2014-08-12 11:00:54 +00:00
|
|
|
## $HOSTNAME
|
2014-07-06 12:16:50 +00:00
|
|
|
|
2014-05-14 12:15:11 +00:00
|
|
|
# Redirect all HTTP to HTTPS.
|
2013-09-01 14:24:49 +00:00
|
|
|
server {
|
|
|
|
listen 80;
|
2014-06-20 01:16:38 +00:00
|
|
|
listen [::]:80;
|
2013-09-01 14:24:49 +00:00
|
|
|
|
2014-06-20 01:16:38 +00:00
|
|
|
server_name $HOSTNAME;
|
2014-05-14 12:15:11 +00:00
|
|
|
root /tmp/invalid-path-nothing-here;
|
2015-02-01 19:13:03 +00:00
|
|
|
|
|
|
|
# Improve privacy: Hide version an OS information on
|
|
|
|
# error pages and in the "Server" HTTP-Header.
|
|
|
|
server_tokens off;
|
|
|
|
|
2015-02-01 00:32:07 +00:00
|
|
|
# Redirect using the 'return' directive and the built-in
|
|
|
|
# variable '$request_uri' to avoid any capturing, matching
|
|
|
|
# or evaluation of regular expressions.
|
|
|
|
return 301 https://$HOSTNAME$request_uri;
|
2013-09-07 20:53:25 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
# The secure HTTPS server.
|
|
|
|
server {
|
|
|
|
listen 443 ssl;
|
2014-11-28 14:40:02 +00:00
|
|
|
listen [::]:443 ssl;
|
2013-09-01 14:24:49 +00:00
|
|
|
|
2014-06-20 01:16:38 +00:00
|
|
|
server_name $HOSTNAME;
|
2013-09-07 20:53:25 +00:00
|
|
|
|
2015-02-01 19:13:03 +00:00
|
|
|
# Improve privacy: Hide version an OS information on
|
|
|
|
# error pages and in the "Server" HTTP-Header.
|
|
|
|
server_tokens off;
|
|
|
|
|
2014-06-20 01:16:38 +00:00
|
|
|
ssl_certificate $SSL_CERTIFICATE;
|
|
|
|
ssl_certificate_key $SSL_KEY;
|
2013-09-14 14:11:47 +00:00
|
|
|
|
2014-07-09 12:31:32 +00:00
|
|
|
# ADDITIONAL DIRECTIVES HERE
|
2013-09-01 14:24:49 +00:00
|
|
|
}
|