50 lines
1.3 KiB
Nginx Configuration File
50 lines
1.3 KiB
Nginx Configuration File
# Restrict access to the website by IP or wrong domain name) and return 400
|
|
server {
|
|
# listen unix:/dev/shm/h1.sock proxy_protocol default_server;
|
|
# listen unix:/dev/shm/h2c.sock http2 proxy_protocol default_server;
|
|
listen 5000;
|
|
http2 on;
|
|
# set_real_ip_from unix:;
|
|
# real_ip_header proxy_protocol;
|
|
server_name _;
|
|
return 400 "not allowed";
|
|
}
|
|
server {
|
|
listen 5001;
|
|
server_name _;
|
|
return 400 "not allowed";
|
|
}
|
|
|
|
# HTTP1 UDS listener
|
|
server {
|
|
#listen unix:/dev/shm/h1.sock proxy_protocol;
|
|
listen 5001;
|
|
server_name xx.tc.hk.go.107421.xyz book.107421.xyz;
|
|
|
|
location / {
|
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # enable HSTS
|
|
root /var/www/html/;
|
|
index index.html index.htm;
|
|
}
|
|
}
|
|
|
|
# HTTP2 UDS listener
|
|
server {
|
|
# listen unix:/dev/shm/h2c.sock http2 proxy_protocol;
|
|
listen 5000;
|
|
http2 on;
|
|
|
|
server_name xx.tc.hk.go.107421.xyz book.107421.xyz;
|
|
|
|
# grpc settings
|
|
# grpc_read_timeout 1h;
|
|
# grpc_send_timeout 1h;
|
|
# grpc_set_header X-Real-IP $remote_addr;
|
|
|
|
# Decoy website
|
|
location / {
|
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; # enable HSTS
|
|
root /var/www/html;
|
|
index index.html index.htm;
|
|
}
|
|
} |