Skip to content

Commit

Permalink
Public release initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
Olegs Capligins committed Jan 18, 2018
0 parents commit dc22b81
Show file tree
Hide file tree
Showing 723 changed files with 80,298 additions and 0 deletions.
3 changes: 3 additions & 0 deletions .bowerrc
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
{
"directory" : "vendor/bower-asset"
}
33 changes: 33 additions & 0 deletions .gitattributes
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
# Set the default behavior
* text=auto

# Explicitly declare text files you want to always be normalized and
# converted to native line endings on checkout.
*.php text
*.json text

# Composer
composer.json text eol=lf
composer.lock text eol=lf

# Declare files' EOL format
yii text eol=lf
yii-prod text eol=lf

*.sh text eol=lf
*.key text eol=lf
*.sql text eol=lf
*.bat text eol=crlf
*.htaccess text eol=lf
*.properties text eol=lf

# Denote all files that are truly binary and should not be modified.
*.ico binary
*.png binary
*.jpg binary
*.gif binary
*.eot binary
*.otf binary
*.ttf binary
*.woff binary
*.woff2 binary
19 changes: 19 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# phpstorm project files
.idea

# Installation lock file
install.lock

# netbeans project files
nbproject

# zend studio for eclipse project files
.buildpath
.project
.settings

# Composer
/vendor

# Key
cbackup.private.key
34 changes: 34 additions & 0 deletions .htaccess
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
<IfModule mod_version.c>
<IfVersion < 2.4>
Order allow,deny
Deny from all
<FilesMatch "^(index\.php|)$">
Allow from all
</FilesMatch>
</IfVersion>
<IfVersion >= 2.4>
Require all denied
<FilesMatch "^(index\.php|)$">
Require all granted
</FilesMatch>
</IfVersion>
</IfModule>

<IfModule !mod_version.c>
# Apache 2.2
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
<FilesMatch "^(index\.php|)$">
Allow from all
</FilesMatch>
</IfModule>

# Apache 2.4
<IfModule mod_authz_core.c>
Require all denied
<FilesMatch "^(index\.php|)$">
Require all granted
</FilesMatch>
</IfModule>
</IfModule>
238 changes: 238 additions & 0 deletions LICENSE.md

Large diffs are not rendered by default.

116 changes: 116 additions & 0 deletions Nginx-1.10_vhost.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,116 @@
#-----------------------------------------------#
# ������ ����� ������������ �����
#-----------------------------------------------#

server {
listen %ip%:%httpport%;
listen %ip%:%httpsport% ssl;
server_name %host% %aliases%;

ssl_certificate "%sprogdir%/userdata/config/server.crt";
ssl_certificate_key "%sprogdir%/userdata/config/server.key";

#add_header Strict-Transport-Security "max-age=94608000; includeSubDomains; preload";

# if ($request_method !~* ^(GET|HEAD|POST)$ ){return 403;}
location ~ /\. {deny all;}

location / {
root "%hostdir%/web";
try_files $uri $uri/ /index.php$is_args$args;
index index.php;
}

location ~ ^/assets/.*\.php$ {
deny all;
}

location ~ \.php$ {
root "%hostdir%/web";
try_files $uri =404;
# if (!-e $document_root$document_uri){return 404;}
fastcgi_pass backend;
fastcgi_index index.php;
fastcgi_buffers 4 64k;
fastcgi_connect_timeout 1s;
fastcgi_ignore_client_abort off;
fastcgi_next_upstream timeout;
fastcgi_read_timeout 5m;
fastcgi_send_timeout 5m;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param HTTPS $https;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $host;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param TMP "%sprogdir%/userdata/temp";
fastcgi_param TMPDIR "%sprogdir%/userdata/temp";
fastcgi_param TEMP "%sprogdir%/userdata/temp";
}

# ����������� ���-������������
#---------------------------------------#
# <�� ��������� ���� ���� ������������>
location /openserver/ {
root "%sprogdir%/modules/system/html";
index index.php;
%allow%allow all;
allow 127.0.0.0/8;
allow ::1/128;
allow %ips%;
deny all;
location /openserver/server-status {
stub_status on;
}
location ~ ^/openserver/.*\.php$ {
root "%sprogdir%/modules/system/html";
fastcgi_pass backend;
fastcgi_index index.php;
fastcgi_buffers 4 64k;
fastcgi_connect_timeout 1s;
fastcgi_ignore_client_abort off;
fastcgi_next_upstream timeout;
fastcgi_read_timeout 5m;
fastcgi_send_timeout 5m;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param HTTPS $https;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $host;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param TMP "%sprogdir%/userdata/temp";
fastcgi_param TMPDIR "%sprogdir%/userdata/temp";
fastcgi_param TEMP "%sprogdir%/userdata/temp";
}
}
# <�� ��������� ���� ���� ������������/>
#---------------------------------------#
}

#-----------------------------------------------#
# ����� ����� ������������ �����
#-----------------------------------------------#
162 changes: 162 additions & 0 deletions Nginx-1.11_vhost.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,162 @@
#-----------------------------------------------#
# ������ ����� ������������ �����
#-----------------------------------------------#

server {
listen %ip%:%httpport%;
listen %ip%:%httpsport% ssl http2;
server_name %host% %aliases%;
root "%hostdir%/web";
index index.php index.html index.htm;
autoindex on; # �������� ������� �������� ���� �� ������ ��������� ����
limit_conn perip 64; # ����������� ���-�� ���������� � ������ IP

# �������� ������������ �� ������� ������ �� COMODO
# copy /b domain.crt+COMODORSADomainValidationSecureServerCA.crt+COMODORSAAddTrustCA.crt server.crt
# copy /b COMODORSADomainValidationSecureServerCA.crt+COMODORSAAddTrustCA.crt trusted.crt
# openssl.exe dhparam -out dhparam.pem 2048

ssl_certificate "%sprogdir%/userdata/config/cert_files/server.crt";
ssl_certificate_key "%sprogdir%/userdata/config/cert_files/server.key";
ssl_dhparam "%sprogdir%/userdata/config/cert_files/dhparam.pem";
# ssl_trusted_certificate "%sprogdir%/userdata/config/cert_files/trusted.crt";

# �������� ��������� ����� (������ ����� ��������� ����� ����������� "|")
if ($http_user_agent ~* (MJ12bot|Solomono|Ahrefs|SISTRIX|LinkpadBot|nmap|nikto|wikto|sqlmap|bsqlbf|w3af|acunetix|havij|appscan)) {
return 444;
}

# ��������� ������ ������� ������ (������������ � �����)
# ������ � ��������� /.well/ � /.known/ ����� �������� (������ ����� ��������� ����� ����������� "|")
location ~* /\.(?!(well|known)\/) {
deny all;
}

# ��������� ��������� ����� ���������� ��� ��������� (���������� ������)
more_set_headers "X-Content-Type-Options: nosniff";

# �������� Content-Security-Policy (����������: +Google �nalytics +Google Fonts +������ �������)
# more_set_headers "Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://mc.yandex.ru https://yastatic.net; img-src 'self' https://ssl.google-analytics.com https://mc.yandex.ru; connect-src https://mc.yandex.ru; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://themes.googleusercontent.com; frame-src 'self'; object-src 'none'";

# ������������ ������ ��������� � ������� (������ ����� ��������� ����� ����������� "|")
# if ($request_method !~* ^(GET|HEAD|POST)$){return 405;}

# NEW! ������������ �������� ���������� �� ����� ����������
# limit_traffic_rate rate_ip 1024k; # ������������ �������� �� IP ������
# limit_traffic_rate rate_uri 1024k; # ������������ �������� �� URL ������

# �������������� ������������� HTTPS �� �����
# more_set_headers "Strict-Transport-Security: max-age=15768000";
# more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubdomains;"; # (������� ���������)
# set $do_redirect 1;
# if ($scheme ~* ^https$) {
# set $do_redirect 0;
# }
# if ($request_uri ~* ^/robots\.txt$) {
# set $do_redirect 0;
# }
# if ($do_redirect = 1) {
# return 301 https://$host$request_uri;
# }

# ������ ������������� www �������� (www.xxx.com => xxx.com)
# if ($host ~* ^www\.(.+)$) {
# set $host_without_www $1;
# return 301 $scheme://$1$request_uri;
# }

# ��������������� ��������� ���� �������� � PHP �����������
# location / {
# rewrite ^/(.*)$ /index.php last;
# }

# ��������������� ���� �������� � PHP �����������
# (���� ����� ���� ��� ����� �� ����������)
# location / {
# try_files $uri $uri/ /index.php?$query_string;
# }

# ��������� ������ � ��������/�������/����� (������ ����� ��������� ����� ����������� "|")
# location ~* ^.+\.(bak|conf|log|ini|sql|tar|tgz|gz)$ {
# deny all;
# }

location ~* ^.+\.(css|htc|js|bmp|gif|jpe?g|tiff?|png|cur|ico|woff2?|eot|ttc|ttf|otf|svg|swf)$ {
expires 1d; # �������� ����������� ����������
# ��������� �����-�������� �������
# more_set_headers "Access-Control-Allow-Origin: *";
}

location ~* ^.+\.php$ {
limit_conn perip 32; # ����������� ���-�� ���������� � ������ IP
limit_req zone=dynamic burst=32 nodelay; # ����������� ������� �������� � PHP
more_set_headers "X-Frame-Options: SAMEORIGIN"; # ��������� ������ �� ����� ������
more_set_headers "Cache-Control: max-age=0, no-cache, no-store, must-revalidate, no-transform"; # ��������� ����������� �������
try_files $uri =404;
fastcgi_pass backend;
fastcgi_param TMP "%sprogdir%/userdata/temp";
fastcgi_param TMPDIR "%sprogdir%/userdata/temp";
fastcgi_param TEMP "%sprogdir%/userdata/temp";
include "%sprogdir%/modules/http/%httpdriver%/conf/fastcgi_params";
}

#-----------------------------------------------#
# ����������� ���-������������
# �� ��������� ���� ���� ������������
#-----------------------------------------------#

location /openserver/ {
root "%sprogdir%/modules/system/html";
index index.php;

%allow%allow all;
allow 127.0.0.0/8;
allow ::1/128;
allow %ips%;
deny all;

location /openserver/server-status {
stub_status on;
access_log off;
}

location ~* ^.+\.(css|htc|js|bmp|gif|jpe?g|tiff?|png|cur|ico|woff2?|eot|ttc|ttf|otf|svg|swf)$ {
expires 1d; # �������� ����������� ����������
}

location ~* ^/openserver/.+\.php$ {
limit_conn perip 32; # ����������� ���-�� ���������� � ������ IP
limit_req zone=dynamic burst=32 nodelay; # ����������� ������� �������� � PHP
more_set_headers "X-Frame-Options: SAMEORIGIN"; # ��������� ������ �� ����� ������
# more_set_headers "Cache-Control: max-age=0, no-cache, no-store, must-revalidate, no-transform"; # ��������� ����������� �������
try_files $uri =404;
fastcgi_pass backend;
fastcgi_param TMP "%sprogdir%/userdata/temp";
fastcgi_param TMPDIR "%sprogdir%/userdata/temp";
fastcgi_param TEMP "%sprogdir%/userdata/temp";
include "%sprogdir%/modules/http/%httpdriver%/conf/fastcgi_params";
}
}

#-----------------------------------------------#
# ������������ ��������� �� �������
#-----------------------------------------------#

error_page 500 /500.html;
error_page 501 /501.html;
error_page 502 504 /502.html;
error_page 503 /503.html;
error_page 404 /404.html;
error_page 405 /405.html;

location ~* ^/(500|501|502|503|404|405).html$ {
root "%sprogdir%/userdata/config/error_pages";
expires -1;
more_set_headers "Content-Type: text/html; charset=utf-8";
internal;
}
}

#-----------------------------------------------#
# ����� ����� ������������ �����
#-----------------------------------------------#
Loading

0 comments on commit dc22b81

Please sign in to comment.