mirror of
https://github.com/phpbb/phpbb.git
synced 2025-05-06 23:55:26 +02:00
a970219d61
The "deny" and "access" directives are IP-based in general. Both directives only support IPv6 from nginx 0.8.22 onwards, on older versions of nginx those directives have no effect on IPv6 requests. Thus they do not block access for IPv6 requests. Adding the "internal" directive blocks external access in general (both IPv4 and IPv6) and makes the web server return a status code 404 (Not Found) response. See: http://nginx.org/en/CHANGES http://wiki.nginx.org/HttpCoreModule#internal PHPBB3-10007
73 lines
1.9 KiB
Plaintext
73 lines
1.9 KiB
Plaintext
# Sample nginx configuration file for phpBB.
|
|
# Global settings have been removed, copy them
|
|
# from your system's nginx.conf.
|
|
# Tested with nginx 0.8.35.
|
|
|
|
http {
|
|
# Compression - requires gzip and gzip static modules.
|
|
gzip on;
|
|
gzip_static on;
|
|
gzip_vary on;
|
|
gzip_http_version 1.1;
|
|
gzip_min_length 700;
|
|
gzip_comp_level 6;
|
|
gzip_disable "MSIE [1-6]\.";
|
|
|
|
# Catch-all server for requests to invalid hosts.
|
|
# Also catches vulnerability scanners probing IP addresses.
|
|
# Should be first.
|
|
server {
|
|
listen 80;
|
|
server_name bogus;
|
|
return 444;
|
|
root /var/empty;
|
|
}
|
|
|
|
# If you have domains with and without www prefix,
|
|
# redirect one to the other.
|
|
server {
|
|
listen 80;
|
|
server_name myforums.com;
|
|
rewrite ^(.*)$ http://www.myforums.com$1 permanent;
|
|
}
|
|
|
|
# The actual board domain.
|
|
server {
|
|
listen 80;
|
|
server_name www.myforums.com;
|
|
|
|
root /path/to/phpbb;
|
|
|
|
location / {
|
|
# phpbb uses index.htm
|
|
index index.php index.html index.htm;
|
|
}
|
|
|
|
# Deny access to internal phpbb files.
|
|
location ~ /(config\.php|common\.php|includes|cache|files|store|images/avatars/upload) {
|
|
internal;
|
|
deny all;
|
|
}
|
|
|
|
# Pass the php scripts to fastcgi server specified in upstream declaration.
|
|
location ~ \.php$ {
|
|
fastcgi_pass php;
|
|
# Necessary for php.
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
# Unmodified fastcgi_params from nginx distribution.
|
|
include fastcgi_params;
|
|
}
|
|
|
|
# Deny access to version control system directories.
|
|
location ~ /\.svn|/\.git {
|
|
internal;
|
|
deny all;
|
|
}
|
|
}
|
|
|
|
# If running php as fastcgi, specify php upstream.
|
|
upstream php {
|
|
server unix:/tmp/php.sock;
|
|
}
|
|
}
|