server { listen 443 ssl; listen [::]:443 ssl; server_name zinomedia.de; #access_log off; access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log error; root /usr/share/nginx/html/zinomedia.de; index index.php; #try_files $uri $uri/ =404; try_files $uri $uri/ /index.php?$args; ssl_certificate /etc/letsencrypt/live/zinomedia.de/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/zinomedia.de/privkey.pem; include "snippets/ssl-optimizations.conf"; include "snippets/wordpress-optimizations.conf"; #include "snippets/enable-php-fpm.conf"; add_header Content-Security-Policy "default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; img-src 'self' data: *; style-src 'self' 'unsafe-inline'; font-src 'self' data: *; upgrade-insecure-requests;" always; client_max_body_size 0; location / { resolver 127.0.0.11; set $upstream "zinomedia-wordpress:80"; #try_files $uri $uri/ /index.php?$args; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto https; proxy_pass http://$upstream; } # location ~ [^/]\.php(/|$) { # root /usr/share/nginx/html/zinomedia.de; # fastcgi_split_path_info ^(.+?\.php)(/.*)$; # if (!-f $document_root$fastcgi_script_name) { # return 404; # } # include fastcgi_params; # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # fastcgi_param PATH_INFO $fastcgi_path_info; # fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; # fastcgi_pass zinomedia-wordpress:9000; # fastcgi_index index.php; # } } server { listen 80; listen [::]:80; server_name zinomedia.de; return 301 https://$host$request_uri; }