server { listen 80; listen 443 ssl http2; server_name linyaohong.com www.linyaohong.com; index index.php index.html index.htm default.php default.htm default.html; root /data/wwwroot/www.linyaohong.com; if ($host ~ '^linyaohong.com') { return 301 http://www.linyaohong.com$request_uri; } if ($server_port !~ 443){ rewrite ^(/.*)$ https://$host$1 permanent; } error_page 404 403 /404.html; error_page 502 /502.html; ssl_certificate /server/application/nginx/conf/ssl/linyaohong.com.pem; ssl_certificate_key /server/application/nginx/conf/ssl/linyaohong.com.key; ssl_protocols TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; error_page 497 https://$host$request_uri; if ($http_user_agent ~* (Scrapy|Curl|HttpClient)) { return 403; } if ($request_method !~ ^(GET|HEAD|POST)$) { return 403; } if ($http_user_agent ~* "bingbot|CoolpadWebkit|WinHttp|YisouSpider|WebBench|WebZIP|FetchURL|node-superagent|java|FeedDemon|Jullo|JikeSpider|Indy Library|Alexa Toolbar|AskTbFXTV|AhrefsBot|CrawlDaddy|Java|Feedly|Apache-HttpAsyncClient|UniversalFeedParser|ApacheBench|Microsoft URL Control|Swiftbot|ZmEu|oBot|jaunty|Python-urllib|lightDeckReports Bot|YYSpider|DigExt|HttpClient|MJ12bot|heritrix|EasouSpider|Ezooms|BOT/0.1|YandexBot|FlightDeckReports|Linguee Bot|^$" ) { return 404; } location ~ [^/]\.php(/|$) { #fastcgi_pass remote_php_ip:9000; fastcgi_pass unix:/dev/shm/php-cgi.sock; fastcgi_index index.php; include fastcgi.conf; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ { expires 30d; access_log off; } location ~ .*\.(js|css)?$ { expires 7d; access_log off; } location ~ ^/(\.user.ini|\.ht|\.git|\.svn|\.project|LICENSE|README.md) { deny all; } error_log /data/wwwlogs/www.linyaohong.com.error.log; access_log /data/wwwlogs/www.linyaohong.com.access.log main; access_log /data/wwwlogs/linyaohong.com.access.log logstash_json; }