nginx config for react app code example

Example 1: nginx config

server {
    listen 80;
    listen [::]:80;
    index index.html index.htm;
    root /usr/share/nginx/html;
    server_name restuwahyu-tech.com www.restuwahyu-tech.com;
    return 301 https://$host$request_uri;
 
    location / {
       proxy_pass http://nodejs:8080;
    }
 
    location ~ /.well-known/acme-challenge{
      allow all;
      root /usr/share/nginx/html;
    }
}
 
server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
     server_name restuwahyu-tech.com;
     index index.html index.htm;
     root /usr/share/nginx/html;
 
     access_log /var/logs/nginx/access;
     error_log /var/logs/nginx/error;
 
     ssl_certificate /etc/nginx/ssl/live/restuwahyu-tech.com/fullchain.pem;
     ssl_certificate_key /etc/nginx/ssl/live/restuwahyu-tech.com/privkey.pem;
     ssl_session_timeout 1d;
     ssl_session_cache shared:SSL:10m;
     ssl_session_tickets off;
     ssl_dhparam /etc/nginx/dhparam/dhparam-2048.pem;
     ssl_buffer_size 8k;
     ssl_protocols TLSv1.2 TLSv1.3;
     ssl_prefer_server_ciphers off;
     ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
     ssl_stapling on;
     ssl_stapling_verify on;
 
     add_header X-Frame-Options           "SAMEORIGIN" always;
     add_header X-XSS-Protection          "1; mode=block" always;
     add_header X-Content-Type-Options    "nosniff" always;
     add_header Referrer-Policy           "no-referrer-when-downgrade" always;
     add_header Content-Security-Policy   "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
     add_header Strict-Transport-Security "max-age=63072000" always;
 
     resolver 9.9.9.9;
     resolver_timeout 2s;
 
     location / {
      proxy_pass http://nodejs:8080;
    }

Example 2: wordpress nginx config

# Upstream to abstract backend connection(s) for php
upstream php {
        server unix:/tmp/php-cgi.socket;
        server 127.0.0.1:9000;
}

server {
        ## Your website name goes here.
        server_name domain.tld;
        ## Your only path reference.
        root /var/www/wordpress;
        ## This should be in your http block and if it is, it's not needed here.
        index index.php;

        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }

        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }

        location / {
                # This is cool because no php is touched for static content.
                # include the "?$args" part so non-default permalinks doesn't break when using query string
                try_files $uri $uri/ /index.php?$args;
        }

        location ~ \.php$ {
                #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                include fastcgi_params;
                fastcgi_intercept_errors on;
                fastcgi_pass php;
                #The following parameter can be also included in fastcgi_params file
                fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        }

        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires max;
                log_not_found off;
        }
}