From d3defd709177d60e7a26ae622a3484c79538d8f9 Mon Sep 17 00:00:00 2001 From: Melody Horn Date: Wed, 3 Aug 2022 00:12:30 -0600 Subject: don't leak ip over stdout --- nginx.conf | 157 +++++++++++++++++++++++++++++++------------------------------ 1 file changed, 80 insertions(+), 77 deletions(-) (limited to 'nginx.conf') diff --git a/nginx.conf b/nginx.conf index 3852340..c5b0447 100644 --- a/nginx.conf +++ b/nginx.conf @@ -1,77 +1,80 @@ -server { - listen 80; - listen [::]:80; - server_name pig.observer; - - charset utf-8; - charset_types text/xml text/css text/plain application/javascript application/rss+xml; - #access_log /var/log/nginx/host.access.log main; - rewrite_log on; - - gzip on; - add_header Strict-Transport-Security max-age=31536000 always; - add_header X-Content-Type-Options nosniff; - - location /georgiasnapshots/ { - add_header Access-Control-Allow-Origin *; - proxy_pass http://navigator-c2c.dot.ga.gov/snapshots/; - } - - location /georgiavss1/ { - proxy_pass http://vss1live.dot.ga.gov/lo/; - } - - location /georgiavss2/ { - proxy_pass http://vss2live.dot.ga.gov/lo/; - } - - location /georgiavss3/ { - proxy_pass http://vss3live.dot.ga.gov/lo/; - } - - location /georgiavss4/ { - proxy_pass http://vss4live.dot.ga.gov/lo/; - } - - location /georgiavss5/ { - proxy_pass http://vss5live.dot.ga.gov/lo/; - } - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - } - - #error_page 404 /404.html; - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } - - # proxy the PHP scripts to Apache listening on 127.0.0.1:80 - # - #location ~ \.php$ { - # proxy_pass http://127.0.0.1; - #} - - # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 - # - #location ~ \.php$ { - # root html; - # fastcgi_pass 127.0.0.1:9000; - # fastcgi_index index.php; - # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; - # include fastcgi_params; - #} - - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - #location ~ /\.ht { - # deny all; - #} - -} +log_format private '[$time_local] $host "$request" $status $body_bytes_sent'; +access_log off; + +server { + listen 80; + listen [::]:80; + server_name pig.observer; + + charset utf-8; + charset_types text/xml text/css text/plain application/javascript application/rss+xml; + access_log /var/log/nginx/access.log private; + rewrite_log on; + + gzip on; + add_header Strict-Transport-Security max-age=31536000 always; + add_header X-Content-Type-Options nosniff; + + location /georgiasnapshots/ { + add_header Access-Control-Allow-Origin *; + proxy_pass http://navigator-c2c.dot.ga.gov/snapshots/; + } + + location /georgiavss1/ { + proxy_pass http://vss1live.dot.ga.gov/lo/; + } + + location /georgiavss2/ { + proxy_pass http://vss2live.dot.ga.gov/lo/; + } + + location /georgiavss3/ { + proxy_pass http://vss3live.dot.ga.gov/lo/; + } + + location /georgiavss4/ { + proxy_pass http://vss4live.dot.ga.gov/lo/; + } + + location /georgiavss5/ { + proxy_pass http://vss5live.dot.ga.gov/lo/; + } + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} + +} -- cgit v1.2.3