Merge pull request #37 from lfluvisotto/nginx-magento2-conf

Updating nginx magento2.conf according to latest version of nginx.conf in Magento 2 Open Source repository
wardenenv · Oct 1, 2024 · 78523c4 · 78523c4
2 parents 86300cb + dd77e6a
commit 78523c4
Showing 1 changed file with 19 additions and 9 deletions.
diff --git a/nginx/etc/nginx/available.d/magento2.conf b/nginx/etc/nginx/available.d/magento2.conf
@@ -51,7 +51,7 @@ location / {
 }
 
 location /pub/ {
-    location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+    location ~ ^/pub/media/(downloadable|customer|import|custom_options|theme_customization/.*\.xml) {
         deny all;
     }
     alias $MAGE_ROOT/pub/;
@@ -63,18 +63,18 @@ location /static/ {
     # expires max;
 
     # Remove signature of the static files that is used to overcome the browser cache
-    location ~ ^/static/version {
-        rewrite ^/static/(version[^/]+/)?(.*)$ /static/$2 last;
+    location ~ ^/static/version\d*/ {
+        rewrite ^/static/version\d*/(.*)$ /static/$1 last;
     }
 
-    location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2|json)$ {
+    location ~* \.(ico|jpg|jpeg|png|gif|svg|svgz|webp|avif|avifs|js|css|eot|ttf|otf|woff|woff2|html|json|webmanifest)$ {
         add_header Cache-Control "public";
         add_header X-Frame-Options "SAMEORIGIN";
         add_header Access-Control-Allow-Origin "*";     # Allow use from CDN origin
         expires +1y;
 
         if (!-f $request_filename) {
-            rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
         }
     }
 
@@ -84,11 +84,11 @@ location /static/ {
         expires    off;
 
         if (!-f $request_filename) {
-           rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
+           rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
         }
     }
     if (!-f $request_filename) {
-        rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
+        rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
     }
     add_header X-Frame-Options "SAMEORIGIN";
 }
@@ -106,7 +106,7 @@ location /media/ {
         deny all;
     }
 
-    location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+    location ~* \.(ico|jpg|jpeg|png|gif|svg|svgz|webp|avif|avifs|js|css|eot|ttf|otf|woff|woff2)$ {
         add_header Cache-Control "public";
         add_header X-Frame-Options "SAMEORIGIN";
         expires +1y;
@@ -133,6 +133,16 @@ location /media/import/ {
     deny all;
 }
 
+location /media/custom_options/ {
+    deny all;
+}
+
+location /errors/ {
+    location ~* \.xml$ {
+        deny all;
+    }
+}
+
 location ~* ^/dev/tests/acceptance/utils($|/) {
     root $MAGE_ROOT;
 
@@ -189,6 +199,6 @@ gzip_types
 gzip_vary on;
 
 # Banned locations (only reached if the earlier PHP entry point regexes don't match)
-location ~* (\.php$|\.htaccess$|\.git) {
+location ~* (\.php$|\.phtml$|\.htaccess$|\.htpasswd$|\.git) {
     deny all;
 }