Webinoly is just the perfect tool for NGINX experts. Give it a try!
Ask a Question

How to config file conf example domain with ssl Comodo

0 votes
8.6k views
by

Hi QROkes,

I love Webinoly, It's very simple and easy to use. I move site from VPS use dedault LEMP to Webinoly Script

But my site use SSL Comodo, I know config conf file ssl default LEMP but I don't know config file conf use Webinoly :|

I use old file conf, edit some path and remove  all include on default file:

include common/wpfc.conf;

include common/wpcommon.conf;

include common/locations.conf;

include common/headers-http.conf;

include common/headers-html.conf;

I dont know use file include.

That's well but not optimize with Webinoly Script. Can you show me file conf with ssl comodo ?

Thank you.

sudo site example.com -wp=default -cache

My file conf:
server {
       listen         80;
       server_name    example.com www.example.com;
       return         301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    server_name  example.com www.example.com;
	##  redirect https www to https non-www
      if ($host = 'www.example.com' ) {
         return 301 https://example.com$request_uri;
      }
    keepalive_timeout  60;

    ssl on;
    ssl_certificate /var/www/example.com/cert/example.com_ca.crt;
    ssl_certificate_key /var/www/example.com/cert/example.com.key;
    ssl_dhparam /etc/ssl/dhparam.pem;
    ssl_session_timeout  180m;
    ssl_session_cache    shared:SSL:20m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
    ssl_prefer_server_ciphers   on;
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    #ssl_stapling on;
	# access_log off;
	#access_log /home/example.com/logs/access.log;
	# error_log off;
    	#error_log /home/example.com/logs/error.log;
	
    root /var/www/example.com/htdocs;
	index index.php index.html index.htm;
    
 
    	location / {
		try_files $uri $uri/ /index.php?$args;
	}
	
	# Custom configuration
	# Rocket-Nginx configuration
	#include rocket-nginx/default.conf;
    	location ~ \.php$ {
		fastcgi_split_path_info ^(.+\.php)(/.+)$;
        	include /etc/nginx/fastcgi_params;
        	fastcgi_pass 127.0.0.1:9000;
        	fastcgi_index index.php;
		fastcgi_connect_timeout 1000;
		fastcgi_send_timeout 1000;
		fastcgi_read_timeout 1000;
		fastcgi_buffer_size 256k;
		fastcgi_buffers 4 256k;
		fastcgi_busy_buffers_size 256k;
		fastcgi_temp_file_write_size 256k;
		fastcgi_intercept_errors on;
        	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    	}
		location ~ /\. {
		deny all;
	}
	location /nginx_status {
  		stub_status on;
  		access_log   off;
		allow 127.0.0.1;
		allow xxx.xxx.xxx.xxx;
		deny all;
	}
	
	location /php_status {
		fastcgi_pass 127.0.0.1:9000;
		fastcgi_index index.php;
		fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
		include /etc/nginx/fastcgi_params;
		allow 127.0.0.1;
		allow xxx.xxx.xxx.xxx;
		deny all;
    	}
	
	# Disable .htaccess and other hidden files
	location ~ /\.(?!well-known).* {
		deny all;
		access_log off;
		log_not_found off;
	}
	
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }
	
	location = /robots.txt {
		allow all;
		log_not_found off;
		access_log off;
	}
	
	location /phpredmin/public/ {
		try_files $uri $uri/ /phpredmin/public/index.php;
	}
	
	location ~* \.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|eot|svg|ttf|woff)$ {
	        gzip_static off;
		add_header Pragma public;
		add_header Cache-Control "public, must-revalidate, proxy-revalidate";
		access_log off;
		expires 30d;
		break;
        }

        location ~* \.(txt|js|css)$ {
	        add_header Pragma public;
		add_header Cache-Control "public, must-revalidate, proxy-revalidate";
		access_log off;
		expires 30d;
		break;
        }
}
#phpMyAdmin port old config
server {
    listen       345;                          # listen port    
		server_name  localhost;                   
			location / {
				root   /usr/share/phpMyAdmin;           # Document root       
				index index.php  index.html index.htm;
		}
    location ~ \.php$ {
        root           /usr/share/phpMyAdmin;   # Document root        
		fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
}

1 Answer

0 votes
by Expert

In Webinoly if you want to use your own certificate you just need to add it to your site nginx configuration.

sudo nano /etc/nginx/sites-available/example.com

And after the server_name parameter add your certificate:

ssl on;
ssl_certificate /var/www/example.com/cert/example.com_ca.crt;
ssl_certificate_key /var/www/example.com/cert/example.com.key;

Just be sure to have you certificate files in your server.

All the other things are already covered by Webinoly and remember that you can always use a Let's Encrypt certificate generated automatically by Webinoly and that way you don't need to touch not even one line of code.

Please, tell me it works for you.

Regards.

by

How to replace these codes by included files in file conf domain ?

# Custom configuration
	# Rocket-Nginx configuration
	#include rocket-nginx/default.conf;
    	location ~ \.php$ {
		fastcgi_split_path_info ^(.+\.php)(/.+)$;
        	include /etc/nginx/fastcgi_params;
        	fastcgi_pass 127.0.0.1:9000;
        	fastcgi_index index.php;
		fastcgi_connect_timeout 1000;
		fastcgi_send_timeout 1000;
		fastcgi_read_timeout 1000;
		fastcgi_buffer_size 256k;
		fastcgi_buffers 4 256k;
		fastcgi_busy_buffers_size 256k;
		fastcgi_temp_file_write_size 256k;
		fastcgi_intercept_errors on;
        	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    	}
		location ~ /\. {
		deny all;
	}
	location /nginx_status {
  		stub_status on;
  		access_log   off;
		allow 127.0.0.1;
		allow xxx.xxx.xxx.xxx;
		deny all;
	}
	
	location /php_status {
		fastcgi_pass 127.0.0.1:9000;
		fastcgi_index index.php;
		fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
		include /etc/nginx/fastcgi_params;
		allow 127.0.0.1;
		allow xxx.xxx.xxx.xxx;
		deny all;
    	}
	
	# Disable .htaccess and other hidden files
	location ~ /\.(?!well-known).* {
		deny all;
		access_log off;
		log_not_found off;
	}
	
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }
	
	location = /robots.txt {
		allow all;
		log_not_found off;
		access_log off;
	}
	
	location /phpredmin/public/ {
		try_files $uri $uri/ /phpredmin/public/index.php;
	}
	
	location ~* \.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|eot|svg|ttf|woff)$ {
	        gzip_static off;
		add_header Pragma public;
		add_header Cache-Control "public, must-revalidate, proxy-revalidate";
		access_log off;
		expires 30d;
		break;
        }

        location ~* \.(txt|js|css)$ {
	        add_header Pragma public;
		add_header Cache-Control "public, must-revalidate, proxy-revalidate";
		access_log off;
		expires 30d;
		break;
        }
}
#phpMyAdmin port old config
server {
    listen       345;                          # listen port    
		server_name  localhost;                   
			location / {
				root   /usr/share/phpMyAdmin;           # Document root       
				index index.php  index.html index.htm;
		}
    location ~ \.php$ {
        root           /usr/share/phpMyAdmin;   # Document root        
		fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
}

Or how to use included files properly ?

include common/wpfc.conf;

include common/wpcommon.conf;

include common/locations.conf;

include common/headers-http.conf;

include common/headers-html.conf;

Finally, If I change SSL Comodo to Let's Encrypt, Does it make my keywords rankings change?

Thank you.

by Expert
All those things are already handled by Webinoly, you don't need those things anymore.

SSL Certificate provider doesn't change your SEO keyword ranking.
Welcome to the Community site for Webinoly.

Our Optimized LEMP Web Server is a powerful set of commands for doing just about anything you could wish.

With Webinoly you can set up your NGINX web server in just one step.

* * * * * * *

To report a bug, please create a new issue on GitHub or ask a question here with the bug tag.

Related questions

Webinoly Support Paypal Donations

PayPal · GitHub Sponsors · Bitcoin

Snow Theme by Q2A Market
Powered by Question2Answer

It is very important that any visitor to the site read the disclaimer, terms of use and privacy and legal statement before start browsing.

...