Home Explore Help
Sign In
yosoyhendrix
/
hestiacp
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: release
Branches Tags
hestiacp
/
install
/
deb
/
templates
/
web
/
nginx
/
caching.stpl

caching.stpl 2.2 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980 
  1. #=========================================================================#
    2. 

  2. # Default Web Domain Template                                             #
    3. 

  3. # DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS   #
    4. 

  4. # https://hestiacp.com/docs/server-administration/web-templates.html      #
    5. 

  5. #=========================================================================#
    6. 

  6. 

  7. server {
    8. 

  8. 	listen      %ip%:%proxy_ssl_port% ssl;
    9. 

  9. 	server_name %domain_idn% %alias_idn%;
    10. 

  10. 	error_log   /var/log/%web_system%/domains/%domain%.error.log error;
    11. 

  11. 

  12. 	ssl_certificate     %ssl_pem%;
    13. 

  13. 	ssl_certificate_key %ssl_key%;
    14. 

  14. 	ssl_stapling        on;
    15. 

  15. 	ssl_stapling_verify on;
    16. 

  16. 

  17. 	# TLS 1.3 0-RTT anti-replay
    18. 

  18. 	if ($anti_replay = 307) { return 307 https://$host$request_uri; }
    19. 

  19. 	if ($anti_replay = 425) { return 425; }
    20. 

  20. 

  21. 	include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
    22. 

  22. 

  23. 	location ~ /\.(?!well-known\/|file) {
    24. 

  24. 		deny all;
    25. 

  25. 		return 404;
    26. 

  26. 	}
    27. 

  27. 

  28. 	location / {
    29. 

  29. 		proxy_ssl_server_name on;
    30. 

  30. 		proxy_ssl_name $host;
    31. 

  31. 		proxy_pass https://%ip%:%web_ssl_port%;
    32. 

  32. 

  33. 		proxy_cache %domain%;
    34. 

  34. 		proxy_cache_valid 200 5m;
    35. 

  35. 		proxy_cache_valid 301 302 10m;
    36. 

  36. 		proxy_cache_valid 404 10m;
    37. 

  37. 		proxy_cache_bypass $no_cache $cookie_session $http_x_update;
    38. 

  38. 		proxy_no_cache $no_cache;
    39. 

  39. 

  40. 		set $no_cache 0;
    41. 

  41. 

  42. 		if ($request_uri ~* "/wp-admin/|/wp-json/|wp-.*.php|xmlrpc.php|/store.*|/cart.*|/my-account.*|/checkout.*|/user/|/admin/|/administrator/|/manager/|index.php") {
    43. 

  43. 			set $no_cache 1;
    44. 

  44. 		}
    45. 

  45. 

  46. 		if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|woocommerce_items_in_cart|woocommerce_cart_hash|PHPSESSID") {
    47. 

  47. 			set $no_cache 1;
    48. 

  48. 		}
    49. 

  49. 

  50. 		if ($http_cookie ~ SESS) {
    51. 

  51. 			set $no_cache 1;
    52. 

  52. 		}
    53. 

  53. 

  54. 		location ~* ^.+\.(%proxy_extensions%)$ {
    55. 

  55. 			try_files   $uri @fallback;
    56. 

  56. 

  57. 			root        %sdocroot%;
    58. 

  58. 			access_log  /var/log/%web_system%/domains/%domain%.log combined;
    59. 

  59. 			access_log  /var/log/%web_system%/domains/%domain%.bytes bytes;
    60. 

  60. 

  61. 			expires     max;
    62. 

  62. 

  63. 			proxy_cache off;
    64. 

  64. 		}
    65. 

  65. 	}
    66. 

  66. 

  67. 	location @fallback {
    68. 

  68. 		proxy_ssl_server_name on;
    69. 

  69. 		proxy_ssl_name $host;
    70. 

  70. 		proxy_pass https://%ip%:%web_ssl_port%;
    71. 

  71. 	}
    72. 

  72. 

  73. 	location /error/ {
    74. 

  74. 		alias %home%/%user%/web/%domain%/document_errors/;
    75. 

  75. 	}
    76. 

  76. 

  77. 	proxy_hide_header Upgrade;
    78. 

  78. 

  79. 	include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
    80. 

  80. }
    81.