Fellipe Sanches' website

Category: Server

  • Configuração para o NGINX

    Olá, hoje vamos ver aqui como confirgurar o servidor web Nginx, partindo de alguns conceitos básicos para o seu funcionamento, até sua configuração para produção.

    Neste exemplo vamos fazer a instalação do Nginx versão Open Source no Ubuntu Server (ver outras opções).

    Instalando o NGNIX

    No Linux:

    sudo apt-get update (para atualizar o repositório do Linux)

sudo apt-get install nginx (para instalar o Ngnix)

sudo nginx -v (para verificar a instalação)

curl -I 127.0.0.1 (para verificar se o Ngnix está rodando e acessível na loopback)
    # Default server configuration

#

server {

        listen 80 default_server;

        listen [::]:80 default_server;

        # SSL configuration

        #

        # Note: You should disable gzip for SSL traffic.

        # See: https://bugs.debian.org/773332

        #

        # Read up on ssl_ciphers to ensure a secure configuration.

        # See: https://bugs.debian.org/765782

        #

        # Self signed certs generated by the ssl-cert package

        # Don't use them in a production server!

        #

        # include snippets/snakeoil.conf;

        listen 443 ssl default_server;

        listen [::]:443 ssl default_server;

        ssl_certificate /etc/ssl/mywebsite.com.crt;

        ssl_certificate_key /etc/ssl/mywebsite.com.key;

        root /var/www/company_website;

        # Add index.php to the list if you are using PHP

        index index.php index.html;

        server_name *.amazonaws.com;

        #redirects para inscricoes nos formularios de eventos do site antigo

        rewrite ^(/events/internal/.*) https://old.mywebsite.com$1 permanent;

        rewrite ^(/events/commercial/.*) https://old.mywebsite.com$1 permanent;

        rewrite ^(/specific/report-july/.*) https://old.mywebsite.com$1 permanent;

        location / {

                # First attempt to serve request as file, then

                # as directory, then fall back to displaying a 404.

                try_files $uri $uri/ /index.php$is_args$args;

                add_header Access-Control-Allow-Origin 'https://checkout.mywebsite.com';

        }

        # pass PHP scripts to FastCGI server

        #

        location ~ \.php$ {

                include snippets/fastcgi-php.conf;

        #

        #       # With php-fpm (or other unix sockets):

                fastcgi_pass unix:/run/php/php8.1-fpm.sock;

        #       # With php-cgi (or other tcp sockets):

        #       fastcgi_pass 127.0.0.1:9000;

        }

        # deny access to .htaccess files, if Apache's document root

        # concurs with nginx's one

        #

        location ~ /\.ht {

                deny all;

        }

        location ~ ^/wp-admin {

                allow 1.2.3.4; # INTERNAL LINK COMPANY

                allow 2.3.4.5; # FELLIPE'S HOME OFFICE

                deny all;

        }

        location ~ ^/wp-login.php {

                allow 1.2.3.4; # INTERNAL LINK COMPANY

                allow 2.3.4.5; # FELLIPE'S HOME OFFICE

                deny all;

        }

        location ~ ^/login {

                allow 1.2.3.4; # INTERNAL LINK COMPANY

                allow 2.3.4.5; # FELLIPE'S HOME OFFICE

                deny all;

        }

        location ~ /?author=([0-9]*) {

                deny all;

        }

        location = /xmlrpc.php {

                deny all;
                
        }

}