server { # listen 80 default_server deferred; # for Linux # listen 80 default_server accept_filter=httpready; # for FreeBSD listen 80 default_server; # listen on the non-www host -- the www-host is declared in www-redirect.conf # here server_name example.com; # Path for static files root /sites/example.com/public; #Specify a charset charset utf-8; # Custom 404 page error_page 404 /404.html; # Built-in filename-based cache busting # https://github.com/h5bp/html5-boilerplate/blob/5370479476dceae7cc3ea105946536d6bc0ee468/.htaccess#L403 # This will route all requests for /css/style.20120716.css to /css/style.css # Read also this: github.com/h5bp/html5-boilerplate/wiki/cachebusting # This is disabled by default, because it'd be better if you use the build # script to manage the file names. # location ~* (.+)\.(\d+)\.(js|css|png|jpg|jpeg|gif)$ { # try_files $uri $1.$3; # } # No default expire rule. This config mirrors that of apache as outlined in the # html5-boilerplate .htaccess file. However, nginx applies rules by location, the apache rules # are defined by type. A concequence of this difference is that if you use no file extension in # the url and serve html, with apache you get an expire time of 0s, with nginx you'd get an # expire header of one month in the future (if the default expire rule is 1 month). # Therefore, do not use a default expire rule with nginx unless your site is completely static # cache.appcache, your document html and data location ~* \.(?:manifest|appcache|html|xml|json)$ { expires -1; access_log logs/static.log; } # Feed location ~* \.(?:rss|atom)$ { expires 1h; add_header Cache-Control "public"; } # Favicon location ~* \.ico$ { expires 1w; access_log off; add_header Cache-Control "public"; } # Media: images, video, audio, HTC, WebFonts location ~* \.(?:jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|eot|mp4|ogg|ogv|webm)$ { expires 1M; access_log off; add_header Cache-Control "public"; } # CSS and Javascript location ~* \.(?:css|js)$ { expires 1y; access_log off; add_header Cache-Control "public"; } # opt-in to the future add_header "X-UA-Compatible" "IE=Edge,chrome=1"; # Cross domain AJAX requests # add_header "Access-Control-Allow-Origin" "*"; # Cross domain webfont access location ~* \.(ttf|ttc|otf|eot|woff|font.css)$ { add_header "Access-Control-Allow-Origin" "*"; } # Prevent mobile network providers from modifying your site # add_header "Cache-Control" "no-transform"; # Prevent clients from accessing hidden files (starting with a dot) location ~* (^|/)\. { return 403; } # Prevent clients from accessing to backup/config/source files location ~* (\.(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ { return 403; } }