Home Explore Help
Sign In
yosoyhendrix
/
hestiacp
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: main
Branches Tags
hestiacp
/
install
/
deb
/
templates
/
mail
/
nginx
/
default_disabled.stpl

default_disabled.stpl 874 B
Permalink History Raw

1234567891011121314151617181920212223242526272829303132 
  1. server {
    2. 

  2. 	listen      %ip%:%proxy_ssl_port% ssl;
    3. 

  3. 	server_name %domain_idn% %alias_idn%;
    4. 

  4. 	index       index.php index.html index.htm;
    5. 

  5. 	access_log  /var/log/nginx/domains/%domain%.log combined;
    6. 

  6. 	error_log   /var/log/nginx/domains/%domain%.error.log error;
    7. 

  7. 

  8. 	ssl_certificate     %ssl_pem%;
    9. 

  9. 	ssl_certificate_key %ssl_key%;
    10. 

  10. 	#Commented out ssl_stapling directives due to Lets Encrypt ending OCSP support in 2025
    11. 

  11. 	#ssl_stapling        on;
    12. 

  12. 	#ssl_stapling_verify on;
    13. 

  13. 

  14. 	# TLS 1.3 0-RTT anti-replay
    15. 

  15. 	if ($anti_replay = 307) { return 307 https://$host$request_uri; }
    16. 

  16. 	if ($anti_replay = 425) { return 425; }
    17. 

  17. 

  18. 	location ~ /\.(?!well-known\/) {
    19. 

  19. 		deny all;
    20. 

  20. 		return 404;
    21. 

  21. 	}
    22. 

  22. 

  23. 	location / {
    24. 

  24. 		proxy_ssl_server_name on;
    25. 

  25. 		proxy_ssl_name $host;
    26. 

  26. 		proxy_pass http://%ip%:%web_port%;
    27. 

  27. 	}
    28. 

  28. 

  29. 	proxy_hide_header Upgrade;
    30. 

  30. 

  31. 	include %home%/%user%/conf/mail/%root_domain%/%proxy_system%.ssl.conf_*;
    32. 

  32. }
    33.