Laravel is a modern PHP framework that runs great together with NGINX.
However, you have to know the right approach to configuring NGINX for the most performance and security.
Let’s review this NGINX configuration of Laravel that will empower Laravel with both performance and security.
Pre-requisities
- NGINX
- Dynamic ETag NGINX module
- Length hiding NGINX module
- Security headers NGINX module
- Immutable NGINX module
server {
listen 80;
server_name example.com;
root /srv/example.com/public;
security_headers on;
index index.php;
charset utf-8;
location / {
dynamic_etag on;
length_hiding on;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
include fastcgi_params;
# override SCRIPT_NAME which was set in fastcgi_params
fastcgi_param SCRIPT_NAME /index.php;
fastcgi_pass unix:/var/run/php-fpm/example.com.sock;
}
location ~ \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
immutable on;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
location ~ \.php$ {
return 404;
}
location ~ /\.(?!well-known).* {
deny all;
}
}