server { listen 80; return 301 https://$host$request_uri; } ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; ssl_prefer_server_ciphers on; server { server_name ~^(www\.)?(?.+)$; # if ($http_host != "www.$domain") { # rewrite ^ http://www.$domain$request_uri permanent; # } set $foswiki_root /home/www-data/foswiki/trunk/core; set $vhosts_root /home/www-data/vhosts; access_log /var/log/nginx/foswiki-access.log; error_log /var/log/nginx/foswiki-error.log; root $vhosts_root/$domain/html; listen 443 ssl spdy; keepalive_timeout 70; ssl on; #ssl_certificate $vhosts_root/$domain/cert.pem; #ssl_certificate_key $vhosts_root/$domain/key.pem; ssl_certificate /home/www-data/vhosts/localhost/cert.pem; ssl_certificate_key /home/www-data/vhosts/localhost/key.pem; #error_log /var/log/nginx/debug.log debug; index index.html; location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/bin/configure { gzip off; root $foswiki_root; allow 127.0.0.1; # localhost deny all; fastcgi_pass unix:/var/run/fcgiwrap.socket; fastcgi_split_path_info ^/bin/(.+?)(/.*)$; fastcgi_param SCRIPT_FILENAME $foswiki_root/bin/configure; fastcgi_param PATH_INFO $fastcgi_path_info; include fastcgi_params; } location = / { try_files $uri @foswiki; } location ~ ^/([A-Z_].*)$ { rewrite ^/(.*)$ /bin/view/$1; } location ~ ^/pub/(System|Applications|images|cache)/ { root $vhosts_root/$domain; expires 8h; gzip_static on; } location /pub { #rewrite ^/pub/(.*)$ /bin/viewfile/$1; rewrite ^/pub/(.*)$ /bin/xsendfile/$1; } # TODO: see http://wiki.nginx.org/X-accel location /files { internal; alias $vhosts_root/$domain/pub/; } location ~ ^/bin { try_files $uri @foswiki; } location ~ (^/lib|^/data|^/locale|^/templates|^/tools|^/work) { deny all; } location /dav { gzip off; fastcgi_pass 127.0.0.1:9002; fastcgi_split_path_info ^/dav/(.+?)(/.*)$; fastcgi_param SCRIPT_FILENAME $foswiki_root/tools/wedav.fcgi; fastcgi_param PATH_INFO $fastcgi_path_info; include fastcgi_params; } location @foswiki { gzip off; fastcgi_pass 127.0.0.1:9001; fastcgi_split_path_info ^/bin/(.+?)(/.*)$; fastcgi_param SCRIPT_FILENAME $foswiki_root/bin/virtualhosts.fcgi; fastcgi_param PATH_INFO $fastcgi_path_info; include fastcgi_params; } if ($http_user_agent ~ ^SiteSucker|^iGetter|^larbin|^LeechGet|^RealDownload|^Teleport|^Webwhacker|^WebDevil|^Webzip|^Attache|^SiteSnagger|^WX_mail|^EmailCollector|^WhoWhere|^Roverbot|^ActiveAgent|^EmailSiphon|^CrownPeak-HttpAgent|^$) { rewrite .* /404.html break; } location ~ (^/lib|^/data|^/locale|^/templates|^/tools|^/work) { deny all; } }