48 lines
1.2 KiB
Nginx Configuration File
48 lines
1.2 KiB
Nginx Configuration File
server_tokens off;
|
|
|
|
add_header X-Frame-Options SAMEORIGIN;
|
|
add_header X-Content-Type-Options nosniff;
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
|
add_header Referrer-Policy "same-origin";
|
|
add_header Feature-Policy "geolocation none;";
|
|
add_header Content-Security-Policy upgrade-insecure-requests;
|
|
|
|
index index.php index.html;
|
|
charset UTF-8;
|
|
default_type text/html;
|
|
|
|
gzip on;
|
|
gzip_disable "msie6";
|
|
|
|
gzip_vary on;
|
|
gzip_proxied any;
|
|
gzip_comp_level 6;
|
|
gzip_buffers 16 8k;
|
|
gzip_min_length 10;
|
|
gzip_http_version 1.1;
|
|
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/png image/gif image/jpeg;
|
|
|
|
client_max_body_size 64M;
|
|
|
|
# Force HTTPS on Heroku
|
|
if ($http_x_forwarded_proto = "http") {
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
|
|
location / {
|
|
# try to serve file directly, fallback to rewrite
|
|
try_files $uri @rewriteapp;
|
|
}
|
|
|
|
location @rewriteapp {
|
|
# rewrite all to app.php
|
|
rewrite ^(.*)$ /app.php/$1 last;
|
|
}
|
|
|
|
location ~ ^/(app|app_dev|config)\.php(/|$) {
|
|
try_files @heroku-fcgi @heroku-fcgi;
|
|
# ensure that /app.php isn't accessible directly, but only through a rewrite
|
|
internal;
|
|
}
|