Nginx config. #247

alexdatur · 2024-10-20T18:28:13Z

Hi! Using service behind CF and Nginx. van somebody gives best practice nginx config?
Thanx.
My config:

server {
listen 80;
server_name ip.***.xyz;

# Редирект с HTTP на HTTPS
return 301 https://$host$request_uri;

}

server {
listen 443 ssl;
server_name ip.***.xyz;

# Параметры SSL
ssl_certificate /var/docker/cloudflare_tls/origin.pem;
ssl_certificate_key /var/docker/cloudflare_tls/key.pem;

# Дополнительные параметры SSL (рекомендуется)
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'HIGH:!aNULL:!MD5';
ssl_prefer_server_ciphers on;

# Настройки для вашего приложения
location / {
    proxy_pass http://localhost:18966;  # Прокси на ваш сервис
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;

    # Установка заголовков для безопасности
    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header Referrer-Policy no-referrer-when-downgrade;
}

# Логи (опционально)
access_log /var/log/nginx/ip.***.xyz.access.log;
error_log /var/log/nginx/ip.***.xyz.error.log;

}

The text was updated successfully, but these errors were encountered:

alexdatur added the enhancement New feature or request label Oct 20, 2024

jason5ng32 removed the enhancement New feature or request label Oct 24, 2024

Repository owner locked and limited conversation to collaborators Oct 30, 2024

jason5ng32 converted this issue into discussion #251 Oct 30, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

This issue was moved to a discussion.

Nginx config. #247

Nginx config. #247

alexdatur commented Oct 20, 2024

This issue was moved to a discussion.

This issue was moved to a discussion.

Nginx config. #247

Nginx config. #247

Comments

alexdatur commented Oct 20, 2024

This issue was moved to a discussion.