#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 10240; } http { include mime.types; default_type application/octet-stream;
add_header X-Frame-Options "ALLOW-FROM https://www.test.com";
add_header X-XSS-Protection "1; mode=block";
add_header 'Access-Control-Allow-Origin' 'https://www.test.com';
add_header 'Access-Control-Allow-Credentials' 'false';
add_header Access-Control-Allow-Headers 'x-sign,x-ts'; server_tokens off; proxy_hide_header X-Powered-By; proxy_hide_header Server; sendfile on; gzip on; gzip_static on; keepalive_timeout 65; upstream backend{ server 192.168.0.1:8080; server 192.168.0.2:8080 backup; } server { listen 80; server_name test.cloud.com; rewrite ^(.*)$ https://${server_name}$1 permanent; location / { root /home/nginx/html; index index.html index.htm; try_files $uri /index.html; client_max_body_size 50m; } location = /50x.html { root html; } error_page 500 502 503 504 /50x.html; } server { listen 443 ssl; server_name test.com; location /gateway { proxy_pass http://backend; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 50m; } location / { root /home/nginx/html; index index.html index.htm; try_files $uri /index.html; client_max_body_size 50m; } location = /50x.html { root html; } ssl_certificate /etc/ssl/***.com.pem; ssl_certificate_key /etc/ssl/**.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; ssl_protocols TLSv1.2; error_page 500 502 503 504 /50x.html; } }