2,306
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
no edit summary
== Django site-available ==
<nowiki>upstream leaks {
server unix:/home/bbvaleaks/BBVALeaks/bbvaleaks.sock;
}
server {
listen 443 ssl;
server_name leaks.rra.lan;
charset utf-8;
client_max_body_size 4G;
ssl on;
ssl_certificate /etc/ssl/certs/redteamweb.crt;
ssl_certificate_key /etc/ssl/private/redteamweb.key;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DDS";
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
# root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
location /media {
alias /var/www/leaks/media; # your Django project's media files
}
location /static {
alias /var/www/leaks/static; # your Django project's static files
}
location / {
# proxy_pass unix:///home/bbvaleaks/BBVALeaks/bbvaleaks.sock;
proxy_pass http://leaks;
include /etc/nginx/uwsgi_params;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
</nowiki>
== Redirect HTTP to HTTPS ==
== Redirect HTTP to HTTPS ==
Create /etc/ngix/sites-available/RedirectHTTPtoHTTPS.conf
Create /etc/ngix/sites-available/RedirectHTTPtoHTTPS.conf