-
server { listen 80 default_server; server_name localhost; root /opt/una; client_max_body_size 1024M; ############################################################################# Client Timeout ############################################################################# ## request timed out -- default 60# read timeout for the request body from client, its set for testing purpose client_body_timeout 3600; # how long to wait for the client to send a request header, its set for testing purpose client_header_timeout 3600; # server will close connection after this time keepalive_timeout 3600; ## if client stop responding, free up memory -- default 60 send_timeout 3600; ## Reset lingering timed out connections. Deflect DDoS.## allow the server to close connection on non responding client, this will free up memory reset_timedout_connection on; ############################################################################# Proxy Timeout ############################################################################# proxy_connect_timeout 3600; proxy_send_timeout 3600; proxy_read_timeout 3600; ############################################################################# Location / ############################################################################# location / { index index.html index.htm index.php; rewrite "^/page/(.*)$" /page.php?i=$1 last; rewrite "^/m/(.*)$" /modules/index.php?r=$1 last; rewrite "^/s/([a-zA-Z0-9_]+)/([a-zA-Z0-9\.]+)" /storage.php?o=$1&f=$2 last; if (!-e $request_filename) { rewrite ^/(.+)$ /r.php?_q=$1 last; break; } # Block requests with suspicious patterns#if ($query_string ~* "(\%60|\%7C|\%26|\%24|\%3B|\%28|\%29)") {#return 403;#} } index index.php index.html index.htm; location ~ \.php$ { fastcgi_pass php:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; # Adăugați aceste setări de timeout fastcgi_connect_timeout 3600; fastcgi_send_timeout 3600; fastcgi_read_timeout 3600; fastcgi_buffer_size 128k; fastcgi_buffers 4 256k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; } ############################################################################# HSTS policy ##############################################################################add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;#add_header X-Frame-Options "SAMEORIGIN" always;#add_header X-XSS-Protection "1; mode=block" always;#add_header X-Content-Type-Options "nosniff" always;# add_header Content-Security-Policy "default-src 'self'" always;#add_header Referrer-Policy "strict-origin-when-cross-origin" always; ############################################################################# serve static files directly Tanks to Alex T https://una.io/u/alex-t ############################################################################# location ~* ^(/cache_public/|/plugins_public/|/modules/|/studio/|/template/).+\.(jpg|jpeg|gif|css|png|js|ico|svg|eot|ttf|woff|woff2|)$ { access_log off; expires 1h; # root /opt/una# add_header Cache-Control "public"; try_files $uri =404; } ############################################################################# deny access to hidden files ############################################################################# location ~ /(\.ht|\.git) { deny all; } ############################################################################# deny access to specific folders ############################################################################# location ~ ^/(cache/|storage/|logs/|plugins/|tmp/) { deny all; } ############################################################################# Memcached Integration ############################################################################# location /memcached { # Example using just the URI as the key# set $memcached_key $uri; # Example with query parameters included# set $memcached_key $uri$is_args$args; # Example with a custom key set $memcached_key "key-$uri-$arg_user_id"; # Pass the key to the Memcached server memcached_pass memcached_server; # Define the response type default_type application/json; # Handle errors error_page 404 = /memcached_not_found; } location = /memcached_not_found { return 404 "{\"error\": \"Not found in Memcached\"}"; } ############################################################################# Permissions-Policy and CORS ##############################################################################add_header Permissions-Policy "accelerometer=(), autoplay=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=(), ch-ua-form-factor=('self' 'https://accounts.google.com')" always;#add_header Access-Control-Allow-Origin "https://www.googleapis.com https://accounts.google.com https://maps.googleapis.com https://www.coozila.com https://coozila.com https://agi.coozila.com https://onesignal.com" always;#add_header Access-Control-Allow-Credentials "true" always;#add_header Access-Control-Allow-Headers "Content-Type, Authorization, X-Requested-With" always; }
Comment to '14.0.0-B2 visualization error in the developer app fresh install'