HEX
Server: nginx/1.24.0
System: Linux DGT-WORDPRESS-VM-SERVER 6.14.0-1014-azure #14~24.04.1-Ubuntu SMP Fri Oct 3 20:52:11 UTC 2025 x86_64
User: ubuntu (1000)
PHP: 8.4.12
Disabled: NONE
$ pwd: /etc/nginx/sites-enabled_24/
Upload Files
File: //etc/nginx/sites-enabled_24/dev-kofejob-wp.conf
server {
    # Listen for HTTPS requests
    listen 443 ssl;
    server_name dev-kofejob-wp.dreamstechnologies.com;

    # Document root
    root /mnt/data/dev/dev-kofejob-wp;
    index index.php index.html index.htm;

    # SSL configuration (SSL handled by Cloudflare)
    ssl_certificate /etc/nginx/ssl/stardreams.pem;
    ssl_certificate_key /etc/nginx/ssl/stardreams.key;

    # Security headers
    #add_header X-Content-Type-Options "nosniff";
    #add_header X-Frame-Options "SAMEORIGIN";
    #add_header X-XSS-Protection "1; mode=block";
    #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

     # Security headers
    add_header X-Content-Type-Options "nosniff";
    add_header X-XSS-Protection "1; mode=block";
    add_header Strict-Transport-Security "max-age=86400; includeSubDomains";

    #add_header X-Content-Type-Options "nosniff";
    #add_header X-Frame-Options "SAMEORIGIN";
    #add_header X-XSS-Protection "1; mode=block";
    #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
    #add_header Referrer-Policy "strict-origin-when-cross-origin";
    #add_header Permissions-Policy "geolocation=(), camera=(), microphone=()";
    #add_header Cross-Origin-Opener-Policy "same-origin";
    #add_header Cross-Origin-Embedder-Policy "require-corp";
    # add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src * 'self' data: https:;" always;
    #add_header Content-Security-Policy "frame-ancestors 'self' https://preview.themeforest.net;";



    # PHP-FPM configuration
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php8.4-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    # Restrict access to sensitive files
    location ~ /\.(env|ini|log|sh|sql)$ {
        deny all;
    }

    # Block access to .git directories
    location ~ /\.git {
        deny all;
	}

    # General settings for the document root
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    # Logging
    error_log /var/log/nginx/dev-kofejob-wp_error.log;
    access_log /var/log/nginx/dev-kofejob-wp_access.log combined;
}
@ Telegram