From 53f04ba22384333d1e1e2cfc59e366cb5e1fc28e Mon Sep 17 00:00:00 2001
From: denisdulici <denisdulici@gmail.com>
Date: Thu, 7 Mar 2019 10:35:08 +0300
Subject: [PATCH] updated nginx config

---
 nginx.example.com.conf | 51 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 nginx.example.com.conf

diff --git a/nginx.example.com.conf b/nginx.example.com.conf
new file mode 100644
index 000000000..b67a8a5df
--- /dev/null
+++ b/nginx.example.com.conf
@@ -0,0 +1,51 @@
+server {
+    listen 80 default_server;
+    listen 443 ssl http2;
+    
+    ssl_certificate /ssl/crt/file.crt;
+    ssl_certificate_key /ssl/key/file.key;
+    
+    server_name example.com;
+
+    root /var/www/example.com/public_html;
+
+    index index.html index.htm index.php;
+
+    charset utf-8;
+
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+
+    # Prevent Direct Access To Protected Files
+    location ~ \.(env|log) {
+        deny all;
+    }
+
+    # Prevent Direct Access To Protected Folders
+    location ~ ^/(app|bootstrap|config|database|resources|routes|storage|tests|artisan) {
+        deny all;
+    }
+ 
+    # Prevent Direct Access To modules/vendor Folders Except Assets
+    location ~ ^/(modules|vendor)\/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ {
+        deny all;
+    }
+
+    # Pass PHP Scripts To FastCGI Server
+    location ~ \.php$ {
+        try_files $uri /index.php =404;
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; # Depends On The PHP Version
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+
+        fastcgi_intercept_errors off;
+        fastcgi_buffer_size 16k;
+        fastcgi_buffers 4 16k;
+        fastcgi_connect_timeout 300;
+        fastcgi_send_timeout 300;
+        fastcgi_read_timeout 300;
+    }
+}