Updated variables.

8 years ago · 01fa92ef31
parent 3e14cd0c0a
commit 01fa92ef31
3 changed files with 19 additions and 9 deletions
--- a/lemp-rhel7/hosts.example
+++ b/lemp-rhel7/hosts.example
--- a/lemp-rhel7/roles/nginx/tasks/main.yml
+++ b/lemp-rhel7/roles/nginx/tasks/main.yml
@ -6,8 +6,5 @@
  template: src=default.conf dest=/etc/nginx/conf.d/default.conf
  notify: restart nginx

- name: insert firewalld rule for nginx
-  firewalld: port={{ nginx_port }}/tcp permanent=true state=enabled immediate=yes
-
 - name: http service state
  service: name=nginx state=started enabled=yes
--- a/lemp-rhel7/roles/nginx/templates/default.conf
+++ b/lemp-rhel7/roles/nginx/templates/default.conf
@ -2,23 +2,36 @@ server {
        listen       {{ nginx_port }} default_server;
        server_name  {{ server_hostname }};
        root /srv/wordpress/ ;
- 
+
 	client_max_body_size 64M;
- 
+
 	# Deny access to any files with a .php extension in the uploads directory
        location ~* /(?:uploads|files)/.*\.php$ {
                deny all;
        }
- 
+
+        location ~ /\. {
+          access_log off; log_not_found off; deny all;
+        }
+
+        location ~ ~$ {
+          access_log off; log_not_found off; deny all;
+        }
+
+        location ~ /\.ht {
+          deny  all;
+        }
+
        location / {
                index index.php index.html index.htm;
                try_files $uri $uri/ /index.php?$args;
        }
- 
-        location ~* \.(gif|jpg|jpeg|png|css|js)$ {
+
+        location ~* \.(jpg|jpeg|gif|css|png|js|ico|html|woff|woff2|svg|js)$ {
                expires max;
+                access_log off;
        }
- 
+
        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;