
||||||
[ldap]
|
|
||||||
ldap.max_links = -1
|
|
||||||
|
|
||||||
[mcrypt]
|
|
||||||
|
|
||||||
[dba]
|
|
||||||
|
|
||||||
[opcache]
|
|
||||||
opcache.enable=1
|
|
||||||
opcache.enable_cli=1
|
|
||||||
opcache.interned_strings_buffer=8
|
|
||||||
opcache.max_accelerated_files=10000
|
|
||||||
opcache.memory_consumption=256
|
|
||||||
opcache.save_comments=1
|
|
||||||
opcache.revalidate_freq=1
|
|
||||||
|
|
||||||
|
|
||||||
[curl]
|
|
||||||
|
|
||||||
[openssl]
|
|
|
@ -1,190 +0,0 @@
|
||||||
[PHP]
|
|
||||||
|
|
||||||
engine = On
|
|
||||||
short_open_tag = Off
|
|
||||||
precision = 14
|
|
||||||
output_buffering = 4096
|
|
||||||
zlib.output_compression = Off
|
|
||||||
implicit_flush = Off
|
|
||||||
unserialize_callback_func =
|
|
||||||
serialize_precision = -1
|
|
||||||
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
|
|
||||||
disable_classes =
|
|
||||||
zend.enable_gc = On
|
|
||||||
expose_php = Off
|
|
||||||
max_execution_time = 300
|
|
||||||
max_input_time = 600
|
|
||||||
max_input_vars = 20000
|
|
||||||
memory_limit = -1
|
|
||||||
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
|
|
||||||
display_errors = Off
|
|
||||||
display_startup_errors = Off
|
|
||||||
log_errors = On
|
|
||||||
log_errors_max_len = 1024
|
|
||||||
ignore_repeated_errors = Off
|
|
||||||
ignore_repeated_source = Off
|
|
||||||
report_memleaks = On
|
|
||||||
track_errors = Off
|
|
||||||
html_errors = On
|
|
||||||
variables_order = "GPCS"
|
|
||||||
request_order = "GP"
|
|
||||||
register_argc_argv = Off
|
|
||||||
auto_globals_jit = On
|
|
||||||
post_max_size = 128M
|
|
||||||
auto_prepend_file =
|
|
||||||
auto_append_file =
|
|
||||||
default_mimetype = "text/html"
|
|
||||||
default_charset = "UTF-8"
|
|
||||||
doc_root =
|
|
||||||
user_dir =
|
|
||||||
enable_dl = Off
|
|
||||||
file_uploads = On
|
|
||||||
upload_max_filesize = 128M
|
|
||||||
max_file_uploads = 20
|
|
||||||
allow_url_fopen = On
|
|
||||||
allow_url_include = Off
|
|
||||||
default_socket_timeout = 60
|
|
||||||
|
|
||||||
[CLI Server]
|
|
||||||
cli_server.color = On
|
|
||||||
|
|
||||||
[Date]
|
|
||||||
date.timezone = Europe/Paris
|
|
||||||
|
|
||||||
[filter]
|
|
||||||
|
|
||||||
[iconv]
|
|
||||||
|
|
||||||
[intl]
|
|
||||||
|
|
||||||
[sqlite3]
|
|
||||||
|
|
||||||
[Pcre]
|
|
||||||
|
|
||||||
[Pdo]
|
|
||||||
|
|
||||||
[Pdo_mysql]
|
|
||||||
pdo_mysql.cache_size = 2000
|
|
||||||
pdo_mysql.default_socket=
|
|
||||||
|
|
||||||
[Phar]
|
|
||||||
|
|
||||||
[mail function]
|
|
||||||
SMTP = localhost
|
|
||||||
smtp_port = 25
|
|
||||||
mail.add_x_header = On
|
|
||||||
|
|
||||||
[SQL]
|
|
||||||
sql.safe_mode = Off
|
|
||||||
|
|
||||||
[ODBC]
|
|
||||||
odbc.allow_persistent = On
|
|
||||||
odbc.check_persistent = On
|
|
||||||
odbc.max_persistent = -1
|
|
||||||
odbc.max_links = -1
|
|
||||||
odbc.defaultlrl = 4096
|
|
||||||
odbc.defaultbinmode = 1
|
|
||||||
|
|
||||||
[Interbase]
|
|
||||||
ibase.allow_persistent = 1
|
|
||||||
ibase.max_persistent = -1
|
|
||||||
ibase.max_links = -1
|
|
||||||
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
|
|
||||||
ibase.dateformat = "%Y-%m-%d"
|
|
||||||
ibase.timeformat = "%H:%M:%S"
|
|
||||||
|
|
||||||
[MySQLi]
|
|
||||||
mysqli.max_persistent = -1
|
|
||||||
mysqli.allow_persistent = On
|
|
||||||
mysqli.max_links = -1
|
|
||||||
mysqli.cache_size = 2000
|
|
||||||
mysqli.default_port = 3306
|
|
||||||
mysqli.default_socket =
|
|
||||||
mysqli.default_host =
|
|
||||||
mysqli.default_user =
|
|
||||||
mysqli.default_pw =
|
|
||||||
mysqli.reconnect = Off
|
|
||||||
|
|
||||||
[mysqlnd]
|
|
||||||
mysqlnd.collect_statistics = On
|
|
||||||
mysqlnd.collect_memory_statistics = Off
|
|
||||||
|
|
||||||
[OCI8]
|
|
||||||
|
|
||||||
[PostgreSQL]
|
|
||||||
pgsql.allow_persistent = On
|
|
||||||
pgsql.auto_reset_persistent = Off
|
|
||||||
pgsql.max_persistent = -1
|
|
||||||
pgsql.max_links = -1
|
|
||||||
pgsql.ignore_notice = 0
|
|
||||||
pgsql.log_notice = 0
|
|
||||||
|
|
||||||
[bcmath]
|
|
||||||
bcmath.scale = 0
|
|
||||||
|
|
||||||
[browscap]
|
|
||||||
|
|
||||||
[Session]
|
|
||||||
session.save_handler = files
|
|
||||||
session.use_strict_mode = 0
|
|
||||||
session.use_cookies = 1
|
|
||||||
session.cookie_secure = 1
|
|
||||||
session.use_only_cookies = 1
|
|
||||||
session.name = PHPSESSID
|
|
||||||
session.auto_start = 0
|
|
||||||
session.cookie_lifetime = 0
|
|
||||||
session.cookie_path = /
|
|
||||||
session.cookie_domain =
|
|
||||||
session.cookie_httponly = 1
|
|
||||||
session.serialize_handler = php
|
|
||||||
session.gc_probability = 0
|
|
||||||
session.gc_divisor = 1000
|
|
||||||
session.gc_maxlifetime = 1440
|
|
||||||
session.referer_check =
|
|
||||||
session.cache_limiter = nocache
|
|
||||||
session.cache_expire = 180
|
|
||||||
session.use_trans_sid = 0
|
|
||||||
session.sid_length = 26
|
|
||||||
session.trans_sid_tags = "a=href,area=href,frame=src,form="
|
|
||||||
session.sid_bits_per_character = 5
|
|
||||||
|
|
||||||
[Assertion]
|
|
||||||
zend.assertions = -1
|
|
||||||
|
|
||||||
[COM]
|
|
||||||
|
|
||||||
[mbstring]
|
|
||||||
|
|
||||||
[gd]
|
|
||||||
|
|
||||||
[exif]
|
|
||||||
|
|
||||||
[Tidy]
|
|
||||||
tidy.clean_output = Off
|
|
||||||
|
|
||||||
[soap]
|
|
||||||
soap.wsdl_cache_enabled=1
|
|
||||||
soap.wsdl_cache_dir="/tmp"
|
|
||||||
soap.wsdl_cache_ttl=86400
|
|
||||||
soap.wsdl_cache_limit = 5
|
|
||||||
|
|
||||||
[sysvshm]
|
|
||||||
|
|
||||||
[ldap]
|
|
||||||
ldap.max_links = -1
|
|
||||||
|
|
||||||
[mcrypt]
|
|
||||||
|
|
||||||
[dba]
|
|
||||||
|
|
||||||
[opcache]
|
|
||||||
opcache.enable=1
|
|
||||||
opcache.enable_cli=1
|
|
||||||
opcache.interned_strings_buffer=8
|
|
||||||
opcache.max_accelerated_files=10000
|
|
||||||
opcache.memory_consumption=256
|
|
||||||
opcache.save_comments=1
|
|
||||||
opcache.revalidate_freq=1
|
|
||||||
|
|
||||||
[curl]
|
|
||||||
[openssl]
|
|
|
@ -1,191 +0,0 @@
|
||||||
[PHP]
|
|
||||||
|
|
||||||
engine = On
|
|
||||||
short_open_tag = Off
|
|
||||||
precision = 14
|
|
||||||
output_buffering = 4096
|
|
||||||
zlib.output_compression = Off
|
|
||||||
implicit_flush = Off
|
|
||||||
unserialize_callback_func =
|
|
||||||
serialize_precision = -1
|
|
||||||
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
|
|
||||||
disable_classes =
|
|
||||||
zend.enable_gc = On
|
|
||||||
expose_php = Off
|
|
||||||
max_execution_time = 300
|
|
||||||
max_input_time = 600
|
|
||||||
max_input_vars = 10000
|
|
||||||
memory_limit = 256M
|
|
||||||
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
|
|
||||||
display_errors = Off
|
|
||||||
display_startup_errors = Off
|
|
||||||
log_errors = On
|
|
||||||
log_errors_max_len = 1024
|
|
||||||
ignore_repeated_errors = Off
|
|
||||||
ignore_repeated_source = Off
|
|
||||||
report_memleaks = On
|
|
||||||
track_errors = Off
|
|
||||||
html_errors = On
|
|
||||||
variables_order = "GPCS"
|
|
||||||
request_order = "GP"
|
|
||||||
register_argc_argv = Off
|
|
||||||
auto_globals_jit = On
|
|
||||||
post_max_size = 128M
|
|
||||||
auto_prepend_file =
|
|
||||||
auto_append_file =
|
|
||||||
default_mimetype = "text/html"
|
|
||||||
default_charset = "UTF-8"
|
|
||||||
doc_root =
|
|
||||||
user_dir =
|
|
||||||
enable_dl = Off
|
|
||||||
file_uploads = On
|
|
||||||
upload_max_filesize = 128M
|
|
||||||
max_file_uploads = 20
|
|
||||||
allow_url_fopen = On
|
|
||||||
allow_url_include = Off
|
|
||||||
default_socket_timeout = 60
|
|
||||||
|
|
||||||
[CLI Server]
|
|
||||||
cli_server.color = On
|
|
||||||
|
|
||||||
[Date]
|
|
||||||
date.timezone = Europe/Paris
|
|
||||||
|
|
||||||
[filter]
|
|
||||||
|
|
||||||
[iconv]
|
|
||||||
|
|
||||||
[intl]
|
|
||||||
|
|
||||||
[sqlite3]
|
|
||||||
|
|
||||||
[Pcre]
|
|
||||||
|
|
||||||
[Pdo]
|
|
||||||
|
|
||||||
[Pdo_mysql]
|
|
||||||
pdo_mysql.cache_size = 2000
|
|
||||||
pdo_mysql.default_socket=
|
|
||||||
|
|
||||||
[Phar]
|
|
||||||
|
|
||||||
[mail function]
|
|
||||||
SMTP = localhost
|
|
||||||
smtp_port = 25
|
|
||||||
mail.add_x_header = On
|
|
||||||
|
|
||||||
[SQL]
|
|
||||||
sql.safe_mode = Off
|
|
||||||
|
|
||||||
[ODBC]
|
|
||||||
odbc.allow_persistent = On
|
|
||||||
odbc.check_persistent = On
|
|
||||||
odbc.max_persistent = -1
|
|
||||||
odbc.max_links = -1
|
|
||||||
odbc.defaultlrl = 4096
|
|
||||||
odbc.defaultbinmode = 1
|
|
||||||
|
|
||||||
[Interbase]
|
|
||||||
ibase.allow_persistent = 1
|
|
||||||
ibase.max_persistent = -1
|
|
||||||
ibase.max_links = -1
|
|
||||||
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
|
|
||||||
ibase.dateformat = "%Y-%m-%d"
|
|
||||||
ibase.timeformat = "%H:%M:%S"
|
|
||||||
|
|
||||||
[MySQLi]
|
|
||||||
mysqli.max_persistent = -1
|
|
||||||
mysqli.allow_persistent = On
|
|
||||||
mysqli.max_links = -1
|
|
||||||
mysqli.cache_size = 2000
|
|
||||||
mysqli.default_port = 3306
|
|
||||||
mysqli.default_socket =
|
|
||||||
mysqli.default_host =
|
|
||||||
mysqli.default_user =
|
|
||||||
mysqli.default_pw =
|
|
||||||
mysqli.reconnect = Off
|
|
||||||
|
|
||||||
[mysqlnd]
|
|
||||||
mysqlnd.collect_statistics = On
|
|
||||||
mysqlnd.collect_memory_statistics = Off
|
|
||||||
|
|
||||||
[OCI8]
|
|
||||||
|
|
||||||
[PostgreSQL]
|
|
||||||
pgsql.allow_persistent = On
|
|
||||||
pgsql.auto_reset_persistent = Off
|
|
||||||
pgsql.max_persistent = -1
|
|
||||||
pgsql.max_links = -1
|
|
||||||
pgsql.ignore_notice = 0
|
|
||||||
pgsql.log_notice = 0
|
|
||||||
|
|
||||||
[bcmath]
|
|
||||||
bcmath.scale = 0
|
|
||||||
|
|
||||||
[browscap]
|
|
||||||
|
|
||||||
[Session]
|
|
||||||
session.save_handler = files
|
|
||||||
session.use_strict_mode = 0
|
|
||||||
session.use_cookies = 1
|
|
||||||
session.cookie_secure = 1
|
|
||||||
session.use_only_cookies = 1
|
|
||||||
session.name = PHPSESSID
|
|
||||||
session.auto_start = 0
|
|
||||||
session.cookie_lifetime = 0
|
|
||||||
session.cookie_path = /
|
|
||||||
session.cookie_domain =
|
|
||||||
session.cookie_httponly = 1
|
|
||||||
session.serialize_handler = php
|
|
||||||
session.gc_probability = 0
|
|
||||||
session.gc_divisor = 1000
|
|
||||||
session.gc_maxlifetime = 1440
|
|
||||||
session.referer_check =
|
|
||||||
session.cache_limiter = nocache
|
|
||||||
session.cache_expire = 180
|
|
||||||
session.use_trans_sid = 0
|
|
||||||
session.sid_length = 26
|
|
||||||
session.trans_sid_tags = "a=href,area=href,frame=src,form="
|
|
||||||
session.sid_bits_per_character = 5
|
|
||||||
|
|
||||||
[Assertion]
|
|
||||||
zend.assertions = -1
|
|
||||||
|
|
||||||
[COM]
|
|
||||||
|
|
||||||
[mbstring]
|
|
||||||
|
|
||||||
[gd]
|
|
||||||
|
|
||||||
[exif]
|
|
||||||
|
|
||||||
[Tidy]
|
|
||||||
tidy.clean_output = Off
|
|
||||||
|
|
||||||
[soap]
|
|
||||||
soap.wsdl_cache_enabled=1
|
|
||||||
soap.wsdl_cache_dir="/tmp"
|
|
||||||
soap.wsdl_cache_ttl=86400
|
|
||||||
soap.wsdl_cache_limit = 5
|
|
||||||
|
|
||||||
[sysvshm]
|
|
||||||
|
|
||||||
[ldap]
|
|
||||||
ldap.max_links = -1
|
|
||||||
|
|
||||||
[mcrypt]
|
|
||||||
|
|
||||||
[dba]
|
|
||||||
|
|
||||||
[opcache]
|
|
||||||
opcache.enable=1
|
|
||||||
opcache.enable_cli=1
|
|
||||||
opcache.interned_strings_buffer=8
|
|
||||||
opcache.max_accelerated_files=10000
|
|
||||||
opcache.memory_consumption=256
|
|
||||||
opcache.save_comments=1
|
|
||||||
opcache.revalidate_freq=1
|
|
||||||
|
|
||||||
[curl]
|
|
||||||
|
|
||||||
[openssl]
|
|
|
@ -1,15 +0,0 @@
|
||||||
[www]
|
|
||||||
user = www-data
|
|
||||||
group = www-data
|
|
||||||
listen = 127.0.0.1:9080
|
|
||||||
listen.owner = www-data
|
|
||||||
listen.group = www-data
|
|
||||||
pm = ondemand
|
|
||||||
pm.max_children = 100
|
|
||||||
pm.start_servers = 20
|
|
||||||
pm.min_spare_servers = 10
|
|
||||||
pm.max_spare_servers = 30
|
|
||||||
ping.path = /ping
|
|
||||||
pm.status_path = /status
|
|
||||||
pm.max_requests = 500
|
|
||||||
request_terminate_timeout = 300
|
|
|
@ -1,185 +0,0 @@
|
||||||
[PHP]
|
|
||||||
|
|
||||||
engine = On
|
|
||||||
short_open_tag = Off
|
|
||||||
precision = 14
|
|
||||||
output_buffering = 4096
|
|
||||||
zlib.output_compression = Off
|
|
||||||
implicit_flush = Off
|
|
||||||
unserialize_callback_func =
|
|
||||||
serialize_precision = -1
|
|
||||||
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
|
|
||||||
disable_classes =
|
|
||||||
zend.enable_gc = On
|
|
||||||
expose_php = Off
|
|
||||||
max_execution_time = 300
|
|
||||||
max_input_vars = 10000
|
|
||||||
max_input_time = 600
|
|
||||||
memory_limit = -1
|
|
||||||
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
|
|
||||||
display_errors = Off
|
|
||||||
display_startup_errors = Off
|
|
||||||
log_errors = On
|
|
||||||
log_errors_max_len = 1024
|
|
||||||
ignore_repeated_errors = Off
|
|
||||||
ignore_repeated_source = Off
|
|
||||||
report_memleaks = On
|
|
||||||
html_errors = On
|
|
||||||
variables_order = "GPCS"
|
|
||||||
request_order = "GP"
|
|
||||||
register_argc_argv = Off
|
|
||||||
auto_globals_jit = On
|
|
||||||
post_max_size = 128M
|
|
||||||
auto_prepend_file =
|
|
||||||
auto_append_file =
|
|
||||||
default_mimetype = "text/html"
|
|
||||||
default_charset = "UTF-8"
|
|
||||||
doc_root =
|
|
||||||
user_dir =
|
|
||||||
enable_dl = Off
|
|
||||||
file_uploads = On
|
|
||||||
upload_max_filesize = 128M
|
|
||||||
max_file_uploads = 20
|
|
||||||
allow_url_fopen = On
|
|
||||||
allow_url_include = Off
|
|
||||||
default_socket_timeout = 60
|
|
||||||
|
|
||||||
[CLI Server]
|
|
||||||
cli_server.color = On
|
|
||||||
|
|
||||||
[Date]
|
|
||||||
date.timezone = Europe/Paris
|
|
||||||
|
|
||||||
[filter]
|
|
||||||
|
|
||||||
[iconv]
|
|
||||||
|
|
||||||
[intl]
|
|
||||||
|
|
||||||
[sqlite3]
|
|
||||||
|
|
||||||
[Pcre]
|
|
||||||
|
|
||||||
[Pdo]
|
|
||||||
|
|
||||||
[Pdo_mysql]
|
|
||||||
pdo_mysql.cache_size = 2000
|
|
||||||
pdo_mysql.default_socket=
|
|
||||||
|
|
||||||
[Phar]
|
|
||||||
|
|
||||||
[mail function]
|
|
||||||
SMTP = localhost
|
|
||||||
smtp_port = 25
|
|
||||||
mail.add_x_header = On
|
|
||||||
|
|
||||||
[ODBC]
|
|
||||||
odbc.allow_persistent = On
|
|
||||||
odbc.check_persistent = On
|
|
||||||
odbc.max_persistent = -1
|
|
||||||
odbc.max_links = -1
|
|
||||||
odbc.defaultlrl = 4096
|
|
||||||
odbc.defaultbinmode = 1
|
|
||||||
|
|
||||||
[Interbase]
|
|
||||||
ibase.allow_persistent = 1
|
|
||||||
ibase.max_persistent = -1
|
|
||||||
ibase.max_links = -1
|
|
||||||
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
|
|
||||||
ibase.dateformat = "%Y-%m-%d"
|
|
||||||
ibase.timeformat = "%H:%M:%S"
|
|
||||||
|
|
||||||
[MySQLi]
|
|
||||||
mysqli.max_persistent = -1
|
|
||||||
mysqli.allow_persistent = On
|
|
||||||
mysqli.max_links = -1
|
|
||||||
mysqli.cache_size = 2000
|
|
||||||
mysqli.default_port = 3306
|
|
||||||
mysqli.default_socket =
|
|
||||||
mysqli.default_host =
|
|
||||||
mysqli.default_user =
|
|
||||||
mysqli.default_pw =
|
|
||||||
mysqli.reconnect = Off
|
|
||||||
|
|
||||||
[mysqlnd]
|
|
||||||
mysqlnd.collect_statistics = On
|
|
||||||
mysqlnd.collect_memory_statistics = Off
|
|
||||||
|
|
||||||
[OCI8]
|
|
||||||
|
|
||||||
[PostgreSQL]
|
|
||||||
pgsql.allow_persistent = On
|
|
||||||
pgsql.auto_reset_persistent = Off
|
|
||||||
pgsql.max_persistent = -1
|
|
||||||
pgsql.max_links = -1
|
|
||||||
pgsql.ignore_notice = 0
|
|
||||||
pgsql.log_notice = 0
|
|
||||||
|
|
||||||
[bcmath]
|
|
||||||
bcmath.scale = 0
|
|
||||||
|
|
||||||
[browscap]
|
|
||||||
|
|
||||||
[Session]
|
|
||||||
session.save_handler = files
|
|
||||||
session.use_strict_mode = 0
|
|
||||||
session.use_cookies = 1
|
|
||||||
session.cookie_secure = 1
|
|
||||||
session.use_only_cookies = 1
|
|
||||||
session.name = PHPSESSID
|
|
||||||
session.auto_start = 0
|
|
||||||
session.cookie_lifetime = 0
|
|
||||||
session.cookie_path = /
|
|
||||||
session.cookie_domain =
|
|
||||||
session.cookie_httponly =
|
|
||||||
session.serialize_handler = php
|
|
||||||
session.gc_probability = 0
|
|
||||||
session.gc_divisor = 1000
|
|
||||||
session.gc_maxlifetime = 1440
|
|
||||||
session.referer_check =
|
|
||||||
session.cache_limiter = nocache
|
|
||||||
session.cache_expire = 180
|
|
||||||
session.use_trans_sid = 0
|
|
||||||
session.sid_length = 26
|
|
||||||
session.trans_sid_tags = "a=href,area=href,frame=src,form="
|
|
||||||
session.sid_bits_per_character = 5
|
|
||||||
|
|
||||||
[Assertion]
|
|
||||||
zend.assertions = -1
|
|
||||||
|
|
||||||
[COM]
|
|
||||||
|
|
||||||
[mbstring]
|
|
||||||
|
|
||||||
[gd]
|
|
||||||
|
|
||||||
[exif]
|
|
||||||
|
|
||||||
[Tidy]
|
|
||||||
tidy.clean_output = Off
|
|
||||||
|
|
||||||
[soap]
|
|
||||||
soap.wsdl_cache_enabled=1
|
|
||||||
soap.wsdl_cache_dir="/tmp"
|
|
||||||
soap.wsdl_cache_ttl=86400
|
|
||||||
soap.wsdl_cache_limit = 5
|
|
||||||
|
|
||||||
[sysvshm]
|
|
||||||
|
|
||||||
[ldap]
|
|
||||||
ldap.max_links = -1
|
|
||||||
|
|
||||||
[dba]
|
|
||||||
|
|
||||||
[opcache]
|
|
||||||
opcache.enable=1
|
|
||||||
opcache.enable_cli=1
|
|
||||||
opcache.interned_strings_buffer=8
|
|
||||||
opcache.max_accelerated_files=10000
|
|
||||||
opcache.memory_consumption=256
|
|
||||||
opcache.save_comments=1
|
|
||||||
opcache.revalidate_freq=1
|
|
||||||
|
|
||||||
[curl]
|
|
||||||
|
|
||||||
[openssl]
|
|
|
@ -1,185 +0,0 @@
|
||||||
[PHP]
|
|
||||||
|
|
||||||
engine = On
|
|
||||||
short_open_tag = Off
|
|
||||||
precision = 14
|
|
||||||
output_buffering = 4096
|
|
||||||
zlib.output_compression = Off
|
|
||||||
implicit_flush = Off
|
|
||||||
unserialize_callback_func =
|
|
||||||
serialize_precision = -1
|
|
||||||
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
|
|
||||||
disable_classes =
|
|
||||||
zend.enable_gc = On
|
|
||||||
expose_php = Off
|
|
||||||
max_execution_time = 300
|
|
||||||
max_input_vars = 10000
|
|
||||||
max_input_time = 600
|
|
||||||
memory_limit = 256M
|
|
||||||
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
|
|
||||||
display_errors = Off
|
|
||||||
display_startup_errors = Off
|
|
||||||
log_errors = On
|
|
||||||
log_errors_max_len = 1024
|
|
||||||
ignore_repeated_errors = Off
|
|
||||||
ignore_repeated_source = Off
|
|
||||||
report_memleaks = On
|
|
||||||
html_errors = On
|
|
||||||
variables_order = "GPCS"
|
|
||||||
request_order = "GP"
|
|
||||||
register_argc_argv = Off
|
|
||||||
auto_globals_jit = On
|
|
||||||
post_max_size = 128M
|
|
||||||
auto_prepend_file =
|
|
||||||
auto_append_file =
|
|
||||||
default_mimetype = "text/html"
|
|
||||||
default_charset = "UTF-8"
|
|
||||||
doc_root =
|
|
||||||
user_dir =
|
|
||||||
enable_dl = Off
|
|
||||||
file_uploads = On
|
|
||||||
upload_max_filesize = 128M
|
|
||||||
max_file_uploads = 20
|
|
||||||
allow_url_fopen = On
|
|
||||||
allow_url_include = Off
|
|
||||||
default_socket_timeout = 60
|
|
||||||
|
|
||||||
[CLI Server]
|
|
||||||
cli_server.color = On
|
|
||||||
|
|
||||||
[Date]
|
|
||||||
date.timezone = Europe/Paris
|
|
||||||
|
|
||||||
[filter]
|
|
||||||
|
|
||||||
[iconv]
|
|
||||||
|
|
||||||
[intl]
|
|
||||||
|
|
||||||
[sqlite3]
|
|
||||||
|
|
||||||
[Pcre]
|
|
||||||
|
|
||||||
[Pdo]
|
|
||||||
|
|
||||||
[Pdo_mysql]
|
|
||||||
pdo_mysql.cache_size = 2000
|
|
||||||
pdo_mysql.default_socket=
|
|
||||||
|
|
||||||
[Phar]
|
|
||||||
|
|
||||||
[mail function]
|
|
||||||
SMTP = localhost
|
|
||||||
smtp_port = 25
|
|
||||||
mail.add_x_header = On
|
|
||||||
|
|
||||||
[ODBC]
|
|
||||||
odbc.allow_persistent = On
|
|
||||||
odbc.check_persistent = On
|
|
||||||
odbc.max_persistent = -1
|
|
||||||
odbc.max_links = -1
|
|
||||||
odbc.defaultlrl = 4096
|
|
||||||
odbc.defaultbinmode = 1
|
|
||||||
|
|
||||||
[Interbase]
|
|
||||||
ibase.allow_persistent = 1
|
|
||||||
ibase.max_persistent = -1
|
|
||||||
ibase.max_links = -1
|
|
||||||
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
|
|
||||||
ibase.dateformat = "%Y-%m-%d"
|
|
||||||
ibase.timeformat = "%H:%M:%S"
|
|
||||||
|
|
||||||
[MySQLi]
|
|
||||||
mysqli.max_persistent = -1
|
|
||||||
mysqli.allow_persistent = On
|
|
||||||
mysqli.max_links = -1
|
|
||||||
mysqli.cache_size = 2000
|
|
||||||
mysqli.default_port = 3306
|
|
||||||
mysqli.default_socket =
|
|
||||||
mysqli.default_host =
|
|
||||||
mysqli.default_user =
|
|
||||||
mysqli.default_pw =
|
|
||||||
mysqli.reconnect = Off
|
|
||||||
|
|
||||||
[mysqlnd]
|
|
||||||
mysqlnd.collect_statistics = On
|
|
||||||
mysqlnd.collect_memory_statistics = Off
|
|
||||||
|
|
||||||
[OCI8]
|
|
||||||
|
|
||||||
[PostgreSQL]
|
|
||||||
pgsql.allow_persistent = On
|
|
||||||
pgsql.auto_reset_persistent = Off
|
|
||||||
pgsql.max_persistent = -1
|
|
||||||
pgsql.max_links = -1
|
|
||||||
pgsql.ignore_notice = 0
|
|
||||||
pgsql.log_notice = 0
|
|
||||||
|
|
||||||
[bcmath]
|
|
||||||
bcmath.scale = 0
|
|
||||||
|
|
||||||
[browscap]
|
|
||||||
|
|
||||||
[Session]
|
|
||||||
session.save_handler = files
|
|
||||||
session.use_strict_mode = 0
|
|
||||||
session.use_cookies = 1
|
|
||||||
session.cookie_secure = 1
|
|
||||||
session.use_only_cookies = 1
|
|
||||||
session.name = PHPSESSID
|
|
||||||
session.auto_start = 0
|
|
||||||
session.cookie_lifetime = 0
|
|
||||||
session.cookie_path = /
|
|
||||||
session.cookie_domain =
|
|
||||||
session.cookie_httponly =
|
|
||||||
session.serialize_handler = php
|
|
||||||
session.gc_probability = 0
|
|
||||||
session.gc_divisor = 1000
|
|
||||||
session.gc_maxlifetime = 1440
|
|
||||||
session.referer_check =
|
|
||||||
session.cache_limiter = nocache
|
|
||||||
session.cache_expire = 180
|
|
||||||
session.use_trans_sid = 0
|
|
||||||
session.sid_length = 26
|
|
||||||
session.trans_sid_tags = "a=href,area=href,frame=src,form="
|
|
||||||
session.sid_bits_per_character = 5
|
|
||||||
|
|
||||||
[Assertion]
|
|
||||||
zend.assertions = -1
|
|
||||||
|
|
||||||
[COM]
|
|
||||||
|
|
||||||
[mbstring]
|
|
||||||
|
|
||||||
[gd]
|
|
||||||
|
|
||||||
[exif]
|
|
||||||
|
|
||||||
[Tidy]
|
|
||||||
tidy.clean_output = Off
|
|
||||||
|
|
||||||
[soap]
|
|
||||||
soap.wsdl_cache_enabled=1
|
|
||||||
soap.wsdl_cache_dir="/tmp"
|
|
||||||
soap.wsdl_cache_ttl=86400
|
|
||||||
soap.wsdl_cache_limit = 5
|
|
||||||
|
|
||||||
[sysvshm]
|
|
||||||
|
|
||||||
[ldap]
|
|
||||||
ldap.max_links = -1
|
|
||||||
|
|
||||||
[dba]
|
|
||||||
|
|
||||||
[opcache]
|
|
||||||
opcache.enable=1
|
|
||||||
opcache.enable_cli=1
|
|
||||||
opcache.interned_strings_buffer=8
|
|
||||||
opcache.max_accelerated_files=10000
|
|
||||||
opcache.memory_consumption=256
|
|
||||||
opcache.save_comments=1
|
|
||||||
opcache.revalidate_freq=1
|
|
||||||
|
|
||||||
[curl]
|
|
||||||
|
|
||||||
[openssl]
|
|
|
@ -1,15 +0,0 @@
|
||||||
[www]
|
|
||||||
user = www-data
|
|
||||||
group = www-data
|
|
||||||
listen = 127.0.0.1:9090
|
|
||||||
listen.owner = www-data
|
|
||||||
listen.group = www-data
|
|
||||||
pm = ondemand
|
|
||||||
pm.max_children = 100
|
|
||||||
pm.start_servers = 20
|
|
||||||
pm.min_spare_servers = 10
|
|
||||||
pm.max_spare_servers = 30
|
|
||||||
ping.path = /ping
|
|
||||||
pm.status_path = /status
|
|
||||||
pm.max_requests = 500
|
|
||||||
request_terminate_timeout = 300
|
|
|
@ -1,61 +0,0 @@
|
||||||
# /etc/security/limits.conf
|
|
||||||
#
|
|
||||||
#Each line describes a limit for a user in the form:
|
|
||||||
#
|
|
||||||
#<domain> <type> <item> <value>
|
|
||||||
#
|
|
||||||
#Where:
|
|
||||||
#<domain> can be:
|
|
||||||
# - a user name
|
|
||||||
# - a group name, with @group syntax
|
|
||||||
# - the wildcard *, for default entry
|
|
||||||
# - the wildcard %, can be also used with %group syntax,
|
|
||||||
# for maxlogin limit
|
|
||||||
# - NOTE: group and wildcard limits are not applied to root.
|
|
||||||
# To apply a limit to the root user, <domain> must be
|
|
||||||
# the literal username root.
|
|
||||||
#
|
|
||||||
#<type> can have the two values:
|
|
||||||
# - "soft" for enforcing the soft limits
|
|
||||||
# - "hard" for enforcing hard limits
|
|
||||||
#
|
|
||||||
#<item> can be one of the following:
|
|
||||||
# - core - limits the core file size (KB)
|
|
||||||
# - data - max data size (KB)
|
|
||||||
# - fsize - maximum filesize (KB)
|
|
||||||
# - memlock - max locked-in-memory address space (KB)
|
|
||||||
# - nofile - max number of open files
|
|
||||||
# - rss - max resident set size (KB)
|
|
||||||
# - stack - max stack size (KB)
|
|
||||||
# - cpu - max CPU time (MIN)
|
|
||||||
# - nproc - max number of processes
|
|
||||||
# - as - address space limit (KB)
|
|
||||||
# - maxlogins - max number of logins for this user
|
|
||||||
# - maxsyslogins - max number of logins on the system
|
|
||||||
# - priority - the priority to run user process with
|
|
||||||
# - locks - max number of file locks the user can hold
|
|
||||||
# - sigpending - max number of pending signals
|
|
||||||
# - msgqueue - max memory used by POSIX message queues (bytes)
|
|
||||||
# - nice - max nice priority allowed to raise to values: [-20, 19]
|
|
||||||
# - rtprio - max realtime priority
|
|
||||||
# - chroot - change root to directory (Debian-specific)
|
|
||||||
#
|
|
||||||
#<domain> <type> <item> <value>
|
|
||||||
#
|
|
||||||
|
|
||||||
#* soft core 0
|
|
||||||
#root hard core 100000
|
|
||||||
#* hard rss 10000
|
|
||||||
#@student hard nproc 20
|
|
||||||
#@faculty soft nproc 20
|
|
||||||
#@faculty hard nproc 50
|
|
||||||
#ftp hard nproc 0
|
|
||||||
#ftp - chroot /ftp
|
|
||||||
#@student - maxlogins 4
|
|
||||||
|
|
||||||
# End of file
|
|
||||||
* hard nofile 500000
|
|
||||||
* soft nofile 500000
|
|
||||||
root hard nofile 500000
|
|
||||||
root soft nofile 500000
|
|
||||||
|
|
|
@ -1,45 +0,0 @@
|
||||||
# Use a custom port in the following range : 1024-65536
|
|
||||||
Port 22
|
|
||||||
|
|
||||||
#Prefer ed25519 & ECDSA keys rather than 2048 bit RSA
|
|
||||||
HostKey /etc/ssh/ssh_host_rsa_key
|
|
||||||
HostKey /etc/ssh/ssh_host_ecdsa_key
|
|
||||||
HostKey /etc/ssh/ssh_host_ed25519_key
|
|
||||||
|
|
||||||
# Allow root access with ssh keys
|
|
||||||
PermitRootLogin without-password
|
|
||||||
|
|
||||||
# Allow ssh access to some users only
|
|
||||||
AllowUsers root
|
|
||||||
|
|
||||||
# allow ssh key Authentication
|
|
||||||
PubkeyAuthentication yes
|
|
||||||
|
|
||||||
# ssh keys path in ~/.ssh/authorized_keys
|
|
||||||
AuthorizedKeysFile %h/.ssh/authorized_keys
|
|
||||||
|
|
||||||
# No password or empty passwords Authentication
|
|
||||||
PasswordAuthentication no
|
|
||||||
PermitEmptyPasswords no
|
|
||||||
|
|
||||||
# No challenge response Authentication
|
|
||||||
ChallengeResponseAuthentication no
|
|
||||||
|
|
||||||
UsePAM yes
|
|
||||||
X11Forwarding yes
|
|
||||||
|
|
||||||
#PrintMotd no
|
|
||||||
|
|
||||||
# Allow client to pass locale environment variables
|
|
||||||
AcceptEnv LANG LC_*
|
|
||||||
|
|
||||||
# override default of no subsystems
|
|
||||||
Subsystem sftp /usr/lib/openssh/sftp-server
|
|
||||||
|
|
||||||
# Host keys the client accepts - order here is honored by OpenSSH
|
|
||||||
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256
|
|
||||||
|
|
||||||
# use strong ciphers (you may have to comment those lines with some sftp clients)
|
|
||||||
KexAlgorithms curve25519-sha256@libssh.org
|
|
||||||
Ciphers chacha20-poly1305@openssh.com
|
|
||||||
MACs umac-128-etm@openssh.com,umac-128@openssh.com
|
|
|
@ -1,266 +0,0 @@
|
||||||
# Kernel sysctl configuration file for Linux
|
|
||||||
#
|
|
||||||
# Version 1.16 - 2018-10-23
|
|
||||||
# Michiel Klaver - IT Professional
|
|
||||||
# Modified by VirtuBox
|
|
||||||
#
|
|
||||||
# Instructions available on https://github.com/VirtuBox/ubuntu-nginx-web-server
|
|
||||||
#
|
|
||||||
# Sources :
|
|
||||||
# https://klaver.it/linux/sysctl.conf
|
|
||||||
# https://easyengine.io/tutorials/linux/sysctl-conf/
|
|
||||||
#
|
|
||||||
#
|
|
||||||
# Credits:
|
|
||||||
#
|
|
||||||
# http://www.enigma.id.au/linux_tuning.txt
|
|
||||||
# http://www.securityfocus.com/infocus/1729
|
|
||||||
# http://fasterdata.es.net/TCP-tuning/linux.html
|
|
||||||
# http://fedorahosted.org/ktune/browser/sysctl.ktune
|
|
||||||
# http://www.cymru.com/Documents/ip-stack-tuning.html
|
|
||||||
# http://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
|
|
||||||
# http://www.frozentux.net/ipsysctl-tutorial/chunkyhtml/index.html
|
|
||||||
# http://knol.google.com/k/linux-performance-tuning-and-measurement
|
|
||||||
# http://www.cyberciti.biz/faq/linux-kernel-tuning-virtual-memory-subsystem/
|
|
||||||
# http://www.redbooks.ibm.com/abstracts/REDP4285.html
|
|
||||||
# http://www.speedguide.net/read_articles.php?id=121
|
|
||||||
# http://lartc.org/howto/lartc.kernel.obscure.html
|
|
||||||
# http://en.wikipedia.org/wiki/Sysctl
|
|
||||||
#
|
|
||||||
# Usage
|
|
||||||
# wget -O /etc/sysctl.d/60-ubuntu-nginx-web-server.conf https://virtubox.github.io/ubuntu-nginx-web-server/files/etc/sysctl.d/60-ubuntu-nginx-web-server.conf
|
|
||||||
#
|
|
||||||
# sysctl -e -p /etc/sysctl.d/60-ubuntu-nginx-web-server.conf
|
|
||||||
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and sysctl.conf(5) for more details.
|
|
||||||
#
|
|
||||||
|
|
||||||
###
|
|
||||||
### GENERAL SYSTEM SECURITY OPTIONS ###
|
|
||||||
###
|
|
||||||
|
|
||||||
# Controls the System Request debugging functionality of the kernel
|
|
||||||
kernel.sysrq = 0
|
|
||||||
|
|
||||||
# Controls whether core dumps will append the PID to the core filename.
|
|
||||||
# Useful for debugging multi-threaded applications.
|
|
||||||
kernel.core_uses_pid = 1
|
|
||||||
|
|
||||||
#Allow for more PIDs
|
|
||||||
kernel.pid_max = 65535
|
|
||||||
|
|
||||||
# The contents of /proc/<pid>/maps and smaps files are only visible to
|
|
||||||
# readers that are allowed to ptrace() the process
|
|
||||||
kernel.maps_protect = 1
|
|
||||||
|
|
||||||
#Enable ExecShield protection
|
|
||||||
kernel.exec-shield = 1
|
|
||||||
kernel.randomize_va_space = 2
|
|
||||||
|
|
||||||
# Controls the maximum size of a message, in bytes
|
|
||||||
kernel.msgmnb = 65535
|
|
||||||
|
|
||||||
# Controls the default maxmimum size of a mesage queue
|
|
||||||
kernel.msgmax = 65535
|
|
||||||
|
|
||||||
# Restrict core dumps
|
|
||||||
fs.suid_dumpable = 0
|
|
||||||
|
|
||||||
# Hide exposed kernel pointers
|
|
||||||
kernel.kptr_restrict = 1
|
|
||||||
|
|
||||||
###
|
|
||||||
### IMPROVE SYSTEM MEMORY MANAGEMENT ###
|
|
||||||
###
|
|
||||||
|
|
||||||
# Increase size of file handles and inode cache
|
|
||||||
fs.file-max = 209708
|
|
||||||
|
|
||||||
# Do less swapping
|
|
||||||
vm.swappiness = 10
|
|
||||||
vm.dirty_ratio = 30
|
|
||||||
vm.dirty_background_ratio = 5
|
|
||||||
|
|
||||||
# specifies the minimum virtual address that a process is allowed to mmap
|
|
||||||
vm.mmap_min_addr = 4096
|
|
||||||
|
|
||||||
# 50% overcommitment of available memory
|
|
||||||
vm.overcommit_ratio = 50
|
|
||||||
|
|
||||||
# allow memory overcommit required for redis
|
|
||||||
vm.overcommit_memory = 1
|
|
||||||
|
|
||||||
# Set maximum amount of memory allocated to shm to 256MB
|
|
||||||
kernel.shmmax = 268435456
|
|
||||||
kernel.shmall = 268435456
|
|
||||||
|
|
||||||
# Keep at least 64MB of free RAM space available
|
|
||||||
vm.min_free_kbytes = 65535
|
|
||||||
|
|
||||||
###
|
|
||||||
### GENERAL NETWORK SECURITY OPTIONS ###
|
|
||||||
###
|
|
||||||
|
|
||||||
#Prevent SYN attack, enable SYNcookies (they will kick-in when the max_syn_backlog reached)
|
|
||||||
net.ipv4.tcp_syncookies = 1
|
|
||||||
net.ipv4.tcp_syn_retries = 2
|
|
||||||
net.ipv4.tcp_synack_retries = 2
|
|
||||||
net.ipv4.tcp_max_syn_backlog = 4096
|
|
||||||
|
|
||||||
# Disables IP source routing
|
|
||||||
net.ipv4.conf.all.send_redirects = 0
|
|
||||||
net.ipv4.conf.default.send_redirects = 0
|
|
||||||
net.ipv4.conf.all.accept_source_route = 0
|
|
||||||
net.ipv4.conf.default.accept_source_route = 0
|
|
||||||
net.ipv6.conf.all.accept_source_route = 0
|
|
||||||
net.ipv6.conf.default.accept_source_route = 0
|
|
||||||
|
|
||||||
# Enable IP spoofing protection, turn on source route verification
|
|
||||||
net.ipv4.conf.all.rp_filter = 1
|
|
||||||
net.ipv4.conf.default.rp_filter = 1
|
|
||||||
|
|
||||||
# Disable ICMP Redirect Acceptance
|
|
||||||
net.ipv4.conf.all.accept_redirects = 0
|
|
||||||
net.ipv4.conf.default.accept_redirects = 0
|
|
||||||
net.ipv4.conf.all.secure_redirects = 0
|
|
||||||
net.ipv4.conf.default.secure_redirects = 0
|
|
||||||
net.ipv6.conf.all.accept_redirects = 0
|
|
||||||
net.ipv6.conf.default.accept_redirects = 0
|
|
||||||
|
|
||||||
# Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
|
|
||||||
net.ipv4.conf.all.log_martians = 1
|
|
||||||
net.ipv4.conf.default.log_martians = 1
|
|
||||||
|
|
||||||
# Decrease the time default value for tcp_fin_timeout connection
|
|
||||||
net.ipv4.tcp_fin_timeout = 7
|
|
||||||
|
|
||||||
# Decrease the time default value for connections to keep alive
|
|
||||||
net.ipv4.tcp_keepalive_time = 300
|
|
||||||
net.ipv4.tcp_keepalive_probes = 5
|
|
||||||
net.ipv4.tcp_keepalive_intvl = 15
|
|
||||||
|
|
||||||
# Don't relay bootp
|
|
||||||
net.ipv4.conf.all.bootp_relay = 0
|
|
||||||
|
|
||||||
# Don't proxy arp for anyone
|
|
||||||
net.ipv4.conf.all.proxy_arp = 0
|
|
||||||
|
|
||||||
# Turn on the tcp_timestamps, accurate timestamp make TCP congestion control algorithms work better
|
|
||||||
net.ipv4.tcp_timestamps = 1
|
|
||||||
|
|
||||||
# Don't ignore directed pings
|
|
||||||
net.ipv4.icmp_echo_ignore_all = 0
|
|
||||||
|
|
||||||
# Enable ignoring broadcasts request
|
|
||||||
net.ipv4.icmp_echo_ignore_broadcasts = 1
|
|
||||||
|
|
||||||
# Enable bad error message Protection
|
|
||||||
net.ipv4.icmp_ignore_bogus_error_responses = 1
|
|
||||||
|
|
||||||
# Allowed local port range
|
|
||||||
net.ipv4.ip_local_port_range = 16384 65535
|
|
||||||
|
|
||||||
# Enable a fix for RFC1337 - time-wait assassination hazards in TCP
|
|
||||||
net.ipv4.tcp_rfc1337 = 1
|
|
||||||
|
|
||||||
# Do not auto-configure IPv6
|
|
||||||
net.ipv6.conf.all.autoconf=0
|
|
||||||
net.ipv6.conf.all.accept_ra=0
|
|
||||||
net.ipv6.conf.default.autoconf=0
|
|
||||||
net.ipv6.conf.default.accept_ra=0
|
|
||||||
net.ipv6.conf.all.accept_ra_defrtr = 0
|
|
||||||
net.ipv6.conf.default.accept_ra_defrtr = 0
|
|
||||||
net.ipv6.conf.all.accept_ra_pinfo = 0
|
|
||||||
net.ipv6.conf.default.accept_ra_pinfo = 0
|
|
||||||
|
|
||||||
###
|
|
||||||
### TUNING NETWORK PERFORMANCE ###
|
|
||||||
###
|
|
||||||
|
|
||||||
# For servers with tcp-heavy workloads, enable 'fq' queue management scheduler (kernel > 3.12)
|
|
||||||
net.core.default_qdisc = fq
|
|
||||||
|
|
||||||
# Turn on the tcp_window_scaling
|
|
||||||
net.ipv4.tcp_window_scaling = 1
|
|
||||||
|
|
||||||
# Increase the read-buffer space allocatable
|
|
||||||
net.ipv4.tcp_rmem = 8192 87380 16777216
|
|
||||||
net.ipv4.udp_rmem_min = 16384
|
|
||||||
net.core.rmem_default = 262144
|
|
||||||
net.core.rmem_max = 16777216
|
|
||||||
|
|
||||||
# Increase the write-buffer-space allocatable
|
|
||||||
net.ipv4.tcp_wmem = 8192 65536 16777216
|
|
||||||
net.ipv4.udp_wmem_min = 16384
|
|
||||||
net.core.wmem_default = 262144
|
|
||||||
net.core.wmem_max = 16777216
|
|
||||||
|
|
||||||
# Increase number of incoming connections
|
|
||||||
net.core.somaxconn = 32768
|
|
||||||
|
|
||||||
# Increase number of incoming connections backlog
|
|
||||||
net.core.netdev_max_backlog = 16384
|
|
||||||
net.core.dev_weight = 64
|
|
||||||
|
|
||||||
# Increase the maximum amount of option memory buffers
|
|
||||||
net.core.optmem_max = 65535
|
|
||||||
|
|
||||||
# Increase the tcp-time-wait buckets pool size to prevent simple DOS attacks
|
|
||||||
net.ipv4.tcp_max_tw_buckets = 1440000
|
|
||||||
|
|
||||||
# try to reuse time-wait connections, but don't recycle them (recycle can break clients behind NAT)
|
|
||||||
net.ipv4.tcp_tw_recycle = 0
|
|
||||||
net.ipv4.tcp_tw_reuse = 1
|
|
||||||
|
|
||||||
# Limit number of orphans, each orphan can eat up to 16M (max wmem) of unswappable memory
|
|
||||||
net.ipv4.tcp_max_orphans = 16384
|
|
||||||
net.ipv4.tcp_orphan_retries = 0
|
|
||||||
|
|
||||||
# Limit the maximum memory used to reassemble IP fragments (CVE-2018-5391)
|
|
||||||
net.ipv4.ipfrag_low_thresh = 196608
|
|
||||||
net.ipv6.ip6frag_low_thresh = 196608
|
|
||||||
net.ipv4.ipfrag_high_thresh = 262144
|
|
||||||
net.ipv6.ip6frag_high_thresh = 262144
|
|
||||||
|
|
||||||
|
|
||||||
# don't cache ssthresh from previous connection
|
|
||||||
net.ipv4.tcp_no_metrics_save = 1
|
|
||||||
net.ipv4.tcp_moderate_rcvbuf = 1
|
|
||||||
|
|
||||||
# Increase size of RPC datagram queue length
|
|
||||||
net.unix.max_dgram_qlen = 50
|
|
||||||
|
|
||||||
# Don't allow the arp table to become bigger than this
|
|
||||||
net.ipv4.neigh.default.gc_thresh3 = 2048
|
|
||||||
|
|
||||||
# Tell the gc when to become aggressive with arp table cleaning.
|
|
||||||
# Adjust this based on size of the LAN. 1024 is suitable for most /24 networks
|
|
||||||
net.ipv4.neigh.default.gc_thresh2 = 1024
|
|
||||||
|
|
||||||
# Adjust where the gc will leave arp table alone - set to 32.
|
|
||||||
net.ipv4.neigh.default.gc_thresh1 = 32
|
|
||||||
|
|
||||||
# Adjust to arp table gc to clean-up more often
|
|
||||||
net.ipv4.neigh.default.gc_interval = 30
|
|
||||||
|
|
||||||
# Increase TCP queue length
|
|
||||||
net.ipv4.neigh.default.proxy_qlen = 96
|
|
||||||
net.ipv4.neigh.default.unres_qlen = 6
|
|
||||||
|
|
||||||
# Enable Explicit Congestion Notification (RFC 3168), disable it if it doesn't work for you
|
|
||||||
net.ipv4.tcp_ecn = 1
|
|
||||||
net.ipv4.tcp_reordering = 3
|
|
||||||
|
|
||||||
# How many times to retry killing an alive TCP connection
|
|
||||||
net.ipv4.tcp_retries2 = 15
|
|
||||||
net.ipv4.tcp_retries1 = 3
|
|
||||||
|
|
||||||
# Avoid falling back to slow start after a connection goes idle
|
|
||||||
# keeps our cwnd large with the keep alive connections (kernel > 3.6)
|
|
||||||
net.ipv4.tcp_slow_start_after_idle = 0
|
|
||||||
|
|
||||||
# Allow the TCP fastopen flag to be used, beware some firewalls do not like TFO! (kernel > 3.7)
|
|
||||||
net.ipv4.tcp_fastopen = 3
|
|
||||||
|
|
||||||
# This will enusre that immediatly subsequent connections use the new values
|
|
||||||
net.ipv4.route.flush = 1
|
|
||||||
net.ipv6.route.flush = 1
|
|
|
@ -1,2 +0,0 @@
|
||||||
[Service]
|
|
||||||
LimitNOFILE=500000
|
|
|
@ -1,2 +0,0 @@
|
||||||
[Service]
|
|
||||||
LimitNOFILE=30000
|
|
|
@ -1,2 +0,0 @@
|
||||||
[Service]
|
|
||||||
LimitNOFILE=30000
|
|
|
@ -1,70 +0,0 @@
|
||||||
# uncomment for a colored prompt, if the terminal has the capability; turned
|
|
||||||
# off by default to not distract the user: the focus in a terminal window
|
|
||||||
# should be on the output of commands, not on the prompt
|
|
||||||
force_color_prompt=yes
|
|
||||||
|
|
||||||
if [ -n "$force_color_prompt" ]; then
|
|
||||||
if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
|
|
||||||
# We have color support; assume it's compliant with Ecma-48
|
|
||||||
# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
|
|
||||||
# a case would tend to support setf rather than setaf.)
|
|
||||||
color_prompt=yes
|
|
||||||
else
|
|
||||||
color_prompt=
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "$color_prompt" = yes ]; then
|
|
||||||
#PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
|
|
||||||
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;33m\]@\[\033[01;36m\]\h \[\033[01;33m\]\w \[\033[01;35m\]\$ \[\033[00m\]'
|
|
||||||
else
|
|
||||||
PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
|
|
||||||
fi
|
|
||||||
unset color_prompt force_color_prompt
|
|
||||||
|
|
||||||
# If this is an xterm set the title to user@host:dir
|
|
||||||
case "$TERM" in
|
|
||||||
xterm*|rxvt*)
|
|
||||||
PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
# some more ls aliases
|
|
||||||
alias ll='ls -alhF'
|
|
||||||
alias la='ls -A'
|
|
||||||
alias l='ls -CF'
|
|
||||||
|
|
||||||
# Alias definitions.
|
|
||||||
# You may want to put all your additions into a separate file like
|
|
||||||
# ~/.bash_aliases, instead of adding them here directly.
|
|
||||||
# See /usr/share/doc/bash-doc/examples in the bash-doc package.
|
|
||||||
|
|
||||||
if [ -f ~/.bash_aliases ]; then
|
|
||||||
. ~/.bash_aliases
|
|
||||||
fi
|
|
||||||
|
|
||||||
# enable programmable completion features (you don't need to enable
|
|
||||||
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
|
|
||||||
# sources /etc/bash.bashrc).
|
|
||||||
if ! shopt -oq posix; then
|
|
||||||
if [ -f /usr/share/bash-completion/bash_completion ]; then
|
|
||||||
. /usr/share/bash-completion/bash_completion
|
|
||||||
elif [ -f /etc/bash_completion ]; then
|
|
||||||
. /etc/bash_completion
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
# enable color support of ls and also add handy aliases
|
|
||||||
if [ -x /usr/bin/dircolors ]; then
|
|
||||||
test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
|
|
||||||
alias ls='ls --color=auto'
|
|
||||||
#alias dir='dir --color=auto'
|
|
||||||
#alias vdir='vdir --color=auto'
|
|
||||||
|
|
||||||
alias grep='grep --color=auto'
|
|
||||||
alias fgrep='fgrep --color=auto'
|
|
||||||
alias egrep='egrep --color=auto'
|
|
||||||
fi
|
|
||||||
|
|
|
@ -1,7 +0,0 @@
|
||||||
# ~/.profile: executed by Bourne-compatible login shells.
|
|
||||||
|
|
||||||
if [ "$BASH" ]; then
|
|
||||||
if [ -f ~/.bashrc ]; then
|
|
||||||
. ~/.bashrc
|
|
||||||
fi
|
|
||||||
fi
|
|
|
@ -9,7 +9,7 @@ listen.group = www-data
|
||||||
listen.mode = 0660
|
listen.mode = 0660
|
||||||
listen.backlog = 32768
|
listen.backlog = 32768
|
||||||
|
|
||||||
|
chdir = /
|
||||||
catch_workers_output = yes
|
catch_workers_output = yes
|
||||||
|
|
||||||
pm = ondemand
|
pm = ondemand
|
||||||
|
|
|
@ -9,7 +9,7 @@ listen.group = www-data
|
||||||
listen.mode = 0660
|
listen.mode = 0660
|
||||||
listen.backlog = 32768
|
listen.backlog = 32768
|
||||||
|
|
||||||
|
chdir = /
|
||||||
catch_workers_output = yes
|
catch_workers_output = yes
|
||||||
|
|
||||||
pm = ondemand
|
pm = ondemand
|
||||||
|
|
|
@ -9,7 +9,7 @@ listen.group = www-data
|
||||||
listen.mode = 0660
|
listen.mode = 0660
|
||||||
listen.backlog = 32768
|
listen.backlog = 32768
|
||||||
|
|
||||||
|
chdir = /
|
||||||
catch_workers_output = yes
|
catch_workers_output = yes
|
||||||
|
|
||||||
pm = ondemand
|
pm = ondemand
|
||||||
|
|
|
@ -9,7 +9,7 @@ listen.group = www-data
|
||||||
listen.mode = 0660
|
listen.mode = 0660
|
||||||
listen.backlog = 32768
|
listen.backlog = 32768
|
||||||
|
|
||||||
|
chdir = /
|
||||||
catch_workers_output = yes
|
catch_workers_output = yes
|
||||||
|
|
||||||
pm = ondemand
|
pm = ondemand
|
||||||
|
|
|
@ -9,7 +9,7 @@ listen.group = www-data
|
||||||
listen.mode = 0660
|
listen.mode = 0660
|
||||||
listen.backlog = 32768
|
listen.backlog = 32768
|
||||||
|
|
||||||
|
chdir = /
|
||||||
catch_workers_output = yes
|
catch_workers_output = yes
|
||||||
|
|
||||||
pm = ondemand
|
pm = ondemand
|
||||||
|
|
|
@ -9,7 +9,7 @@ listen.group = www-data
|
||||||
listen.mode = 0660
|
listen.mode = 0660
|
||||||
listen.backlog = 32768
|
listen.backlog = 32768
|
||||||
|
|
||||||
|
chdir = /
|
||||||
catch_workers_output = yes
|
catch_workers_output = yes
|
||||||
|
|
||||||
pm = ondemand
|
pm = ondemand
|
||||||
|
|
|
@ -9,7 +9,7 @@ listen.group = www-data
|
||||||
listen.mode = 0660
|
listen.mode = 0660
|
||||||
listen.backlog = 32768
|
listen.backlog = 32768
|
||||||
|
|
||||||
|
chdir = /
|
||||||
catch_workers_output = yes
|
catch_workers_output = yes
|
||||||
|
|
||||||
pm = ondemand
|
pm = ondemand
|
||||||
|
|
|
@ -9,7 +9,7 @@ listen.group = www-data
|
||||||
listen.mode = 0660
|
listen.mode = 0660
|
||||||
listen.backlog = 32768
|
listen.backlog = 32768
|
||||||
|
|
||||||
|
chdir = /
|
||||||
catch_workers_output = yes
|
catch_workers_output = yes
|
||||||
|
|
||||||
pm = ondemand
|
pm = ondemand
|
||||||
|
|
Loading…
Reference in New Issue