stream_socket_server('tcp://127.0.0.1:7070', $errno, $errstr)
location /wss {
proxy_pass http://localhost:7070;
proxy_http_version 1.1;
proxy_set_header Upgrade websocket;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
}
server {
listen %ip%:%httpport%;
listen %ip%:%httpsport% ssl;
server_name %host% %aliases%;
root '%hostdir%';
#limit_conn addr 64;
autoindex off;
index index.php index.html index.htm;
ssl_certificate '%sprogdir%/userdata/config/cert_files/%host%.crt';
ssl_certificate_key '%sprogdir%/userdata/config/cert_files/%host%.key';
#ssl_trusted_certificate '';
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
location /wss/ {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 60s;
proxy_send_timeout 60s;
}
# Force HTTPS
#if ($scheme ~* ^(?!https).*$) {
# return 301 https://$host$request_uri;
#}
# Force www.site.com => site.com
#if ($host ~* ^www\.(.+)$) {
# return 301 $scheme://$1$request_uri;
#}
# Disable MIME sniffing
add_header X-Content-Type-Options 'nosniff' always;
# HSTS
#add_header Strict-Transport-Security 'max-age=2592000' always;
# Disable access to hidden files/folders
location ~* /\.(?!well-known/) {
deny all;
log_not_found off;
access_log off;
}
# Disable access to backup/config/command/log files
location ~* (?:\.(?:bak|co?nf(ig)?|in[ci]|log|sh|sql|tar|t?gz)|~)$ {
deny all;
}
location ~* ^.+\.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv|svgz?|ttf|ttc|otf|eot|woff2?)$ {
expires 1d;
access_log off;
}
location / {
# Force index.php routing (if not found)
#try_files $uri $uri/ /index.php?$query_string;
# Force index.php routing (all requests)
#rewrite ^/(.*)$ /index.php?/$1 last;
#limit_conn addr 16;
#limit_req zone=flood burst=32 nodelay;
#add_header X-Frame-Options 'SAMEORIGIN' always;
#add_header Referrer-Policy 'no-referrer-when-downgrade' always;
# CSP syntax: <host-source> <scheme-source>(http: https: data: mediastream: blob: filesystem:) 'self' 'unsafe-inline' 'unsafe-eval' 'none'
#add_header Content-Security-Policy-Report-Only "default-src 'self'; report-uri https://site.com/csp/" always;
#add_header Content-Security-Policy "default-src 'self'; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; base-uri 'none'; form-action 'self'; frame-ancestors 'self'; upgrade-insecure-requests" always;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $http_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Country-Code $geoip2_data_country_code;
#proxy_set_header X-Country-Name $geoip2_data_country_name;
proxy_pass http://%ips%:%httpbackport%/;
}
location ^~ /apacheicons/ {
alias %sprogdir%/modules/http/%httpdriver%/icons/;
}
location ^~ /apacheerror/ {
alias %sprogdir%/modules/http/%httpdriver%/error/;
}
# Service configuration (do not edit!)
# ----------------------------
location /openserver/ {
root '%sprogdir%/modules/system/html';
autoindex off;
index index.php index.html index.htm;
%allow%allow all;
allow 127.0.0.0/8;
allow ::1/128;
allow %ips%;
deny all;
location ~* ^/openserver/.+\.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|webm|svgz?|ttf|ttc|otf|eot|woff2?)$ {
expires 1d;
access_log off;
}
location /openserver/server-status {
stub_status on;
}
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $http_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://%ips%:%httpbackport%/openserver/;
}
# End service configuration
# ----------------------------
}
$this->_debug('Start server');
$this->_socket = stream_socket_server('tcp://0.0.0.0:8080', $errno, $errstr);
if(false === $this->_socket)
{
$this->_handleException($this->_socket);
return;
}
while (true)
{
$read = $this->_connections;
array_push($read, $this->_socket);
$write = $except = null;
if (!stream_select($read, $write, $except, null))
{
break;
}
if (in_array($this->_socket, $read, true))
{
$this->_connectionSocket($read);
}
}