Create default

2022-03-19 02:34:27 +01:00
parent 60da7afa29
commit 092620fb38
1 changed files with 60 additions and 0 deletions
@@ -0,0 +1,60 @@
+    server {
+        listen       80;
+        server_name  localhost;
+        testcookie on;
+        root /hostdata/default/public_html/;
+
+        modsecurity on;
+        modsecurity_rules_file /nginx/modsec/main.conf;
+
+        location ^~ /cdn {
+            testcookie off;
+        }
+
+        location / {
+            SecRulesEnabled;
+            DeniedUrl "/denied/";
+            CheckRule "$SQL >= 8" BLOCK;
+            CheckRule "$RFI >= 8" BLOCK;
+            CheckRule "$TRAVERSAL >= 4" BLOCK;
+            CheckRule "$EVADE >= 4" BLOCK;
+            CheckRule "$XSS >= 8" BLOCK;
+
+            index  index.html index.htm;
+        }
+
+        location /denied/ {
+          return 403;
+        }
+        #error_page  404              /404.html;
+
+        # redirect server error pages to the static page /50x.html
+        #
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+            root   html;
+        }
+
+        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+        #
+        #location ~ \.php$ {
+        #    proxy_pass   http://127.0.0.1;
+        #}
+
+        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+        #
+        #location ~ \.php$ {
+        #    root           html;
+        #    fastcgi_pass   127.0.0.1:9000;
+        #    fastcgi_index  index.php;
+        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
+        #    include        fastcgi_params;
+        #}
+
+        # deny access to .htaccess files, if Apache's document root
+        # concurs with nginx's one
+        #
+        #location ~ /\.ht {
+        #    deny  all;
+        #}
+    }