#禁止空主机头访问
server {
listen 80 default_server;
server_name _;
return 500;
}
server {
listen 80;
server_name youdomain.com www.yourdomain.com;
#下面这条规定站点根目录,再往下的配置就以此为根
root /usr/share/nginx/siterootpath;
index index.php;
#charset koi8-r;
#下面这句是访问log,按需开关
#access_log /var/log/nginx/log/host.access.log main;
#favicon,站点的图标,可以显示在浏览器标题栏上,和robots.txt两个都不需要log
location = /favicon.ico {
log_not_found off;
access_log off;
}
location =/robots.txt {
allow all;
log_not_found off;
access_log off;
}
# 所有静态文件都直通,解决了之前jpg等文件单独设置直通的问题,另外还可以直接支持固定链接
location / {
try_files $uri $uri/ /index.php?$args;
}
#自定义404
#error_page 404 /404.html;
#自定义错误页
# redirect server error pages to the static page /50x.html
#
location = /50x.html {
root /usr/share/nginx/html;
}
#对上传目录禁止执行php,并阻止除图片以外的任何文件类型
location /wp-content/uploads/ {
if ($request_filename !~* \.(jpg|jpeg|gif|png)$) {
return 403;
}
location ~ .*\.(php)?$ {
deny all;
}
}
# php文件发送到php5-fpm,现在这一段不需要写root目录了
#
location ~ \.php$ {
#检查php文件是否真实存在,防止伪装成jpg的php等
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
#js css 图片等文件最大化有效期,不记录访问
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}