#asxp.io
server {
    if ($host = www.asxp.io) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = asxp.io) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


	listen 80;
	server_name www.asxp.io asxp.io;
	listen [::]:80;
	server_name www.asxp.io asxp.io;

	root /srv/http/asxpio;
	#root /srv/http/photos;
	index index.html;

	server_name _;
	return 444;

	location / {
		try_files $uri $uri/ =404;
	}
}    	
server {

	root /srv/http/asxpio;
	#root /srv/http/photos;

	index index.html;

        server_name asxp.io www.asxp.io; # managed by Certbot


	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		try_files $uri $uri/ =404;
	}

	
        location ~ \.php$ {
               fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
               fastcgi_index index.php;
               root /srv/http/asxpio;
               include fastcgi.conf;
        }


	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	#location ~ /\.ht {
	#	deny all;
	#}


    #listen [::]:443 ssl ipv6only=on; # managed by Certbot
    #listen [::]:443;
    #ssl on;
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    ##
    # Nginx Bad Bot Blocker Includes
    # REPO: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
    ##
    #include /etc/nginx/bots.d/ddos.conf;
    #include /etc/nginx/bots.d/blockbots.conf;
}