Home Explore Help
Sign In
yosoyhendrix
/
hestiacp
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: docs/fix-cli-gendocs-errors
Branches Tags
hestiacp
/
install
/
deb
/
templates
/
web
/
nginx
/
caching.stpl

caching.stpl 2.1 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. #=========================================================================#
    2. 

  2. # Default Web Domain Template                                             #
    3. 

  3. # DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS   #
    4. 

  4. # https://hestiacp.com/docs/server-administration/web-templates.html      #
    5. 

  5. #=========================================================================#
    6. 

  6. 

  7. server {
    8. 

  8. 	listen      %ip%:%proxy_ssl_port% ssl;
    9. 

  9. 	server_name %domain_idn% %alias_idn%;
    10. 

  10. 	error_log   /var/log/%web_system%/domains/%domain%.error.log error;
    11. 

  11. 

  12. 	ssl_certificate     %ssl_pem%;
    13. 

  13. 	ssl_certificate_key %ssl_key%;
    14. 

  14. 	ssl_stapling        on;
    15. 

  15. 	ssl_stapling_verify on;
    16. 

  16. 

  17. 	# TLS 1.3 0-RTT anti-replay
    18. 

  18. 	if ($anti_replay = 307) { return 307 https://$host$request_uri; }
    19. 

  19. 	if ($anti_replay = 425) { return 425; }
    20. 

  20. 

  21. 	include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
    22. 

  22. 

  23. 	location ~ /\.(?!well-known\/|file) {
    24. 

  24. 		deny all;
    25. 

  25. 		return 404;
    26. 

  26. 	}
    27. 

  27. 

  28. 	location / {
    29. 

  29. 		proxy_pass https://%ip%:%web_ssl_port%;
    30. 

  30. 

  31. 		proxy_cache %domain%;
    32. 

  32. 		proxy_cache_valid 200 5m;
    33. 

  33. 		proxy_cache_valid 301 302 10m;
    34. 

  34. 		proxy_cache_valid 404 10m;
    35. 

  35. 		proxy_cache_bypass $no_cache $cookie_session $http_x_update;
    36. 

  36. 		proxy_no_cache $no_cache;
    37. 

  37. 

  38. 		set $no_cache 0;
    39. 

  39. 

  40. 		if ($request_uri ~* "/wp-admin/|/wp-json/|wp-.*.php|xmlrpc.php|/store.*|/cart.*|/my-account.*|/checkout.*|/user/|/admin/|/administrator/|/manager/|index.php") {
    41. 

  41. 			set $no_cache 1;
    42. 

  42. 		}
    43. 

  43. 

  44. 		if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|woocommerce_items_in_cart|woocommerce_cart_hash|PHPSESSID") {
    45. 

  45. 			set $no_cache 1;
    46. 

  46. 		}
    47. 

  47. 

  48. 		if ($http_cookie ~ SESS) {
    49. 

  49. 			set $no_cache 1;
    50. 

  50. 		}
    51. 

  51. 

  52. 		location ~* ^.+\.(%proxy_extensions%)$ {
    53. 

  53. 			try_files   $uri @fallback;
    54. 

  54. 

  55. 			root        %sdocroot%;
    56. 

  56. 			access_log  /var/log/%web_system%/domains/%domain%.log combined;
    57. 

  57. 			access_log  /var/log/%web_system%/domains/%domain%.bytes bytes;
    58. 

  58. 

  59. 			expires     max;
    60. 

  60. 

  61. 			proxy_cache off;
    62. 

  62. 		}
    63. 

  63. 	}
    64. 

  64. 

  65. 	location @fallback {
    66. 

  66. 		proxy_pass https://%ip%:%web_ssl_port%;
    67. 

  67. 	}
    68. 

  68. 

  69. 	location /error/ {
    70. 

  70. 		alias %home%/%user%/web/%domain%/document_errors/;
    71. 

  71. 	}
    72. 

  72. 

  73. 	proxy_hide_header Upgrade;
    74. 

  74. 

  75. 	include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
    76. 

  76. }
    77.