intruxxer
4/13/2014 - 12:41 PM

NGINX Conf file with SSL config

NGINX Conf file with SSL config

user deploy;
worker_processes 6;

events {
    worker_connections 1024;
}


http {
    passenger_root /usr/local/rvm/gems/ree-1.8.7-2011.03/gems/passenger-3.0.7;
    passenger_ruby /usr/local/rvm/wrappers/ree-1.8.7-2011.03/ruby;

    include mime.types;
    default_type application/octet-stream;

    sendfile on;

    keepalive_timeout 65;

    client_max_body_size 100m;
    
    server {

# Force non-www URL to rewrite with www
        if ($host !~* ^www\.){
            rewrite ^(.*)$ https://www.yourserver.com$1;
        }
     
        listen 443;
        server_name yourserver.com www.yourserver.com;

        ssl on;
        ssl_certificate www.yourserver.com.crt;
        ssl_certificate_key www.yourserver.com.key;

        ssl_session_timeout 5m;

        ssl_protocols SSLv2 SSLv3 TLSv1;
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers on;

        client_max_body_size 100M;
        client_body_buffer_size 128k;
        root /path/to/your/code/public;
        passenger_enabled on;
    }

    # Force URL on https and www
    server{
        listen 80;
        server_name yourserver.com;
        rewrite ^ https://www.yourserver.com$1 permanent;
    }

}