user nginx nginx;
worker_processes 8;
worker_rlimit_nofile 8192;
error_log /ngames/data/nginx/logs/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 8192;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr [$time_local] $request '
'"$status" $body_bytes_sent*$gzip_ratio "$http_referer" '
'"$http_user_agent"';
log_format proxy '$remote_addr [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" $upstream_addr[$upstream_response_time]$upstream_cache_status';
open_log_file_cache max=1000 inactive=20s min_uses=2 valid=1m;
server_tokens off;
sendfile on;
tcp_nopush on;
keepalive_timeout 5;
large_client_header_buffers 4 8k;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 8k;
#gzip_http_version 1.0;
gzip_comp_level 1;
#gzip_proxied any;
gzip_types text/plain text/css text/javascript text/xml
application/x-javascript application/xml application/xml+rss;
include /etc/nginx/conf.d/*.conf;
#upstream mic_net {
# server 172.31.16.222:9000 weight=10 max_fails=3 fail_timeout=30s; # php01
# server 172.31.24.169:9000 weight=15 max_fails=3 fail_timeout=30s; # ngx02
# server 172.31.30.180:9000 weight=10 max_fails=3 fail_timeout=30s; # ngx01
# server 172.31.18.171:9000 weight=5 max_fails=3 fail_timeout=30s; # nfs01
#}
#upstream forums_mic_net {
#server 172.31.16.222:8082 weight=10 max_fails=3 fail_timeout=30s; # php01
#}
# upstream track_mic_com {
# server 172.31.16.222:9000 weight=10 max_fails=3 fail_timeout=30s; # php01
# }
# upstream track_sakura_com {
# server 172.31.16.222:9000 weight=10 max_fails=3 fail_timeout=30s; # php01
# }
upstream track_gaara_la {
server 172.31.16.222:9000 weight=10 max_fails=3 fail_timeout=30s; # php01
}
upstream payments_mic_com {
server 172.31.16.222:9000 weight=10 max_fails=3 fail_timeout=30s; # php01
}
fastcgi_cache_path /ngaara/data/nginx/fcgi/cache levels=2:2 keys_zone=cache:1024m inactive=12h max_size=50g;
fastcgi_temp_path /ngaara/data/nginx/fcgi/tmp 1 2;
fastcgi_cache_key $request_uri;
fastcgi_cache_valid 400 401 403 404 1m;
fastcgi_cache_valid 500 501 502 503 504 505 1s;
fastcgi_cache_min_uses 1;
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires;
#fastcgi_no_cache $cookie_nocache $arg_nocache;
fastcgi_connect_timeout 300s;
fastcgi_send_timeout 300s;
fastcgi_read_timeout 300s;
fastcgi_buffer_size 128k;
fastcgi_buffers 8 128k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_index index.php;
fastcgi_ignore_client_abort on;
fastcgi_intercept_errors on;
include /etc/nginx/fastcgi.conf;
geoip_country /ngaara/sites/mic/configs/GeoIP.dat;
fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;
fastcgi_param GEOIP_COUNTRY_CODE3 $geoip_country_code3;
fastcgi_param GEOIP_COUNTRY_NAME $geoip_country_name;
map $geoip_country_code $blocked {
default no;
JP yes;
}
fastcgi_param IP_BLOCKED $blocked;
server {
listen *:80;
listen *:8060;
access_log /ngaara/data/nginx/logs/localhost.access.log main;
error_log /ngaara/data/nginx/logs/localhost.error.log error;
# auth_basic "input you user name and password";
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location /server-status {
stub_status on;
access_log on;
}
location /php-fpm-status {
fastcgi_pass 127.0.0.1:9000;
break;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
break;
}
location ~ /\.ht {
deny all;
}
location ~ /_ {
deny all;
}
}
server {
listen *:80;
listen *:8191;
server_name assets-cdn.mic.com assets.mic.com assets-https.mic.com static.mic.com assets-cdn.mic.net assets.mic.net assets-https.mic.net static.mic.net;
access_log /ngaara/data/nginx/logs/assets.mic.com.access.log main;
error_log /ngaara/data/nginx/logs/assets.mic.com.error.log error;
root /ngaara/sites/mic/webroot/assets.mic.com/html;
index index.html index.php;
# auth_basic "input you user name and password";
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
location / {
if (-f $document_root/maintenance.html) {
return 503;
}
}
# location ~ /purge(/.*) {
# fastcgi_cache_purge cache $1;
# }
location ~ \.php$ {
deny all;
}
location ~ /\.ht {
deny all;
}
location ~* \.(jpg|jpeg|gif|css|png|js|ico)$ {
expires 7d;
break;
}
location = /_.gif {
empty_gif;
}
error_page 403 /403.html;
location = /403.html {
root /usr/share/nginx/html;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
server {
listen *:443;
server_name assets-cdn.mic.com assets.mic.com assets-https.mic.com static.mic.com assets-cdn.mic.net assets.mic.net assets-https.mic.net static.mic.net;
access_log /ngaara/data/nginx/logs/assets.mic.com.access.log main;
error_log /ngaara/data/nginx/logs/assets.mic.com.error.log error;
root /ngaara/sites/mic/webroot/assets.mic.com/html;
index index.html index.php;
ssl on;
ssl_certificate /ngaara/sites/mic/configs/ssl/bundle.crt;
ssl_certificate_key /ngaara/sites/mic/configs/ssl/mic.KEY;
ssl_session_timeout 5m;
ssl_protocols SSLv2 TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
# auth_basic "input you user name and password";
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
location / {
if (-f $document_root/maintenance.html) {
return 503;
}
}
# location ~ /purge(/.*) {
# fastcgi_cache_purge cache $1;
# }
location ~ \.php$ {
deny all;
}
location ~ /\.ht {
deny all;
}
location ~* \.(jpg|jpeg|gif|css|png|js|ico)$ {
expires 7d;
break;
}
location = /_.gif {
empty_gif;
}
error_page 403 /403.html;
location = /403.html {
root /usr/share/nginx/html;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
server {
listen *:443;
server_name mic.com passport.mic.com store.mic.com apis.mic.com apps.mic.com manage.mic.com fb.mic.com fbs.mic.com startrek.mic.com passport.mic.net payments.mic.net fb.mic.net fbs.mic.net store.mic.net manage.mic.net mic.net startrek.mic.net rainbow.mic.com startrekaliendomain.com;
ssl on;
ssl_certificate /ngaara/sites/mic/configs/ssl/bundle.crt;
ssl_certificate_key /ngaara/sites/mic/configs/ssl/mic.KEY;
ssl_session_timeout 5m;
ssl_protocols SSLv2 TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
access_log /ngaara/data/nginx/logs/mic.com.access.log main;
error_log /ngaara/data/nginx/logs/mic.com.error.log error;
set $host_path "/ngaara/sites/mic/webroot/mic.com/html";
root $host_path;
index index.php index.html index.htm;
add_header Cache-Control no-store;
add_header Expires -1;
#auth_basic "input you user name and password";
#auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
if ($host = '') {
rewrite ^(.*) last;
}
if ($host = 'startrekaliendomain.com') {
rewrite ^(.*) last;
}
if ($host = '') {
rewrite ^/default/index$ http:// permanent;
}
if ($host = '') {
rewrite ^/default/index$ http:// permanent;
}
if ($host = 'passport.mic.net') {
rewrite ^/default/index$ permanent;
}
# if ($blocked = yes) {
# return 404;
# }
# BEGIN restrictions.conf
# Disable logging for favicon
# location / {
# if (!-e $request_filename){
# rewrite ^/(.*) /index.php last;
# }
# }
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf
# Typically I create a yiiframework.conf file that I then include across all of my yii vhosts
#include conf.d/yiiframework.conf;
# I've included the content of my yiiframework.conf in-line for this example
# BEGIN yiiframework.conf
# Block access to protected, framework, and nbproject (artifact from Netbeans)
location ~ /(protected|framework|nbproject) {
deny all;
access_log off;
log_not_found off;
}
# Attempt the uri, uri+/, then fall back to yii's index.php with args included
# Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
location / {
try_files $uri $uri/ /index.php?$args;
}
# END yiiframework.conf
# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}
# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
set_real_ip_from 178.18.205.254;
real_ip_header X-Real-IP;
try_files $uri =404;
# Fix for server variables that behave differently under nginx/php-fpm than typically expected
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Include the standard fastcgi_params file included with nginx
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_index index.php;
# Override the SCRIPT_FILENAME variable set by fastcgi_params
fastcgi_param SCRIPT_FILENAME $host_path$fastcgi_script_name;
# Pass to upstream PHP-FPM; This must match whatever you name your upstream connection
fastcgi_pass mic_net;
}
}
server {
listen *:80;
listen *:8192;
server_name mic.com passport.mic.com store.mic.com apis.mic.com apps.mic.com manage.mic.com fb.mic.com fbs.mic.com startrek.mic.com passport.mic.net payments.mic.net fb.mic.net fbs.mic.net store.mic.net manage.mic.net mic.net startrek.mic.net rainbow.mic.com startrekaliendomain.com;
access_log /ngaara/data/nginx/logs/mic.com.access.log main;
error_log /ngaara/data/nginx/logs/mic.com.error.log error;
set $host_path "/ngaara/sites/mic/webroot/mic.com/html";
root $host_path;
index index.php index.html index.htm;
add_header Cache-Control no-store;
add_header Expires -1;
#auth_basic "input you user name and password";
#auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
if ($host = '') {
rewrite ^(.*) last;
}
if ($host = 'startrekaliendomain.com') {
rewrite ^(.*) last;
}
if ($host = '') {
rewrite ^/default/index$ http:// permanent;
}
if ($host = '') {
rewrite ^/default/index$ http:// permanent;
}
if ($host = 'passport.mic.net') {
rewrite ^/default/index$ permanent;
}
# if ($blocked = yes) {
# return 404;
# }
# BEGIN restrictions.conf
# Disable logging for favicon
# location / {
# if (!-e $request_filename){
# rewrite ^/(.*) /index.php last;
# }
# }
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf
# Typically I create a yiiframework.conf file that I then include across all of my yii vhosts
#include conf.d/yiiframework.conf;
# I've included the content of my yiiframework.conf in-line for this example
# BEGIN yiiframework.conf
# Block access to protected, framework, and nbproject (artifact from Netbeans)
location ~ /(protected|framework|nbproject) {
deny all;
access_log off;
log_not_found off;
}
# Attempt the uri, uri+/, then fall back to yii's index.php with args included
# Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
location / {
try_files $uri $uri/ /index.php?$args;
}
# END yiiframework.conf
# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}
# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
set_real_ip_from 10.10.1.110;
real_ip_header X-Real-IP;
try_files $uri =404;
# Fix for server variables that behave differently under nginx/php-fpm than typically expected
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Include the standard fastcgi_params file included with nginx
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_index index.php;
# Override the SCRIPT_FILENAME variable set by fastcgi_params
fastcgi_param SCRIPT_FILENAME $host_path$fastcgi_script_name;
# Pass to upstream PHP-FPM; This must match whatever you name your upstream connection
fastcgi_pass mic_net;
}
}
server {
listen *:80;
listen *:8193;
server_name forums.mic.com forum.mic.com forums.mic.net forum.mic.net;
access_log /ngaara/data/nginx/logs/forums.mic.com.access.log proxy;
error_log /ngaara/data/nginx/logs/forums.mic.com.error.log error;
root /ngaara/sites/mic/webroot/forums.mic.com/html;
index index.php index.html index.htm;
# auth_basic "input you user name and password";
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
rewrite ^/forum$ />
rewrite ^/register http:///#reg;
rewrite ^/faq.php />
if ($blocked = yes) {
return 404;
}
if ($host ~* forum\.gaara\.la) {
rewrite ^/(.*)$ permanent ;
}
if ($http_user_agent ~* LWP::Simple|BBBike|wget) {
return 403;
}
location ~* /store/.*\.php$ {
return 403;
}
location ~ /\.ht {
deny all;
}
location ~* \.(jpg|jpeg|gif|css|png|js|ico)$ {
root /ngaara/sites/mic/webroot/forums.mic.com/html;
access_log off;
expires 7d;
break;
}
location = /clear.gif {
empty_gif;
}
location = /_.gif {
empty_gif;
}
location / {
proxy_pass />
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 150;
proxy_send_timeout 100;
proxy_read_timeout 100;
proxy_buffers 4 32k;
client_max_body_size 8m;
client_body_buffer_size 128k;
}
error_page 503 @maintenance;
location @maintenance {
rewrite ^(.*)$ /maintenance.html break;
}
error_page 403 /403.html;
location = /403.html {
root /ngaara/sites/mic/webroot/forums.mic.com/html/errors;
}
error_page 404 /404.html;
location = /404.html {
root /ngaara/sites/mic/webroot/forums.mic.com/html/errors;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /ngaara/sites/mic/webroot/forums.mic.com/html/errors;
}
}
server {
listen *:80;
listen *:8195;
server_name track.mic.com;
server_name track-st.mic.com;
access_log /ngaara/data/nginx/logs/track.mic.com.access.log main;
error_log /ngaara/data/nginx/logs/track.mic.com.error.log error;
set $host_path "/ngaara/sites/mic/webroot/track.mic.com/html";
root $host_path;
index index.php index.html index.htm;
add_header Cache-Control no-store;
add_header Expires -1;
location ~ ^/backend/ {
rewrite ^/backend/(.*)$ permanent;
}
# auth_basic "input you user name and password";
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
# BEGIN restrictions.conf
# Disable logging for favicon
# location / {
# if (!-e $request_filename){
# rewrite ^/(.*) /index.php last;
# }
# }
location / {
client_max_body_size 100m;
if (-f $request_filename) {
break;
}
if (!-f $request_filename) {
rewrite ^/([a-z0-9\-_]+)\.html?$ /click.php?tag=$1&$query_string last;
rewrite ^/$ /click.php?link_id=1&$query_string last;
}
root /home/track.mic.com/html;
index index.html index.htm index.php;
access_log off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf
# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}
# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
root $host_path;
fastcgi_pass track_mic_com;
}
}
server {
listen *:80;
listen *:8198;
server_name analyst.mic.com;
access_log /ngaara/data/nginx/logs/track.mic.com.access.log main;
error_log /ngaara/data/nginx/logs/track.mic.com.error.log error;
set $host_path "/ngaara/sites/mic/webroot/track.mic.com/html/backend/";
root $host_path;
index index.php index.html index.htm;
add_header Cache-Control no-store;
add_header Expires -1;
# auth_basic "input you user name and password";
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
# BEGIN restrictions.conf
# Disable logging for favicon
# location / {
# if (!-e $request_filename){
# rewrite ^/(.*) /index.php last;
# }
# }
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf
# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}
# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
root $host_path;
fastcgi_pass track_mic_com;
}
}
server {
listen *:80;
listen *:8200;
server_name track.gaara.la;
server_name track.narutosaga.gaara.la;
server_name track.ultimatenaruto.gaara.la;
access_log /ngaara/data/nginx/logs/track.gaara.la.access.log main;
error_log /ngaara/data/nginx/logs/track.gaara.com.error.log error;
set $host_path "/ngaara/sites/mic/webroot/track.gaara.la/html/";
root $host_path;
index index.php index.html index.htm;
add_header Cache-Control no-store;
add_header Expires -1;
location / {
client_max_body_size 100m;
if (-f $request_filename) {
break;
}
if (!-f $request_filename) {
rewrite ^/([a-z0-9\-_]+)\.html?$ /click.php?tag=$1&$query_string last;
rewrite ^/$ /click.php?link_id=1&$query_string last;
}
root /home/track.gaara.la/html;
index index.html index.htm index.php;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf
# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}
# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
root $host_path;
fastcgi_pass track_gaara_la;
}
}
server {
listen *:80;
listen *:8201;
server_name analyst.gaara.la;
server_name aws-analyst.gaara.la;
access_log /ngaara/data/nginx/logs/analyst.gaara.la.access.log main;
error_log /ngaara/data/nginx/logs/analyst.gaara.la.error.log error;
set $host_path "/ngaara/sites/mic/webroot/track.gaara.la/html/backend/";
root $host_path;
index index.php index.html index.htm;
add_header Cache-Control no-store;
add_header Expires -1;
# auth_basic "input you user name and password";
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
# BEGIN restrictions.conf
# Disable logging for favicon
# location / {
# if (!-e $request_filename){
# rewrite ^/(.*) /index.php last;
# }
# }
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf
# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}
# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
root $host_path;
fastcgi_pass track_gaara_la;
}
}
server {
listen *:80;
listen *:8196;
server_name track.sakura.com;
# server_name go.sakura.com;
server_name aws-track.sakura.com;
server_name aws-go.sakura.com;
server_name jump.sakura.com;
server_name go.sakura.com;
server_name go.ngaara.com;
server_name go.pockiepirates.ngaara.com;
server_name go.pockiepirates.sakura.com;
server_name go.leagueofangels.sakura.com;
server_name go.warfare.sakura.com;
server_name go.cybermonster2.sakura.com;
server_name go.wartune.sakura.com;
server_name go.pockiesaints.sakura.com;
server_name go.pockiedefense.sakura.com;
server_name go.grandvoyage.sakura.com;
server_name go.talesofsolaris.sakura.com;
server_name go.ddtank.sakura.com;
server_name go.pockiekingdom.sakura.com;
server_name go.ageofcivilization.sakura.com;
access_log /ngaara/data/nginx/logs/track.sakura.com.access.log main;
error_log /ngaara/data/nginx/logs/track.sakura.com.error.log error;
set $host_path "/ngaara/sites/mic/webroot/track.sakura.com/html";
root $host_path;
index index.php index.html index.htm;
add_header Cache-Control no-store;
add_header Expires -1;
location ~ ^/backend/ {
# rewrite ^/backend/(.*)$ permanent;
location ~ \.php$ {
fastcgi_pass track_sakura_com;
root /ngaara/sites/mic/webroot/track.sakura.com/html;
break;
}
# auth_basic "input you user name and password";
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd_for_ngaara;
}
# auth_basic "input you user name and password";
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
# BEGIN restrictions.conf
# Disable logging for favicon
# location / {
# if (!-e $request_filename){
# rewrite ^/(.*) /index.php last;
# }
# }
location / {
client_max_body_size 100m;
if (-f $request_filename) {
break;
}
if (!-f $request_filename) {
rewrite ^/lp(\d+)/([a-z0-9\-_]+)\.html?$ /click.php?lp=$1&tag=$2&$query_string last;
rewrite ^/([a-z0-9\-_]+)\.html?$ /click.php?tag=$1&$query_string last;
rewrite ^/$ /click.php?link_id=1&$query_string last;
}
root /ngaara/sites/mic/webroot/track.sakura.com/html;
index index.html index.htm index.php;
#access_log off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf
# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}
# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
root $host_path;
fastcgi_pass track_sakura_com;
}
}
server {
listen *:80;
listen *:8197;
server_name aws-analyst.sakura.com;
server_name analyst.sakura.com;
access_log /ngaara/data/nginx/logs/track.sakura.com.access.log main;
error_log /ngaara/data/nginx/logs/track.sakura.com.error.log error;
set $host_path "/ngaara/sites/mic/webroot/track.sakura.com/html/backend/";
root $host_path;
index index.php index.html index.htm;
add_header Cache-Control no-store;
add_header Expires -1;
# auth_basic "input you user name and password";
# auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
# BEGIN restrictions.conf
# Disable logging for favicon
# location / {
# if (!-e $request_filename){
# rewrite ^/(.*) /index.php last;
# }
# }
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf
# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}
# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
root $host_path;
fastcgi_pass track_sakura_com;
}
}
server {
listen *:80;
listen *:8199;
server_name payments.mic.com;
access_log /ngaara/data/nginx/logs/payments.mic.com.access.log main;
error_log /ngaara/data/nginx/logs/payments.mic.com.error.log error;
set $host_path "/ngaara/sites/mic/webroot/payments.mic.com/html";
root $host_path;
index index.php index.html index.htm;
add_header Cache-Control no-store;
add_header Expires -1;
#auth_basic "input you user name and password";
#auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
if ($host = 'payments.mic.com') {
rewrite ^/default/index$ permanent;
}
# if ($blocked = yes) {
# return 404;
# }
# BEGIN restrictions.conf
# Disable logging for favicon
# location / {
# if (!-e $request_filename){
# rewrite ^/(.*) /index.php last;
# }
# }
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf
# Typically I create a yiiframework.conf file that I then include across all of my yii vhosts
#include conf.d/yiiframework.conf;
# I've included the content of my yiiframework.conf in-line for this example
# BEGIN yiiframework.conf
# Block access to protected, framework, and nbproject (artifact from Netbeans)
location ~ /(protected|framework|nbproject) {
deny all;
access_log off;
log_not_found off;
}
# Attempt the uri, uri+/, then fall back to yii's index.php with args included
# Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
location / {
try_files $uri $uri/ /index.php?$args;
}
# END yiiframework.conf
# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}
# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
set_real_ip_from 10.10.1.110;
real_ip_header X-Real-IP;
try_files $uri =404;
# Fix for server variables that behave differently under nginx/php-fpm than typically expected
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Include the standard fastcgi_params file included with nginx
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_index index.php;
# Override the SCRIPT_FILENAME variable set by fastcgi_params
fastcgi_param SCRIPT_FILENAME $host_path$fastcgi_script_name;
# Pass to upstream PHP-FPM; This must match whatever you name your upstream connection
fastcgi_pass payments_mic_com;
}
}
server {
listen *:443;
server_name payments.mic.com;
access_log /ngaara/data/nginx/logs/payments.mic.com.access.log main;
error_log /ngaara/data/nginx/logs/payments.mic.com.error.log error;
set $host_path "/ngaara/sites/mic/webroot/payments.mic.com/html";
root $host_path;
index index.php index.html index.htm;
add_header Cache-Control no-store;
add_header Expires -1;
ssl on;
ssl_certificate /ngaara/sites/mic/configs/ssl/bundle.crt;
ssl_certificate_key /ngaara/sites/mic/configs/ssl/mic.KEY;
ssl_session_timeout 5m;
ssl_protocols SSLv2 TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
#auth_basic "input you user name and password";
#auth_basic_user_file /ngaara/sites/mic/configs/nginx_passwd;
if ($host = 'payments.mic.com') {
rewrite ^/default/index$ permanent;
}
# if ($blocked = yes) {
# return 404;
# }
# BEGIN restrictions.conf
# Disable logging for favicon
# location / {
# if (!-e $request_filename){
# rewrite ^/(.*) /index.php last;
# }
# }
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Disable logging for robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# END restrictions.conf
# Typically I create a yiiframework.conf file that I then include across all of my yii vhosts
#include conf.d/yiiframework.conf;
# I've included the content of my yiiframework.conf in-line for this example
# BEGIN yiiframework.conf
# Block access to protected, framework, and nbproject (artifact from Netbeans)
location ~ /(protected|framework|nbproject) {
deny all;
access_log off;
log_not_found off;
}
# Attempt the uri, uri+/, then fall back to yii's index.php with args included
# Note: old examples use IF statements, which nginx considers evil, this approach is more widely supported
location / {
try_files $uri $uri/ /index.php?$args;
}
# END yiiframework.conf
# Tell browser to cache image files for 24 hours, do not log missing images
# I typically keep this after the yii rules, so that there is no conflict with content served by Yii
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 3h;
log_not_found off;
}
# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
set_real_ip_from 10.10.1.110;
real_ip_header X-Real-IP;
try_files $uri =404;
# Fix for server variables that behave differently under nginx/php-fpm than typically expected
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Include the standard fastcgi_params file included with nginx
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_index index.php;
# Override the SCRIPT_FILENAME variable set by fastcgi_params
fastcgi_param SCRIPT_FILENAME $host_path$fastcgi_script_name;
# Pass to upstream PHP-FPM; This must match whatever you name your upstream connection
fastcgi_pass payments_mic_com;
}
}
}
