worker_processes auto; error_log /var/log/nginx/error.log; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; # Maps to exclude successful health checks from stdout map $remote_addr $loggable_ip { 127.0.0.1 ""; default 1; } map $status $loggable_status { 200 ""; default 1; } log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 65; # By default, if the processing of images takes more than 60s, # a 504 Gateway timeout occurs, so we increase the timeout here # to allow procesing of large images or when multiple images are # being processed at the same time. We set max_execution_time # below to the same value. fastcgi_read_timeout 3600; # We also set the send timeout since this can otherwise also cause # issues with slow connections fastcgi_send_timeout 3600; gzip on; server { root %%WWWDIR%%/public; listen 80; server_name $hostname ""; client_max_body_size 100M; # serve static files directly location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ { access_log off; expires max; log_not_found off; } # removes trailing slashes (prevents SEO duplicate content issues) if (!-d $request_filename) { rewrite ^/(.+)/$ /$1 permanent; } # If the request is not for a valid file (image, js, css, etc.), send to bootstrap if (!-e $request_filename) { rewrite ^/(.*)$ /index.php?/$1 last; break; } location / { index index.php try_files $uri $uri/ /index.php?$query_string; } # Serve /index.php through PHP location = /index.php { fastcgi_split_path_info ^(.+?\.php)(/.*)$; try_files $uri $document_root$fastcgi_script_name =404; # Mitigate https://httpoxy.org/ vulnerabilities fastcgi_param HTTP_PROXY ""; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PHP_VALUE "post_max_size=100M max_execution_time=3600 upload_max_filesize=100M memory_limit=256M"; fastcgi_param PATH /usr/local/bin:/usr/bin:/bin; include fastcgi_params; } # Deny access to other .php files, rather than exposing their contents location ~ [^/]\.php(/|$) { return 403; } } }