File: //etc/nginx/sites-enabled/rabatteries.in
map $http_accept $webp_suffix {
default "";
"~*webp" ".webp";
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
root /home/KawaljitDhami/rabatteries.in/web;
index index.php index.html;
server_name www.rabatteries.in;
access_log /home/KawaljitDhami/rabatteries.in/logs/access.log;
error_log /home/KawaljitDhami/rabatteries.in/logs/error.log error;
client_max_body_size 64M;
# Divi fix
set $cache_bypass_flag 0;
if ($arg_et_fb = "1") {
set $cache_bypass_flag 1;
}
location ~ ^/et_body_layout/(.*) {
try_files $uri $uri/ /index.php?$is_args$args;
set $cache_bypass_flag 1;
}
location ~ ^/wp-json/(.*) {
try_files $uri $uri/ /index.php?$is_args$args;
set $cache_bypass_flag 1;
}
# Cloudflare real IP resolution
include snippets/cloudflare-realip.conf;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml$ "/index.php?xml_sitemap=params=$2" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml\.gz$ "/index.php?xml_sitemap=params=$2;zip=true" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html$ "/index.php?xml_sitemap=params=$2;html=true" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html.gz$ "/index.php?xml_sitemap=params=$2;html=true;zip=true" last;
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
deny all;
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php/php8.2-fpm-KawaljitDhami.sock;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME /home/KawaljitDhami/rabatteries.in/web$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT /home/KawaljitDhami/rabatteries.in/web;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
# Divi fix
fastcgi_cache_bypass $cache_bypass_flag;
fastcgi_no_cache $cache_bypass_flag;
}
location ~* ^.+\.(png|jpe?g|gif)$ {
add_header Vary Accept;
try_files $uri$webp_suffix $uri =404;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|webp)$ {
expires max;
log_not_found off;
}
# Global restrictions configuration file.
# Designed to be included in any server {} block.
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# gzip
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/bmp application/java application/msword application/vnd.ms-fontobject application/x-msdownload image/x-icon image/webp application/json application/vnd.ms-access application/vnd.ms-project application/x-font-otf application/vnd.ms-opentype application/vnd.oasis.opendocument.database application/vnd.oasis.opendocument.chart application/vnd.oasis.opendocument.formula application/vnd.oasis.opendocument.graphics application/vnd.oasis.opendocument.spreadsheet application/vnd.oasis.opendocument.text audio/ogg application/pdf application/vnd.ms-powerpoint application/x-shockwave-flash image/tiff application/x-font-ttf audio/wav application/vnd.ms-write application/font-woff application/font-woff2 application/vnd.ms-excel application/xml application/xml+rss;
# WP Super Cache
set $cache_uri $request_uri;
# POST requests should always go to PHP
if ($request_method = POST) {
set $cache_uri 'null cache';
}
# urls with a query string should always go to PHP
if ($query_string != "") {
set $cache_uri 'null cache';
}
# Request from WordPress should always go to PHP, otherwise preload will not work
# . in domain must be escaped with \.
if ($http_user_agent ~* ^WordPress.*\ www\.apexxgoldmining\.com$ ) {
set $cache_uri 'null cache';
}
# Don't cache uris containing the following segments
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
|wp-.*.php|/feed/|index.php|wp-comments-popup.php
|wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
|[a-z0-9_-]+-sitemap([0-9]+)?.xml)
|/et_*") {
set $cache_uri 'null cache';
}
# Use this block only when wp comments are allowed.
# Don't use the cache for logged-in users or recent commenters
# if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
# |wp-postpass|wordpress_logged_in") {
# set $cache_uri 'null cache';
# }
# Don't use the cache for logged-in users
if ($http_cookie ~* "wordpress_logged_in") {
set $cache_uri 'null cache';
}
# Set the cache file (we assume that this server block serves only https requests!)
set $cachefile "/wp-content/cache/supercache/$host$cache_uri/index-https.html";
# Try in the following order: (1) cachefile, (2) normal url, (3) php
location / {
try_files $cachefile $uri $uri/ /index.php?$is_args$args;
}
# Cloudflare SSL
ssl_certificate /home/KawaljitDhami/rabatteries.in/.ssl/fullchain.pem;
ssl_certificate_key /home/KawaljitDhami/rabatteries.in/.ssl/privkey.pem;
# ssl_dhparam /home/KawaljitDhami/rabatteries.in/.ssl/dhparam.pem;
ssl_session_timeout 60m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name rabatteries.in;
# Cloudflare SSL
ssl_certificate /home/KawaljitDhami/rabatteries.in/.ssl/fullchain.pem;
ssl_certificate_key /home/KawaljitDhami/rabatteries.in/.ssl/privkey.pem;
# ssl_dhparam /home/KawaljitDhami/rabatteries.in/.ssl/dhparam.pem;
ssl_session_timeout 60m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
return 301 https://www.rabatteries.in$request_uri;
}
server {
listen [::]:80;
listen 80;
server_name rabatteries.in;
return 301 https://www.rabatteries.in$request_uri;
}
server {
listen [::]:80;
listen 80;
server_name www.rabatteries.in;
return 301 https://www.rabatteries.in$request_uri;
}