vhost 样例
server {
listen 80;
server_name check.321164.com;
root /zm_root/zm_http_two/web/public;
location / {
if (!-e $request_filename) {
rewrite ^/ad(|\/)$ /index.php/admin/index/index last;
#检测http
rewrite ^/jc(|\/)$ /index.php/index/agent/agent last;
#获取ip连接
rewrite ^/getip(|\/)$ /index.php/index/getapi/new_get_use_ips last;
#获取ip连接param格式
rewrite ^/getip(|\/)?(.*)$ /index.php/index/getapi/new_get_use_ips$2 last;
#index
rewrite ^/index(|\/)$ /index.php/index/index/index last;
#recharge
rewrite ^/recharge(|\/)$ /index.php/index/index/recharge last;
#new_recharge
rewrite ^/newrecharge(|\/)$ /index.php/index/index/new_recharge last;
#new_api
rewrite ^/getapi(|\/)$ /index.php/index/api/new_api last;
#默认
rewrite ^(.*)$ /index.php?s=$1 last;
break;
}
}
index index.html index.php;
location ~ /.svn/ {
deny all;
}
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
location ~ /\.ht {
deny all;
}
location ~ [^/]\.php(/|$) {
#fastcgi_pass remote_php_ip:9000;
fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_keep_conn on;
fastcgi_hide_header "X-Powered-By";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
set $real_script_name $fastcgi_script_name;
if ($fastcgi_script_name ~ "^(.+?\.php)(/.+)$") {
set $real_script_name $1;
set $path_info $2;
}
fastcgi_param SCRIPT_FILENAME $document_root$real_script_name;
fastcgi_param PHP_VALUE open_basedir=$document_root:/tmp/:/proc/:/zm_root/zm_http_two/web;
fastcgi_param SCRIPT_NAME $real_script_name;
fastcgi_param PATH_INFO $path_info;
}
}
=================================================================================
聪果一个成功范例
server
{
listen 80;
#listen [::]:80;
server_name edu.2b3.cn ;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/edu.2b3.cn/public;
include other.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php.conf;
location / {
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php?s=/$1 last;
break;
}
}
location ~ \.php(.*)$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include fastcgi_params;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log /home/wwwlogs/hdll.api.0x00day.com.log;
}
server
{
listen 443 ssl http2;
#listen [::]:443 ssl http2;
server_name edu.2b3.cn ;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/edu.2b3.cn/public;
ssl on;
ssl_certificate /etc/letsencrypt/live/edu.2b3.cn/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/edu.2b3.cn/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_session_cache builtin:1000 shared:SSL:10m;
# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
include other.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log /home/wwwlogs/edu.2b3.cn.log;
}
#server
# {
# listen 443 ssl http2;
# #listen [::]:443 ssl http2;
# server_name hdll.api.0x00day.com ;
# index index.html index.htm index.php default.html default.htm default.php;
# root /home/wwwroot/hdll.api.0x00day.com/public;
# ssl on;
# ssl_certificate /etc/letsencrypt/live/hdll.api.0x00day.com/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/hdll.api.0x00day.com/privkey.pem;
# ssl_session_timeout 5m;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_prefer_server_ciphers on;
# ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
# ssl_session_cache builtin:1000 shared:SSL:10m;
# # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
# ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
#
# include none.conf;
# #error_page 404 /404.html;
#
# # Deny access to PHP files in specific directory
# #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
#
# include enable-php.conf;
#
# location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
# {
# expires 30d;
# }
#
# location ~ .*\.(js|css)?$
# {
# expires 12h;
# }
#
# location ~ /.well-known {
# allow all;
# }
#
# location ~ /\.
# {
# deny all;
# }
#
# access_log off;
# }