Nginx
Jump to navigation
Jump to search
Donate
Documentation for this is incomplete. Contributions are happily considered! See this for potential alternatives.
/etc/tor/torrc[edit]
HiddenServiceDir /var/lib/tor-instances/onionv3/onionv3/ HiddenServiceVersion 3 ## web HiddenServicePort 80 127.0.0.1:70
/etc/nginx/conf.d/hsts[edit]
## HSTS settings
/etc/nginx/sites-available/00100.conf[edit]
## default_server, apex domain (non-subdomain) or invalid subdomain catch-all
## redirect plaintext clearnet non-subdomain to TLS non-subdomain
server {
listen 80 default_server;
listen [::]:80 default_server;
return 301 https://kicksecure.com$request_uri;
}
## redirect TLS clearnet non-subdomain to TLS www subdomain
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
ssl_certificate /etc/letsencrypt/live/kicksecure.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/kicksecure.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/kicksecure.com/fullchain.pem;
include /etc/nginx/conf.d/hsts;
return 301 https://www.kicksecure.com$request_uri;
}
## redirect onion non-subdomain to www subdomain
server {
listen 127.0.0.1:70;
server_name w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion;
return 301 http://www.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion$request_uri;
}
/etc/nginx/sites-available/www.conf[edit]
## http clearnet port 80 unencrypted listener
server {
listen 80;
listen [::]:80;
server_name www.kicksecure.com;
return 301 https://www.kicksecure.com$request_uri;
}
## clearnet www
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.kicksecure.com;
ssl_certificate /etc/letsencrypt/live/kicksecure.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/kicksecure.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/kicksecure.com/fullchain.pem;
include /etc/nginx/conf.d/hsts;
more_set_headers "Onion-Location: http://www.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion$request_uri";
include /etc/nginx/conf.d/www;
}
## onion www
server {
listen 127.0.0.1:70;
server_name www.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion;
more_set_headers "X-Robots-Tag: noindex, nofollow";
include /etc/nginx/conf.d/www;
}
/etc/nginx/conf.d/www[edit]
## actual nginx config shared among TLS and onion goes here
Kicksecure
A secure by default operating system with the latest security research in place.
A secure by default operating system with the latest security research in place.
Follow us on social media
Supported by Power Up Privacy
Kicksecure is proudly supported until 2025 by
Power Up Privacy,
a privacy advocacy group that seeks to supercharge privacy projects with resources so they can complete their mission of making our world a better place.
(Strictly subject to our sponsorship policy.)
At
Kicksecure we value freedom and trust, supporting Open Source and Freedom Software
By using this website, you acknowledge you have read, understood, and agree to be bound by these agreements:
Terms of Service,
Privacy Policy,
Cookie Policy,
E-Sign Consent,
DMCA,
Imprint
2012-
2024 ENCRYPTED SUPPORT LP
2012-
2024 ENCRYPTED SUPPORT LP
We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!