volumes:
- ./nginx.conf:/etc/nginx/conf.d/default.conf:ro
- ./:/usr/share/nginx/html:ro
+ - ./snippets:/etc/nginx/snippets:ro
+ - ./wordpress-fpm:/var/www/html:ro
wordpress:
image: wordpress:6.3.2-php8.2-fpm
read_only: true
depends_on:
- mariadb
environment:
- SCRIPT_FILENAME: /usr/src/wordpress
WORDPRESS_DB_HOST: mariadb:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: I0vAUXKC
server {
listen 80;
- server_name localhost;
+ server_name _;
+
root /var/www/html;
+ index index.php index.html index.htm;
- index index.php;
+ include /etc/nginx/snippets/security.conf;
location / {
try_files $uri $uri/ /index.php?$args;
}
- rewrite /wp-admin$ $scheme://$host$uri/ permanent;
-
- location ~ [^/]\.php(/|$) {
- fastcgi_split_path_info ^(.+?\.php)(/.*)$;
- if (!-f $document_root$fastcgi_script_name) {
- return 404;
- }
-
- include fastcgi_params;
- fastcgi_pass wordpress:9000;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param PATH_INFO $fastcgi_path_info;
- fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
+ location ~ \.php$ {
+ include /etc/nginx/snippets/fastcgi-php.conf;
+ fastcgi_pass wordpress:9000;
+ }
- fastcgi_index index.php;
+ location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+ expires max;
+ log_not_found off;
}
+
+ client_max_body_size 64M;
}
--- /dev/null
+fastcgi_split_path_info ^(.+\.php)(/.+)$;
+fastcgi_index index.php;
+include fastcgi_params;
+
+fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+fastcgi_param PATH_INFO $fastcgi_path_info;
+
+fastcgi_buffer_size 32k;
+fastcgi_buffers 4 32k;
+fastcgi_busy_buffers_size 64k;
--- /dev/null
+add_header X-Frame-Options "SAMEORIGIN" always;
+add_header X-XSS-Protection "1; mode=block" always;
+add_header X-Content-Type-Options "nosniff" always;
+
+location ~* \.(svn|git|hg|bzr)$ {
+ deny all;
+}
+
+location ~* wp-config.php {
+ deny all;
+}
projects / website / commitdiff