

Nginx Server Configs - lobo_tuerto
https://github.com/h5bp/server-configs-nginx

======
nl
What are we supposed to be looking at here?

The config (there is only one) in the linked repository is fairly.. sparse
(although the headers in the conf directory are more useful).

There are 6 outstanding pull requests, so it doesn't even look like it is
being maintained.

Nice idea, but this implementation needs some work.

~~~
pbreit
I think the meat is here: [https://github.com/h5bp/server-configs-
nginx/tree/master/con...](https://github.com/h5bp/server-configs-
nginx/tree/master/conf)

~~~
nl
Yep, hence _" although the headers in the conf directory are more useful"_

Still not a lot to see though.

------
nvartolomei
Check this one [https://github.com/Umkus/nginx-
boilerplate](https://github.com/Umkus/nginx-boilerplate)

------
simonw
This config file looks like a bad idea:

[https://github.com/h5bp/server-configs-
nginx/blob/master/con...](https://github.com/h5bp/server-configs-
nginx/blob/master/conf/cross-domain-ajax.conf)

    
    
        # Cross domain AJAX requests
        add_header "Access-Control-Allow-Origin" "*";
    

Wouldn't this open up a site to CSRF form field stealing attacks?

------
deluxaran
This looks interesting and it may be useful if it gets around and is completed
and maintained, especially for the new users of nginx.

------
csmuk
Isn't this similar to Debian nginx default configuration?

------
fkooman
403 Forbidden Request forbidden by administrative rules.

