From 0cedfedddc3b3a8764c89f3d72460354def7df7f Mon Sep 17 00:00:00 2001 From: Lawrence Meckan Date: Wed, 7 Nov 2018 00:02:00 +1000 Subject: [PATCH] Update nginx-prestashop.conf --- nginx-prestashop.conf | 94 ++++++++++++++++++++++++++----------------- 1 file changed, 58 insertions(+), 36 deletions(-) diff --git a/nginx-prestashop.conf b/nginx-prestashop.conf index 26a2138..92ac43a 100644 --- a/nginx-prestashop.conf +++ b/nginx-prestashop.conf @@ -1,46 +1,68 @@ -index index.php; + location shop1/ { + index index.php index.html; + } + location = shop1/favicon.ico { + log_not_found off; + access_log off; + } + location = shop1/robots.txt { + auth_basic off; + allow all; + log_not_found off; + access_log off; + } -# Global restrictions configuration file. -# Designed to be included in any server {} block. -location = /favicon.ico { - log_not_found off; - access_log off; -} - -location = /robots.txt { - allow all; - log_not_found off; - access_log off; -} + # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). + location ~ shop1/. { + deny all; + access_log off; + log_not_found off; + } -# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). -# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) -location ~ /\. { - deny all; -} - -# Deny access to any files with a .php extension in the uploads directory -# Works in sub-directory installs and also in multisite network -# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) -location ~* /(?:uploads|files)/.*\.php$ { - deny all; -} + ## + # Gzip Settings + ## + gzip on; + gzip_disable "msie6"; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 1; + gzip_buffers 16 8k; + gzip_http_version 1.0; + gzip_types application/json text/css application/javascript; -# WordPress single site rules. -# Designed to be included in any server {} block. - -# This order might seem weird - this is attempted to match last if rules below fail. -# http://wiki.nginx.org/HttpCoreModule -location / { - try_files $uri $uri/ /index.php?$args; -} - -# Add trailing slash to */wp-admin requests. -rewrite /wp-admin$ $scheme://$host$uri/ permanent; + rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last; + rewrite ^/([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$1$2$3.jpg last; + rewrite ^/([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last; + rewrite ^/([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last; + rewrite ^/([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last; + rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last; + rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last; + rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last; + rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last; + rewrite ^/c/([0-9]+)(-[.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+.jpg$ /img/c/$1$2$3.jpg last; + rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+.jpg$ /img/c/$1$2.jpg last; + rewrite ^/images_ie/?([^/]+).(jpe?g|png|gif)$ /js/jquery/plugins/fancybox/images/$1.$2 last; + rewrite ^/order$ /index.php?controller=order last; + location /admin-dev/ { #Change this to your admin folder + if (!-e $request_filename) { + rewrite ^/.*$ /admin-dev/index.php last; #Change this to your admin folder + } + } + location shop1/ { + if (!-e $request_filename) { + rewrite ^/.*$ /index.php last; + } + } # Directives to send expires headers and turn off 404 error logging. location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { access_log off; log_not_found off; expires max; } + +# for people with app root as doc root, restrict access to a few things +location ~ ^/(composer\.|Procfile$|/|/) { + deny all; +}