HEX
Server: nginx/1.18.0
System: Linux srv01 5.15.0-171-generic #181-Ubuntu SMP Fri Feb 6 22:44:50 UTC 2026 x86_64
User: RaviMohan (1026)
PHP: 7.4.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /etc/nginx/sites-enabled/
Upload Files
File: //etc/nginx/sites-enabled/allwintraders.com
map $http_accept $webp_suffix {
  default "";
  "~*webp" ".webp";
}

server {

    listen [::]:443 ssl http2;
    listen 443 ssl http2;
    
    root /home/ParamjitSinghFlora/allwintraders.com/web;
    index index.php index.html;

    server_name www.allwintraders.com;

    access_log /home/ParamjitSinghFlora/allwintraders.com/logs/access.log;
    error_log /home/ParamjitSinghFlora/allwintraders.com/logs/error.log info;

    client_max_body_size 64M;
    
    location ~* ^.+\.(png|jpe?g|gif)$ {
        add_header Vary Accept;
        try_files $uri$webp_suffix $uri =404;
    }

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }

    rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml$ "/index.php?xml_sitemap=params=$2" last;
    rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml\.gz$ "/index.php?xml_sitemap=params=$2;zip=true" last;
    rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html$ "/index.php?xml_sitemap=params=$2;html=true" last;
    rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html.gz$ "/index.php?xml_sitemap=params=$2;html=true;zip=true" last;


    # Global restrictions configuration file.
    # Designed to be included in any server {} block.
    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }
 
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
 
    # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
    # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
    location ~ /\. {
        deny all; 
    }
 
    # Deny access to any files with a .php extension in the uploads directory
    # Works in sub-directory installs and also in multisite network
    # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
    location ~* /(?:uploads|files)/.*\.php$ {
        deny all;
    }

    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        expires max;
        log_not_found off;
    }

	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_pass unix:/var/run/php/php8.2-fpm-ParamjitSinghFlora.sock;
		fastcgi_index index.php;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		include fastcgi_params;
		client_max_body_size 24M;
		fastcgi_buffers 16 32k;
		fastcgi_buffer_size 32k;
		proxy_buffer_size   128k;
		proxy_buffers   4 256k;
		proxy_busy_buffers_size   256k;
	}

# Cloudflare SSL
    ssl_certificate         /home/ParamjitSinghFlora/allwintraders.com/.ssl/fullchain.pem;
    ssl_certificate_key     /home/ParamjitSinghFlora/allwintraders.com/.ssl/privkey.pem;
    ssl_dhparam             /home/ParamjitSinghFlora/allwintraders.com/.ssl/dhparam.pem;

}

server {
    listen [::]:443 ssl http2;
    listen 443 ssl http2;

    server_name allwintraders.com;

    # Cloudflare SSL
    ssl_certificate         /home/ParamjitSinghFlora/allwintraders.com/.ssl/fullchain.pem;
    ssl_certificate_key     /home/ParamjitSinghFlora/allwintraders.com/.ssl/privkey.pem;

    return 301 https://www.allwintraders.com$request_uri;
}

server {
    listen [::]:80;
    listen 80;

    server_name allwintraders.com;

    return 301 https://www.allwintraders.com$request_uri;

}

server {
    listen [::]:80;
    listen 80;

    server_name www.allwintraders.com;

    return 301 https://www.allwintraders.com$request_uri;

}
@ Telegram