Advertisement
niammuddin

wildcard ssl

Jan 28th, 2022
905
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.58 KB | None | 0 0
  1. server
  2. {
  3.     listen 80;
  4.     listen 443 ssl http2;
  5.     # server_name wildcard.mikcloud.my.id *.mikcloud.my.id;
  6.     server_name ~^(www\.)?(?<sname>.+?).mikcloud.my.id$;
  7.     index index.php index.html index.htm default.php default.htm default.html;
  8.     root /www/wwwroot/wildcard.mikcloud.my.id/$sname;
  9.     # root /www/wwwroot/wildcard.mikcloud.my.id;
  10.  
  11.  
  12.     error_page 404 /custom_404.html;
  13.           location = /custom_404.html {
  14.           root /www/wwwroot/wildcard.mikcloud.my.id;
  15.           internal;
  16.         }
  17.  
  18.  
  19.     #SSL-START SSL related configuration, do NOT delete or modify the next line of commented-out 404 rules
  20.     #error_page 404/404.html;
  21.     #HTTP_TO_HTTPS_START
  22.     if ($server_port !~ 443){
  23.         rewrite ^(/.*)$ https://$host$1 permanent;
  24.     }
  25.     #HTTP_TO_HTTPS_END
  26.     ssl_certificate    /www/server/panel/vhost/cert/wildcard.mikcloud.my.id/fullchain.pem;
  27.     ssl_certificate_key    /www/server/panel/vhost/cert/wildcard.mikcloud.my.id/privkey.pem;
  28.     ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
  29.     ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
  30.     ssl_prefer_server_ciphers on;
  31.     ssl_session_cache shared:SSL:10m;
  32.     ssl_session_timeout 10m;
  33.     add_header Strict-Transport-Security "max-age=31536000";
  34.     error_page 497  https://$host$request_uri;
  35.  
  36.     #SSL-END
  37.  
  38.     #ERROR-PAGE-START  Error page configuration, allowed to be commented, deleted or modified
  39.     #error_page 404 /404.html;
  40.     #error_page 502 /502.html;
  41.     #ERROR-PAGE-END
  42.  
  43.     #PHP-INFO-START  PHP reference configuration, allowed to be commented, deleted or modified
  44.     include enable-php-74.conf;
  45.     #PHP-INFO-END
  46.  
  47.     #REWRITE-START URL rewrite rule reference, any modification will invalidate the rewrite rules set by the panel
  48.     include /www/server/panel/vhost/rewrite/wildcard.mikcloud.my.id.conf;
  49.     #REWRITE-END
  50.  
  51.     # Forbidden files or directories
  52.     location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)
  53.     {
  54.         return 404;
  55.     }
  56.  
  57.     # Directory verification related settings for one-click application for SSL certificate
  58.     location ~ \.well-known{
  59.         allow all;
  60.     }
  61.  
  62.     location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
  63.     {
  64.         expires      30d;
  65.         error_log /dev/null;
  66.         access_log off;
  67.     }
  68.  
  69.     location ~ .*\.(js|css)?$
  70.     {
  71.         expires      12h;
  72.         error_log /dev/null;
  73.         access_log off;
  74.     }
  75.     access_log  /www/wwwlogs/wildcard.mikcloud.my.id.log;
  76.     error_log  /www/wwwlogs/wildcard.mikcloud.my.id.error.log;
  77. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement