From e93d0b83ec75e69f3a38cacca5fb336da8e1d1d8 Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Wed, 21 Jan 2015 17:00:43 -0500 Subject: [PATCH] reset nginx config to master --- conf/hosted-http-base.conf | 10 ---------- conf/nginx.conf | 16 +--------------- conf/server-base.conf | 1 - 3 files changed, 1 insertion(+), 26 deletions(-) diff --git a/conf/hosted-http-base.conf b/conf/hosted-http-base.conf index 95938c60c..fa5994e6f 100644 --- a/conf/hosted-http-base.conf +++ b/conf/hosted-http-base.conf @@ -3,15 +3,5 @@ server { listen 80 default_server; server_name _; - - set_real_ip_from 10.0.0.0/8; - real_ip_header proxy_protocol; - - log_format elb '$proxy_protocol_addr - $remote_user [$time_local] ' - '"$request" $status $body_bytes_sent ' - '"$http_referer" "$http_user_agent"'; - - access_log /var/log/nginx/nginx.access.log elb; - rewrite ^ https://$host$request_uri? permanent; } diff --git a/conf/nginx.conf b/conf/nginx.conf index a41c6f13e..234839e53 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -12,7 +12,7 @@ http { server { include server-base.conf; - listen 443 default proxy_protocol; + listen 443 default; ssl on; ssl_certificate ./stack/ssl.cert; @@ -22,18 +22,4 @@ http { ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; ssl_prefer_server_ciphers on; } - - server { - include server-base.conf - - listen 444 default; - - ssl on; - ssl_certificate ./stack/ssl.cert; - ssl_certificate_key ./stack/ssl.key; - ssl_session_timeout 5m; - ssl_protocols SSLv3 TLSv1; - ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; - ssl_prefer_server_ciphers on; - } } diff --git a/conf/server-base.conf b/conf/server-base.conf index 436c98e25..9284fe1cf 100644 --- a/conf/server-base.conf +++ b/conf/server-base.conf @@ -5,7 +5,6 @@ server_name _; set_real_ip_from 172.17.0.0/16; real_ip_header X-Forwarded-For; -real_ip_recursive on; keepalive_timeout 5;