ini用于dockerizedwordpress的nginx.conf

worker_processes 1;
events {
worker_connections 1024;
multi_accept on;
}
http {

sendfile on;
tcp_nopush on;

index index.php index.html;

client_body_timeout 12;
client_header_timeout 12;
keepalive_timeout 15;
send_timeout 10;

# Types
include /etc/nginx/mime.types;
default_type application/octet-stream;
gzip on;
gzip_disable "msie6";

gzip_vary on;
gzip_comp_level 3;
gzip_types
text/plain text/css application/json
application/x-Javascript text/xml
application/xml application/xml+rss text/Javascript;
server {

listen 443 ssl http2;
listen [::]:443 ssl http2;

server_name your.domain.com;

root /var/www/html;

add_header Strict-Transport-Security "max-age=31536000" always;

ssl_session_timeout 10m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_ciphers &＃39;EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH&＃39;;

ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4;

ssl_certificate /etc/letsencrypt/live/your.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your.domain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/your.domain.com/chain.pem;
# Basic Settings

client_max_body_size 64M;

location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}

location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}

# allow Let&＃39;s Encrypt access to the .well-known folder
location ^~ /.well-known {
allow all;
root /data/letsencrypt/;
}
location = /favicon.ico {
access_log off;
log_not_found off;
expires max;
}
location = /robots.txt {
access_log off;
log_not_found off;
}

# Security Settings For Better Privacy Deny Hidden Files
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}

# Disallow PHP In Upload Folder
location /wp-content/uploads/ {
location ~ \.php$ {
deny all;
}
}
}
}