server { listen 80; listen [::]:80; server_name www¾ÈºÙÀºµµ¸ÞÀÏ wwwºÙÀºµµ¸ÞÀÎ; return 301 https://º»Àεµ¸ÞÀÎ.top$request_uri; } server { listen 80; listen [::]:80; server_name º»Àεµ¸ÞÀÎ; root /var/www/html/ºí¶óºí¶ó; index index.html index.htm; location / { try_files $uri $uri/ =404; # gzip setting gzip_disable "msie6"; gzip_buffers 16 8k; gzip_comp_level 5; gzip_http_version 1.1; gzip_min_length 256; gzip_proxied any; gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font application/x-font-opentype application/x-font-otf application/x-font-truetype application/x-font-ttf application/x-javascript application/x-web-app-manifest+json application/xhtml+xml application/xml application/xml+rss font/opentype font/otf font/ttf image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/javascript text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy text/xml; gzip_vary on; # End gzip setting } access_log /var/log/nginx/access.log_ºí¶óºí¶ó; error_log /var/log/nginx/error.log_ºí¶óºí¶ó; # Browser Cache Setting location ~* \.(?:jpg|jpeg|png|gif|ico|cur|gz|svg|svgz|ogg|ogv|mp4|webm|htc)$ { expires 1M; access_log off; add_header Cache-Control "public"; } location ~* \.(?:css|js)$ { expires 1M; access_log off; add_header Cache-Control "public"; } location = /favicon.ico { expires max; access_log off; log_not_found off; } # End Browser Cache Setting #Let's Encrypt SSL Setting listen 443 ssl http2; listen [::]:443 ssl http2 ipv6only=on; ssl_certificate /etc/letsencrypt/live/ºí¶óºí¶ó/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/ºí¶óºí¶ó/privkey.pem; ssl_dhparam /etc/ssl/certs/dhparam.pem; ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /etc/letsencrypt/live/ºí¶óºí¶ó/chain.pem; resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 5s; ssl_session_cache shared:le_nginx_SSL:1m; ssl_session_timeout 1d; ssl_session_tickets on; ssl_protocols TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; add_header Strict-Transport-Security "max-age=31536000;"; add_header Content-Security-Policy "default-src 'none'; frame-ancestors 'none'; script-src 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; form-action 'self';"; add_header Referrer-Policy "no-referrer, strict-origin-when-cross-origin"; add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; #End Let's Encrypt SSL Setting }