HEX
Server: nginx/1.24.0
System: Linux DGT-WORDPRESS-VM-SERVER 6.14.0-1017-azure #17~24.04.1-Ubuntu SMP Mon Dec 1 20:10:50 UTC 2025 x86_64
User: ubuntu (1000)
PHP: 8.4.12
Disabled: NONE
$ pwd: /proc/thread-self/root/etc/nginx/sites-enabled/
Upload Files
File: //proc/thread-self/root/etc/nginx/sites-enabled/dev-dreamssalon-wp.conf
server {
    listen 443 ssl;
    server_name dev-dreamssalon-wp.dreamstechnologies.com;

    root /mnt/data/dev/dev-dreamssalon-wp;
    index index.php index.html index.htm;

    ssl_certificate /etc/nginx/ssl/stardreams.pem;
    ssl_certificate_key /etc/nginx/ssl/stardreams.key;

    # Security headers
    add_header X-Content-Type-Options "nosniff";
    add_header X-XSS-Protection "1; mode=block";
    add_header Strict-Transport-Security "max-age=86400; includeSubDomains";

    # ✅ Serve static assets directly (bypass PHP)
    location ~* \.(?:jpg|jpeg|gif|png|ico|css|js|webp|svg|woff|woff2|ttf|otf|eot|mp4|mp3)$ {
        expires 30d;
        access_log off;
        add_header Cache-Control "public, immutable";
        try_files $uri =404;
    }

    # ✅ Pass only PHP scripts to PHP-FPM
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php8.4-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    # ✅ Restrict sensitive files
    location ~ /\.(env|ini|log|sh|sql|git)$ {
        deny all;
    }

    # ✅ WordPress front controller
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    # Logs
    access_log /var/log/nginx/dev-dreamssalon-wp_access.log combined;
    error_log /var/log/nginx/dev-dreamssalon-wp_error.log;
}
@ Telegram