├── README.md └── prestashop-nginx.conf /README.md: -------------------------------------------------------------------------------- 1 | # Prestashop 1.7 Nginx Configuration 2 | 3 | Best configuration to make a Prestashop 1.7 Store perform it's best. 4 | Uses Nginx and PHP 7 FPM. 5 | -------------------------------------------------------------------------------- /prestashop-nginx.conf: -------------------------------------------------------------------------------- 1 | server { 2 | 3 | # Ipv4 4 | listen 80; 5 | 6 | # IPv6 7 | # listen [::]:80; 8 | 9 | # SSL Ipv4 & v6 10 | # listen 443 ssl; 11 | # listen [::]:443 ssl; 12 | 13 | # ssl_session_timeout 24h; 14 | # ssl_session_cache shared:SSL:10m; 15 | # ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 16 | # ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:RSA+3DES:AES128-SHA:!ADH:!AECDH:!MD5; 17 | # ssl_prefer_server_ciphers on; 18 | # Do not forget to create this file before with OpenSSL : "openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048" 19 | # ssl_dhparam /etc/nginx/ssl/dhparam.pem; 20 | 21 | # Your domain names here 22 | server_name example.com www.example.com; 23 | 24 | #Your website root location 25 | root /var/www/; 26 | 27 | # Your admin folder 28 | set $admin_dir /admintest; 29 | 30 | # Gzip Settings, convert all types. 31 | gzip on; 32 | gzip_vary on; 33 | gzip_proxied any; 34 | 35 | # Can be enhance to 5, but it can slow you server 36 | # gzip_comp_level 5; 37 | # gzip_min_length 256; 38 | 39 | gzip_types 40 | application/atom+xml 41 | application/javascript 42 | application/json 43 | application/ld+json 44 | application/manifest+json 45 | application/rss+xml 46 | application/vnd.geo+json 47 | application/vnd.ms-fontobject 48 | application/x-font-ttf 49 | application/x-web-app-manifest+json 50 | application/xhtml+xml 51 | application/xml 52 | font/opentype 53 | image/bmp 54 | image/svg+xml 55 | image/x-icon 56 | text/cache-manifest 57 | text/css 58 | text/plain 59 | text/vcard 60 | text/vnd.rim.location.xloc 61 | text/vtt 62 | text/x-component 63 | text/x-cross-domain-policy; 64 | # Supposed to be the case but we never know 65 | # text/html; 66 | 67 | gzip_disable "MSIE [1-6]\.(?!.*SV1)"; 68 | 69 | # Symfony controllers 70 | location ~ /(international|_profiler|module|product|feature|attribute|supplier|combination|specific-price|configure)/(.*)$ { 71 | try_files $uri $uri/ /index.php?q=$uri&$args $admin_dir/index.php$is_args$args; 72 | } 73 | 74 | 75 | # Redirect needed to "hide" index.php 76 | location / { 77 | try_files $uri $uri/ /index.php$uri&$args; 78 | 79 | # Old image system ? 80 | rewrite ^/([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$1$2$3.jpg last; 81 | rewrite ^/([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last; 82 | rewrite ^/([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last; 83 | rewrite ^/([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last; 84 | rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last; 85 | rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last; 86 | rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last; 87 | rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last; 88 | rewrite ^/c/([0-9]+)(-[.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+.jpg$ /img/c/$1$2$3.jpg last; 89 | rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+.jpg$ /img/c/$1$2.jpg last; 90 | 91 | } 92 | 93 | error_page 404 /index.php?controller=404; 94 | 95 | # Static assets delivery optimisations 96 | add_header Strict-Transport-Security max-age=31536000; 97 | 98 | # Cloudflare / Max CDN fix 99 | location ~* \.(eot|otf|ttf|woff|woff2)$ { 100 | add_header Access-Control-Allow-Origin *; 101 | } 102 | 103 | location ~* \.(css|js|docx|zip|pptx|swf|txt|jpg|jpeg|png|gif|swf|webp|flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav|mp4|m4v|ogg|webm|aac)$ { 104 | expires max; 105 | log_not_found off; 106 | add_header Pragma public; 107 | add_header Cache-Control "public, must-revalidate, proxy-revalidate"; 108 | } 109 | 110 | # Deny access to .htaccess .DS_Store .htpasswd etc 111 | location ~ /\. { 112 | deny all; 113 | } 114 | 115 | # PHP 7 FPM part 116 | location ~ [^/]\.php(/|$) { 117 | 118 | fastcgi_index index.php; 119 | 120 | # Switch if needed 121 | # include /etc/nginx/fastcgi_params; 122 | include fcgi.conf; 123 | 124 | # Do not forget to update this part if needed 125 | # fastcgi_pass 127.0.0.1:9000; 126 | fastcgi_pass unix:/run/php/php7.0-fpm.sock; 127 | 128 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 129 | fastcgi_keep_conn on; 130 | fastcgi_read_timeout 30s; 131 | fastcgi_send_timeout 30s; 132 | 133 | # In case of long loading or 502 / 504 errors 134 | # fastcgi_buffer_size 256k; 135 | # fastcgi_buffers 256 16k; 136 | # fastcgi_busy_buffers_size 256k; 137 | client_max_body_size 10M; 138 | 139 | # Temp file tweak 140 | fastcgi_max_temp_file_size 0; 141 | fastcgi_temp_file_write_size 256k; 142 | 143 | } 144 | 145 | # Allow access to robots.txt but disable logging every access 146 | location = /robots.txt { 147 | allow all; 148 | log_not_found off; 149 | access_log off; 150 | } 151 | 152 | 153 | # Prevent injection of php files in directories a user can upload stuff 154 | location /upload { 155 | location ~ \.php$ { deny all; } 156 | } 157 | location /img { 158 | location ~ \.php$ { deny all;} 159 | } 160 | 161 | # Ban access to source code directories 162 | location ~ ^/(app|bin|cache|classes|config|controllers|docs|localization|override|src|tests|tools|translations|travis-scripts|vendor)/ { 163 | deny all; 164 | } 165 | 166 | # Banned file types 167 | location ~ \.(htaccess|yml|log|twig|sass|git|tpl)$ { 168 | deny all; 169 | } 170 | } 171 | --------------------------------------------------------------------------------