I can not open any link except http://example.com/readme.txt with following server block.
Any tips?
server {
listen 80 default_server; ## listen for ipv4; this line is default and implied
listen [::]:80 default_server ipv6only=on; ## listen for ipv6
server_name example.com www.example.com *.example.com;
# return 301 https://$server_name$request_uri;
#}
#
#server {
listen 443 ssl;
listen [::]:443 ssl ipv6only=on;
keepalive_timeout 70;
#ssl on;
ssl_certificate /etc/nginx/cert/example.com-unified.crt;
ssl_certificate_key /etc/nginx/cert/example.com.key;
server_name example.com www.example.com *.example.com;
server_name_in_redirect off;
charset utf-8;
root /usr/share/nginx/html/example.com;
access_log /home/wwwlogs/example.com.access.log;
error_log /home/wwwlogs/example.com.error.log;
if ($http_host != "www.example.com") {
rewrite ^ https://www.example.com$request_uri permanent;
}
index index.php index.html index.htm;
#fastcgi_cache start
set $skip_cache 0;
# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
# Don't cache uris containing the following segments
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
set $skip_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
location / {
# try files in the specified order
try_files $uri $uri/ /index.php?$args /index.html;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.(php|php5)?$ {
# include snippets/fastcgi-php.conf;
#
ModSecurityEnabled on;
ModSecurityConfig modsecurity.conf;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$; #DEBUG
include /etc/nginx/fastcgi_params;
# use upstream hhvm/php
fastcgi_pass php;
fastcgi_cache_methods GET HEAD; # Only GET and HEAD methods apply
fastcgi_cache_bypass $skip_cache; #apply the "$skip_cache" variable
fastcgi_no_cache $skip_cache;
fastcgi_cache WORDPRESS;
fastcgi_cache_valid 200 301 302 60m;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# send bad requests to 404
fastcgi_intercept_errors on;
}
location ~ /purge(/.*) {
fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|flv|ico)$ {
access_log off; log_not_found off; expires max;
}
location ~ .*\.(js|css)?$ {
expires 7d;
}
location = /robots.txt {
access_log off; log_not_found off;
}
# Make sure files with the following extensions do not get loaded by nginx because nginx would display the source code, and these files can contain PASSWORDS!
#
location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ {
deny all;
}
location ~ /\. { deny all; access_log off; log_not_found off; }
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
sysguard on;
sysguard_load load=1.8 action=/loadlimit;
sysguard_mem swapratio=90% action=/swaplimit;
location /loadlimit {
return 503;
}
location /swaplimit {
return 503;
}
if ( $query_string ~* ".*[\;'\<\>].*" ){
return 404;
}
}