Ответы пользователя по тегу Nginx
  • Как правильно настроить безопасность в nginx?

    @Dr_Wut Автор вопроса
    Мануал читал.
    Конфиг:
    server {
            listen  443 ssl;
            server_name     site.comp.com;
            error_page 497 https://$host:$server_port$request_uri;
            keepalive_timeout 70;
            charset utf-8;
            sendfile on;
            server_tokens off;
            client_max_body_size 500m;
            access_log /var/log/nginx/site.comp.com.log ;
            error_log /var/log/nginx/site.comp.com.log;
            ssl_certificate /etc/nginx/ssl/site.comp.com.crt;
            ssl_certificate_key /etc/nginx/ssl/site.comp.com.key;
            ssl_verify_depth        1;
            ssl_session_timeout     10m;
            ssl_session_cache       shared:SSL:10m;
            ssl_protocols   TLSv1 TLSv1.1 TLSv1.2;
            ssl_prefer_server_ciphers on;
            location / {
                    proxy_pass      http://site.comp.local;
                    proxy_redirect  http://site.comp.com/ /;
                    proxy_read_timeout 1800;
                    proxy_set_header Host $host;
                    proxy_set_header X-Forwarded-Host $host;
                    proxy_set_header X-Forwarded-Port $server_port;
                    proxy_set_header X-Real-Ip $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    }
    }
    server {
            listen 80;
            server_name site.comp.com;
            proxy_set_header Host site.comp.com;
            location / {
                    rewrite ^(.*)$ https://site.comp.com$1 permanent;
                    }
    }
    Ответ написан
    Комментировать