beenull/EHCP-Force-Edition
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Beautified nginx / apache templates

Browse source
This commit is contained in:
earnolmartin 2023-07-13 10:51:50 -06:00
parent 458cba3372
commit dc55928411
32 changed files with 855 additions and 890 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
ehcp/apachetemplate_ehcp_panel
View file

@ -33,20 +33,20 @@
</Files>
<Location "/extplorer">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
</VirtualHost>
# END OF CUSTOM GLOBAL PANEL URLS Template

30
ehcp/etc/apache2/apachetemplate_ehcp_panel
View file

@ -33,20 +33,20 @@
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
<Location "/extplorer">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
</VirtualHost>
# END OF CUSTOM GLOBAL PANEL URLS Template

10
ehcp/etc/apache2/redirect
View file

@ -1,8 +1,8 @@
# this file used in Easy Hosting Control Panel (ehcp), www.ehcp.net
<VirtualHost *>
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
</VirtualHost>

10
ehcp/etc/apache2_ssl/fork/apachetemplate
View file

@ -85,19 +85,19 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
AccessFileName .htaccess
{customhttp}
{root_password_protected_dirs}
{password_protected_dirs}
@ -205,14 +205,14 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
DirectoryIndex index.htm index.html index.php
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"

30
ehcp/etc/apache2_ssl/fork/apachetemplate_ehcp_panel
View file

@ -2,7 +2,7 @@
<VirtualHost *:80>
ServerName {domainname}
ServerAlias {domainname_alias}
RewriteEngine On
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
@ -41,20 +41,20 @@
</Files>
<Location "/extplorer">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
SSLEngine on
SSLCertificateFile {ssl_cert_path}

8
ehcp/etc/apache2_ssl/fork/apachetemplate_ipbased
View file

@ -86,14 +86,14 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
DirectoryIndex index.htm index.html index.php
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
@ -207,14 +207,14 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
DirectoryIndex index.htm index.html index.php
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"

2
ehcp/etc/apache2_ssl/fork/apachetemplate_passivedomains
View file

@ -29,7 +29,7 @@
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
SSLCertificateKeyFile {ssl_cert_key_path}

26
ehcp/etc/apache2_ssl/fork/redirect
View file

@ -1,21 +1,21 @@
# this file used in Easy Hosting Control Panel (ehcp), www.ehcp.net
<VirtualHost *:80>
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
</VirtualHost>
# FOR SSL CONFIG
<VirtualHost *:443>
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
</VirtualHost>

6
ehcp/etc/apache2_sslonly/fork/apachetemplate
View file

@ -99,14 +99,14 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
DirectoryIndex index.htm index.html index.php
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
@ -115,7 +115,7 @@
SSLCertificateFile {ssl_cert_path}
SSLCertificateKeyFile {ssl_cert_key_path}
{ssl_cert_chain_setting_with_path}
{customhttp}
{root_password_protected_dirs}
{password_protected_dirs}

28
ehcp/etc/apache2_sslonly/fork/apachetemplate_ehcp_panel
View file

@ -33,20 +33,20 @@
</Files>
<Location "/extplorer">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
SSLEngine on
SSLCertificateFile {ssl_cert_path}

4
ehcp/etc/apache2_sslonly/fork/apachetemplate_ipbased
View file

@ -100,14 +100,14 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
DirectoryIndex index.htm index.html index.php
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"

16
ehcp/etc/apache2_sslonly/fork/redirect
View file

@ -1,12 +1,12 @@
# this file used in Easy Hosting Control Panel (ehcp), www.ehcp.net
<VirtualHost *:443>
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
</VirtualHost>

2
ehcp/etc/nginx/apache_subdomain_template.nginx
View file

@ -14,7 +14,7 @@ server {
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;

6
ehcp/etc/nginx/apachetemplate.nginx
View file

@ -15,7 +15,7 @@ server {
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
@ -97,7 +97,7 @@ server {
location ~* ^/ehcp/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /var/www/new/;
}
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
@ -129,7 +129,7 @@ server {
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
}
location ~* ^/roundcube/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}

114
ehcp/etc/nginx/apachetemplate_ehcp_panel.nginx
View file

@ -1,66 +1,66 @@
# START OF CUSTOM GLOBAL PANEL URLS Template
server {
listen 80;
server_name {domainname};
listen 80;
server_name {domainname};
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root {ehcpdir};
index index.php;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root {ehcpdir};
index index.php;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /webmail2/ {
root {ehcpdir}/;
@ -81,10 +81,6 @@ server {
root {ehcpdir}/;
}
}
location /webmail/ {
rewrite ^/* /roundcube last;
}
location /roundcube/ {
root /usr/share/;

143
ehcp/etc/nginx/default.nginx
View file

@ -2,86 +2,85 @@
# nginx default server config file
server {
listen 80 default;
server_name _;
listen 80 default;
server_name _;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
#error_page 404 /404.html;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location /phpmyadmin {
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
}

68
ehcp/etc/nginx/nginx.conf
View file

@ -4,57 +4,57 @@
user {wwwuser} {wwwgroup};
worker_processes 4;
error_log /var/log/nginx/default.error.log;
error_log /var/log/nginx/default.error.log;
pid /var/run/nginx.pid;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
worker_connections 1024;
}
http {
server_names_hash_bucket_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
variables_hash_bucket_size 4096;
types_hash_max_size 4096;
limit_req_zone $binary_remote_addr zone=one:20m rate=10r/s;
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
'"$host" "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/default.access.log;
access_log /var/log/nginx/default.access.log;
sendfile on;
#tcp_nopush on;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
}

2
ehcp/etc/nginx_nonssl/apache_subdomain_template.nginx
View file

@ -14,7 +14,7 @@ server {
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;

10
ehcp/etc/nginx_nonssl/apachetemplate.nginx
View file

@ -15,7 +15,7 @@ server {
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
@ -76,10 +76,6 @@ server {
}
}
location /webmail/ {
rewrite ^/* /roundcube last;
}
location /ehcp/ {
root /var/www/new/;
index index.php index.html index.htm;
@ -97,11 +93,11 @@ server {
location ~* ^/ehcp/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /var/www/new/;
}
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}

117
ehcp/etc/nginx_nonssl/apachetemplate_ehcp_panel.nginx
View file

@ -1,68 +1,67 @@
# START OF CUSTOM GLOBAL PANEL URLS Template
server {
listen 80;
server_name {domainname};
listen 80;
server_name {domainname};
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root {ehcpdir};
index index.php;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
root {ehcpdir};
index index.php;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /webmail2/ {
root {ehcpdir}/;
index index.php index.html index.htm;
@ -82,10 +81,6 @@ server {
root {ehcpdir}/;
}
}
location /webmail/ {
rewrite ^/* /roundcube last;
}
location /roundcube/ {
root /usr/share/;

143
ehcp/etc/nginx_nonssl/default.nginx
View file

@ -2,86 +2,85 @@
# nginx default server config file
server {
listen 80 default;
server_name _;
listen 80 default;
server_name _;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
root /var/www/new;
index index.html index.htm index.php;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
#error_page 404 /404.html;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
#error_page 404 /404.html;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location /phpmyadmin {
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
}

68
ehcp/etc/nginx_nonssl/nginx.conf
View file

@ -4,57 +4,57 @@
user {wwwuser} {wwwgroup};
worker_processes 4;
error_log /var/log/nginx/default.error.log;
error_log /var/log/nginx/default.error.log;
pid /var/run/nginx.pid;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
worker_connections 1024;
}
http {
server_names_hash_bucket_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
variables_hash_bucket_size 4096;
types_hash_max_size 4096;
limit_req_zone $binary_remote_addr zone=one:20m rate=10r/s;
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
'"$host" "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/default.access.log;
access_log /var/log/nginx/default.access.log;
sendfile on;
#tcp_nopush on;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
}

4
ehcp/etc/nginx_ssl/apache_subdomain_template.nginx
View file

@ -14,7 +14,7 @@ server {
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
@ -66,7 +66,7 @@ server {
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;

20
ehcp/etc/nginx_ssl/apachetemplate.nginx
View file

@ -15,7 +15,7 @@ server {
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
@ -79,10 +79,6 @@ server {
}
}
location /webmail/ {
rewrite ^/* /roundcube last;
}
location /ehcp/ {
root /var/www/new/;
index index.php index.html index.htm;
@ -101,11 +97,11 @@ server {
location ~* ^/ehcp/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /var/www/new/;
}
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
@ -200,7 +196,7 @@ server {
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
@ -264,10 +260,6 @@ server {
}
}
location /webmail/ {
rewrite ^/* /roundcube last;
}
location /ehcp/ {
root /var/www/new/;
index index.php index.html index.htm;
@ -286,11 +278,11 @@ server {
location ~* ^/ehcp/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /var/www/new/;
}
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}

124
ehcp/etc/nginx_ssl/apachetemplate_ehcp_panel.nginx
View file

@ -10,72 +10,72 @@ server {
# FOR SSL CONFIG
server {
listen 443 ssl;
server_name {domainname};
listen 443 ssl;
server_name {domainname};
ssl_certificate {ssl_cert_path};
ssl_certificate_key {ssl_cert_key_path};
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_certificate {ssl_cert_path};
ssl_certificate_key {ssl_cert_key_path};
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root {ehcpdir};
index index.php;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
root {ehcpdir};
index index.php;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /webmail2/ {
root {ehcpdir}/;
@ -96,12 +96,8 @@ server {
root {ehcpdir}/;
}
}
location /webmail/ {
rewrite ^/* /roundcube last;
}
location /roundcube {
location /roundcube/ {
root /usr/share/;
index index.php index.html index.htm;

295
ehcp/etc/nginx_ssl/default.nginx
View file

@ -2,178 +2,179 @@
# nginx default server config file
server {
listen 80 default;
server_name _;
listen 80 default;
server_name _;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
root /var/www/new;
index index.html index.htm index.php;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
#error_page 404 /404.html;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
#error_page 404 /404.html;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location /phpmyadmin {
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
}
# For SSL CONFIG
server {
listen 443 ssl;
server_name _;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
listen 443 ssl;
server_name _;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
root /var/www/new;
index index.html index.htm index.php;
#error_page 404 /404.html;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
#error_page 404 /404.html;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location /phpmyadmin {
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
}

66
ehcp/etc/nginx_ssl/nginx.conf
View file

@ -5,55 +5,55 @@ user {wwwuser} {wwwgroup};
worker_processes 4;
error_log /var/log/nginx/default.error.log;
pid /var/run/nginx.pid;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
worker_connections 1024;
}
http {
server_names_hash_bucket_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
variables_hash_bucket_size 4096;
types_hash_max_size 4096;
limit_req_zone $binary_remote_addr zone=one:20m rate=10r/s;
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
'"$host" "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/default.access.log;
access_log /var/log/nginx/default.access.log;
sendfile on;
#tcp_nopush on;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
}

4
ehcp/etc/nginx_sslonly/apache_subdomain_template.nginx
View file

@ -14,12 +14,12 @@ server {
access_log {homedir}/logs/access_log;
access_log /var/log/nginx/access_log_multi.log combined_host;
error_log {homedir}/logs/error_log;
root {homedir};
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;

11
ehcp/etc/nginx_sslonly/apachetemplate.nginx
View file

@ -21,7 +21,7 @@ server {
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
@ -42,7 +42,6 @@ server {
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
root /usr/share/;
@ -86,10 +85,6 @@ server {
}
}
location /webmail/ {
rewrite ^/* /roundcube last;
}
location /ehcp/ {
root /var/www/new/;
index index.php index.html index.htm;
@ -108,11 +103,11 @@ server {
location ~* ^/ehcp/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /var/www/new/;
}
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}

122
ehcp/etc/nginx_sslonly/apachetemplate_ehcp_panel.nginx
View file

@ -1,71 +1,71 @@
# START OF CUSTOM GLOBAL PANEL URLS Template
server {
listen 443 ssl;
server_name {domainname};
listen 443 ssl;
server_name {domainname};
ssl_certificate {ssl_cert_path};
ssl_certificate_key {ssl_cert_key_path};
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_certificate {ssl_cert_path};
ssl_certificate_key {ssl_cert_key_path};
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root {ehcpdir};
index index.php;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
root {ehcpdir};
index index.php;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /webmail2/ {
root {ehcpdir}/;
@ -86,10 +86,6 @@ server {
root {ehcpdir}/;
}
}
location /webmail/ {
rewrite ^/* /roundcube last;
}
location /roundcube/ {
root /usr/share/;

156
ehcp/etc/nginx_sslonly/default.nginx
View file

@ -2,98 +2,98 @@
# nginx default server config file
server {
listen 80;
return 301 https://$host$request_uri;
listen 80;
return 301 https://$host$request_uri;
}
# For SSL CONFIG
server {
listen 443 ssl;
server_name _;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
listen 443 ssl;
server_name _;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
root /var/www/new;
index index.html index.htm index.php;
#error_page 404 /404.html;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
#error_page 404 /404.html;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location /phpmyadmin {
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
}

72
ehcp/etc/nginx_sslonly/nginx.conf
View file

@ -5,55 +5,55 @@ user {wwwuser} {wwwgroup};
worker_processes 4;
error_log /var/log/nginx/default.error.log;
pid /var/run/nginx.pid;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
worker_connections 1024;
}
http {
server_names_hash_bucket_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
types_hash_max_size 4096;
server_names_hash_bucket_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
types_hash_max_size 4096;
limit_req_zone $binary_remote_addr zone=one:20m rate=10r/s;
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
'"$host" "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/default.access.log;
access_log /var/log/nginx/default.access.log;
sendfile on;
#tcp_nopush on;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
}