a018c82b0e
FIX, xml files like sitemaps failing when dynamically generated (not static), like in WP.
510 lines
17 KiB
Text
510 lines
17 KiB
Text
|
|
###################################################################################
|
|
#################### Webinoly Configuration file ####################
|
|
###################################################################################
|
|
|
|
# Don't like our defaults? Every part of Webinoly is overrideable! #
|
|
# #
|
|
# You should NEVER modify this file if you are not sure about what you are doing. #
|
|
# We have made a very detailed and extensive documentation just for you! #
|
|
# Please, read: https://webinoly.com/documentation/ #
|
|
# #
|
|
# 1 - Uncomment the variable (Remove the '#' at the beggining) #
|
|
# 2 - Set your custom value (var:value) #
|
|
# 3 - And then 'sudo webinoly -server-reset' to changes take effect. #
|
|
# #
|
|
# * Reset only one package is allowed: -server-reset=php (os,nginx,php,mysql) #
|
|
###################################################################################
|
|
|
|
|
|
|
|
############################
|
|
##### Operating System #####
|
|
############################
|
|
|
|
# Timezone
|
|
# Values: https://www.php.net/manual/en/timezones.php
|
|
# Default: <empty>
|
|
# Same as: sudo webinoly -timezone
|
|
###########################
|
|
#timezone:America/Mexico_City
|
|
|
|
|
|
# Kernel Optimization
|
|
# Values: boolean (true/false)
|
|
# Default: true
|
|
###########################
|
|
#kernel-optim:true
|
|
|
|
|
|
# Percentage of RAM assigned to /run folder
|
|
# Values: numeric int (10 < % < 70)
|
|
# Default: 25
|
|
###########################
|
|
#run-folder-size:25
|
|
|
|
|
|
# Size of linux swap file
|
|
# Values: numeric int (GB)
|
|
# Default: <variable> (calculated based on your server resources)
|
|
# Note: (server-reset with 'recalculate' is needed)
|
|
###########################
|
|
#swap-mem:1
|
|
|
|
|
|
# IAM Role (AWS Credentials)
|
|
# Values: boolean (true/false)
|
|
# Default: false
|
|
# Note: (server-reset not needed)
|
|
# Note: Set to 'true' if your EC2 instance has an IAM Role attached with full access to S3
|
|
# Same as: sudo webinoly -aws-s3-credentials=awsiamrole
|
|
###########################
|
|
#awsiamrole:false
|
|
|
|
|
|
|
|
|
|
|
|
###########################
|
|
##### NGINX #####
|
|
###########################
|
|
|
|
# Nginx Branch
|
|
# Values: stable | mainline
|
|
# Default: stable
|
|
# Note: (set before installing, server-reset not needed)
|
|
# Note: NEVER change this value here when Nginx package is already installed
|
|
###########################
|
|
#nginx-ppa:stable
|
|
|
|
|
|
# Maximum Upload file size
|
|
# Values: numeric int (MB)
|
|
# Default: 100
|
|
# Note: PHP is also affected by this setting (max file/post size)
|
|
###########################
|
|
#max-mb-uploads:100
|
|
|
|
|
|
# Saved Email Address
|
|
# Values: <email-address>
|
|
# Default: <empty>
|
|
# Note: (server-reset not needed)
|
|
# Note: Let's Encrypt uses this email to register your certs.
|
|
# Note: Existing accounts won't be updated, in that case you better use the proper command shown below to update all your current certs.
|
|
# Same as: sudo webinoly -email=user@example.com
|
|
###########################
|
|
#mail:user@example.com
|
|
|
|
|
|
# SFTP Access for www-data user
|
|
# Values: boolean (true/false)
|
|
# Default: false
|
|
# Same as: sudo webinoly -login-www-data=on
|
|
###########################
|
|
#sftp-www-data:false
|
|
|
|
|
|
# Nginx Access Logs Disabled
|
|
# Values: boolean (true/false)
|
|
# Default: true
|
|
# Note: This setting will be applied to new sites, or for existing sites 'access log' needs to be reenabled (same for global).
|
|
# Same as: sudo log -only-error=on
|
|
###########################
|
|
#global-access-log-off:true
|
|
|
|
|
|
# Nginx Log Format
|
|
# Values: basic | extended | custom
|
|
# Default: basic
|
|
# With server reset only the global setting is applied.
|
|
# Note: This setting will be applied to new sites, or for existing sites 'access log' needs to be reenabled (same for global).
|
|
# Note: https://webinoly.com/documentation/logs/#format
|
|
###########################
|
|
#nginx-log-format:basic
|
|
|
|
|
|
# Nginx Error Log Level
|
|
# Values: info | notice | warn | error | crit | alert | emerg
|
|
# Default: error
|
|
# With server reset only the global setting is applied.
|
|
# Note: This setting will be applied to new sites, or for existing sites 'access log' needs to be reenabled (same for global).
|
|
###########################
|
|
#nginx-error-log-level:error
|
|
|
|
|
|
# Nginx Default Response
|
|
# Values: default | blackhole | <example.com>
|
|
# Default: default (Nginx Welcome Page)
|
|
# Note: For better security 'blackhole' is highly recommended.
|
|
# Same as: sudo webinoly -default-site=blackhole
|
|
###########################
|
|
#default-response:default
|
|
|
|
|
|
# Admin Tools Access
|
|
# Values: default | <example.com>
|
|
# Default: default
|
|
# Same as: sudo webinoly -tools-site
|
|
###########################
|
|
#tools-site:default
|
|
|
|
|
|
# Admin Tools Access Port
|
|
# Values: numeric int (< 65535)
|
|
# Default: 22222
|
|
# Same as: sudo webinoly -tools-port
|
|
###########################
|
|
#tools-port-set:22222
|
|
|
|
|
|
# HTTP Authentication Whitelist IP
|
|
# Values: <ip>,<ip>,<ip>...
|
|
# Default: <empty>
|
|
# Same as: sudo httpauth -whitelist
|
|
###########################
|
|
#auth-whitelist-ip:1.1.1.1,2.2.2.2
|
|
|
|
|
|
# Block IP Access
|
|
# Values: <ip>,<ip>,<ip>...
|
|
# Default: <empty>
|
|
# Same as: sudo webinoly -blockip
|
|
###########################
|
|
#blockip:1.1.1.1,2.2.2.2
|
|
|
|
|
|
# Block/Deny files and extensions
|
|
# Values: <filename>|<filename>... (with this extension only: txt|html|htm|md)
|
|
# Values: <ext>|<ext>... (any file using any of these extensions)
|
|
# Note: This is a security feature, please don't modify unless you are sure about it.
|
|
# Note: For example, any request to 'readme.txt' or 'name.log' will be blocked (case insensitive) by default.
|
|
# Note: To revert any changes and set the original Webinoly defaults, just #comment these two variables and then server-reset.
|
|
# Note: You can remove some extensions like 'exe' if you are distributing installers, for instance, or you can add any of your preference.
|
|
###########################
|
|
#locations-deny-files:changelog|example|installation|legalnotice|license|readme|wp-config
|
|
#locations-deny-extensions:7z|asc|asp|aspx|ba|bak|bash|bat|bin|bz2|c|cfg|cgi|class|com|conf|cpp|crt|cs|dat|db|dbf|deb|der|dll|dmg|dmp|dump|ear|exe|git|gz|h|hg|hqx|img|ini|iso|jar|jsp|log|mdb|msi|msm|msp|old|orig|original|out|pem|php#|php_bak|php~|pkg|pl|ppk|py|rar|rdf|rpm|run|save|sh|sql|srv|svn|swo|swp|sys|tar|taz|tcl|tgz|tk|tmp|tpl|tz|vb|war|wsf|z|zip
|
|
|
|
|
|
# FastCGI Cache
|
|
# Values: <time> (s,m,h,d,w,M,y)
|
|
# Default: 30d,7d,1m (Success,Inactive,Redirects)
|
|
# Note: https://webinoly.com/documentation/webinolys/#cache
|
|
# Same as: sudo webinoly -cache-valid
|
|
###########################
|
|
#fastcgi-conf:30d,7d,1m
|
|
|
|
|
|
# WordPress FastCGI Cache Defaults
|
|
# Values: all | never (query strings)
|
|
# Values: <uri>|<uri>... (url)
|
|
# Values: <cookie>|<cookie>... (cookie)
|
|
# Note: To revert any changes and set the original Webinoly defaults, just #comment these three variables and then server-reset.
|
|
# Note: Also, you can add further rules via command line using the proper commands described in the docs.
|
|
# Note: https://webinoly.com/documentation/webinolys/#cache
|
|
###########################
|
|
#wpcache-query-strings:never
|
|
#wpcache-exclude-url:/wp-admin/|/xmlrpc.php|wp-.*.php|index.php|/feed/|.*sitemap.*\.xml|/feed/|/account/|/add_to_cart/|/cart/|/my-account/|/checkout/|/logout/
|
|
#wpcache-exclude-cookie:comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart|[a-z0-9]+_cart_hash
|
|
|
|
|
|
# WordPress Login Basic Authentication
|
|
# Values: boolean (true/false)
|
|
# Default: true
|
|
# Note: (server-reset not needed)
|
|
# Note: It will be applied ONLY for sites created after this setting is changed.
|
|
# Note: For existing sites you should use the proper command 'sudo httpauth example.com -wp-admin=on'.
|
|
# Note: You can whitelist an IP to skip authentication. Read the docs!
|
|
###########################
|
|
#wp-admin-auth:true
|
|
|
|
|
|
# WordPress XMLRPC requests
|
|
# Values: open | limited | blocked
|
|
# Default: limited
|
|
###########################
|
|
#xmlrpc:limited
|
|
|
|
|
|
# HTTP Header: Cache Control
|
|
# Values: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
|
|
# Default: no-cache
|
|
# Note: Use 'off' value to disable this header.
|
|
###########################
|
|
#header-cache-control:public, max-age=604800, immutable
|
|
|
|
|
|
# HTTP Header: Content Security Policy
|
|
# Values: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
|
|
# Default: <empty>
|
|
###########################
|
|
#header-csp:default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
|
|
#header-csp-report-only:off
|
|
|
|
|
|
# HTTP Header: HTTP Strict Transport Security (HSTS)
|
|
# Values: default | preload | <max-age> | off
|
|
# Default: default (31536000)
|
|
# Note: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
|
|
###########################
|
|
#header-hsts:default
|
|
|
|
|
|
# HTTP Header: Permissions Policy
|
|
# Values: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy
|
|
# Default: <empty>
|
|
# Note: Use 'floc' value to automatically include the policy to forbid Topics API calculation.
|
|
# Note: https://developer.chrome.com/docs/privacy-sandbox/topics/#site-opt-out
|
|
###########################
|
|
#header-permissions:accelerometer=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
|
|
|
|
|
|
# HTTP Header: Referrer Policy
|
|
# Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url | off
|
|
# Default: no-referrer-when-downgrade
|
|
# Note: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
|
|
###########################
|
|
#header-referrer:no-referrer-when-downgrade
|
|
|
|
|
|
# HTTP Header: X-Content-Type-Options
|
|
# Values: boolean (true/false)
|
|
# Default: true (nosniff)
|
|
# Note: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
|
|
###########################
|
|
#header-xcto:true
|
|
|
|
|
|
# HTTP Header: X-Frame-Options
|
|
# Values: deny | sameorigin | allow-from | off
|
|
# Default: sameorigin
|
|
# Note: This header is no longer recommended and support will be removed very soon from Webinoly.
|
|
# Note: The Content-Security-Policy HTTP header has a frame-ancestors directive which obsoletes this header for supporting browsers.
|
|
# Note: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
|
|
###########################
|
|
#header-xfo:sameorigin
|
|
#header-xfo-url:<allow-from url>
|
|
|
|
|
|
# HTTP Header: X-Robots-Tag
|
|
# Values: https://developers.google.com/search/docs/advanced/robots/robots_meta_tag#xrobotstag
|
|
# Default: <empty>
|
|
# Note: Multiple X-Robots-Tag headers can be combined using the '|' delimiter.
|
|
# Note: For example, two separate headers will be added (googlebot: nofollow|otherbot: noindex, nofollow)
|
|
###########################
|
|
#header-robots:noindex,nofollow
|
|
|
|
|
|
# HTTP Header: X-XSS-Protection
|
|
# Values: boolean (true/false)
|
|
# Default: false
|
|
# Note: This header is no longer recommended and support will be removed very soon from Webinoly.
|
|
# Note: These protections are largely unnecessary in modern browsers when sites implement a strong Content-Security-Policy.
|
|
# Note: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
|
|
# Note: When true is set: (X-XSS-Protection: 1; mode=block)
|
|
###########################
|
|
#header-xssp:false
|
|
|
|
|
|
# HTTP Header: Add any other Custom Header
|
|
# Read: https://webinoly.com/documentation/webinolys/#customheaders
|
|
############################
|
|
|
|
|
|
|
|
|
|
|
|
###########################
|
|
###### PHP ######
|
|
###########################
|
|
|
|
# PHP Version
|
|
# Values: https://www.php.net/supported-versions.php
|
|
# Default: <latest-stable>
|
|
# Note: (set before installing, server-reset not needed)
|
|
# Note: NEVER change this value here when PHP package is already installed, use the proper command instead.
|
|
# Same as: sudo stack -php-ver=8.1 (<-This is the proper command to change the PHP version even when is already installed)
|
|
###########################
|
|
#php-ver:8.1
|
|
|
|
|
|
# PHP Process Manager
|
|
# Values: static | dynamic | ondemand
|
|
# Default: <variable> (calculated based on your server resources)
|
|
###########################
|
|
#php-pm:dynamic
|
|
|
|
|
|
# PHP number of child processes to be created
|
|
# Values: numeric int
|
|
# Default: <variable> (calculated based on your server resources)
|
|
# Note: start, min and max_spare_servers are calculated automatically based on this 'max_child' value.
|
|
###########################
|
|
#php-max-child:10
|
|
|
|
|
|
# PHP maximum amount of memory that a script is allowed to allocate
|
|
# Values: numeric int (MB)
|
|
# Default: 192
|
|
###########################
|
|
#php-max-mem:192
|
|
|
|
|
|
# PHP maximum time in seconds a script is allowed to run before it is terminated
|
|
# Values: numeric int (seconds)
|
|
# Default: 60
|
|
###########################
|
|
#php-max-time:60
|
|
|
|
|
|
# PHP maximum number of files allowed to be uploaded simultaneously
|
|
# Values: numeric int
|
|
# Default: 20
|
|
# Note: To modify the max file/post size, see the 'max-mb-uploads' in Nginx section, that value is also taken by PHP.
|
|
###########################
|
|
#php-max-files:20
|
|
|
|
|
|
# PHP How many input variables may be accepted
|
|
# Values: numeric int
|
|
# Default: 5000
|
|
# Note: Limit is applied to $_GET, $_POST and $_COOKIE superglobal separately.
|
|
###########################
|
|
#php-max-input-vars:5000
|
|
|
|
|
|
# PHP OpCache Validate Timestamps
|
|
# Values: boolean (true/false)
|
|
# Default: true
|
|
# Note: When this directive is disabled, you must reset OPcache manually or by restarting the Web server for changes to the filesystem to take effect.
|
|
###########################
|
|
#php-opcache-timestamps:true
|
|
|
|
|
|
# PHP OpCache Revalidate Frequency
|
|
# Values: numeric int (seconds)
|
|
# Default: 2
|
|
# Note: Raising this value can cause developers to notice that changes in PHP code not taking effect. (similar to validate timestamps)
|
|
# Note: This configuration directive is ignored if opcache.validate_timestamps is disabled.
|
|
# Note: A good value (10-15), production servers with not frequent changes in code (60).
|
|
###########################
|
|
#php-opcache-reval:2
|
|
|
|
|
|
# PHP Path_Info
|
|
# Values: boolean (true/false)
|
|
# Default: true
|
|
# Note: (server-reset not needed)
|
|
# Note: It will be applied ONLY for sites created after this setting is changed.
|
|
# Note: This setting is always 'false' for WP sites.
|
|
###########################
|
|
#php-info:true
|
|
|
|
|
|
# Redis maximum amount of memory before eviction policies
|
|
# Values: numeric int (% < 100)
|
|
# Default: 10
|
|
###########################
|
|
#redis-max-mem:10
|
|
|
|
|
|
|
|
|
|
|
|
#####################################
|
|
##### MySQL / MariaDB #####
|
|
#####################################
|
|
|
|
# Database Engine
|
|
# Values: mariadb | mysql
|
|
# Default: mariadb
|
|
# Note: (set before installing, server-reset not needed)
|
|
# Note: NEVER change this value here when MySQL/MariaDB package is already installed.
|
|
###########################
|
|
#db-engine:mariadb
|
|
|
|
|
|
# MySQL/MariaDB Version
|
|
# Values: https://mariadb.com/kb/en/mariadb-server-release-dates/ (at least latest three stable)
|
|
# Default: <latest-stable>
|
|
# Note: (set before installing, server-reset not needed)
|
|
# Note: In case of MySQL, 8.0 is the only supported version.
|
|
# Note: NEVER change this value here when MySQL (MariaDB) package is already installed, use the proper command instead.
|
|
# Same as: sudo stack -mysql-ver=10.6 (<-This is the proper command to change the MarianDB version even when is already installed)
|
|
###########################
|
|
#mysql-ver:10.6
|
|
|
|
|
|
# Saved External DB Credentials to use instead of localhost
|
|
# Values: <access-data>
|
|
# Default: <empty>
|
|
# Note: (server-reset not needed)
|
|
# Note: https://webinoly.com/documentation/sites/#externaldb
|
|
###########################
|
|
#external-dbh:<host>
|
|
#external-dbx:<port>
|
|
#external-dbu:<user>
|
|
#external-dbp:<pass>
|
|
|
|
|
|
# Default Database Privileges
|
|
# Values: basic | limited | extra | complete | full | grant | all
|
|
# Default: full
|
|
# Note: (server-reset not needed)
|
|
# Note: https://webinoly.com/documentation/webinolys/#privileges
|
|
###########################
|
|
#dbrole:full
|
|
|
|
|
|
# MySQL/MariaDB General Log
|
|
# Values: boolean (true/false)
|
|
# Default: false
|
|
# Note: When enabled, you can see this log in real-time using 'sudo log -mysql=general'
|
|
# Same as: sudo log -mysql=general -enable
|
|
#mysql-log-general:false
|
|
|
|
|
|
# MySQL/MariaDB Binary Log
|
|
# Values: boolean (true/false)
|
|
# Default: false
|
|
# Note: When enabled, you can see this log in real-time using 'sudo log -mysql=binary'
|
|
# Same as: sudo log -mysql=binary -enable
|
|
#mysql-log-binary:false
|
|
|
|
|
|
# MySQL/MariaDB Slow Query Log
|
|
# Values: boolean (true/false)
|
|
# Default: false
|
|
# Note: When enabled, you can see this log in real-time using 'sudo log -mysql=slow'
|
|
# Same as: sudo log -mysql=slow -enable
|
|
#mysql-log-slow:false
|
|
|
|
|
|
# MySQL/MariaDB Long Query Time
|
|
# Values: number int (seconds)
|
|
# Default: 10
|
|
# Note: If a query takes longer than this many seconds to execute, the query is logged to the slow query log.
|
|
# Same as: sudo log -mysql=slow -enable -long-query-time=3
|
|
#mysql-long-query-time:3
|
|
|
|
|
|
# MySQL/MariaDB Public/External Access
|
|
# Values: boolean (true/false)
|
|
# Default: false
|
|
# Same as: sudo webinoly -mysql-public-access=on
|
|
#mysql-public-access:false
|
|
|
|
|
|
|
|
|
|
|
|
#
|
|
##
|
|
#####
|
|
##########
|
|
##############
|
|
# Stop editing!
|
|
# You should NEVER change the values listed below.
|
|
# Just for internal use!
|
|
###################################################
|
|
|