nginx-1.30.0.zipC:\nginx-1.30.0\nginx.exe"%SystemRoot%\explorer.exe" "%SystemDrive%"
php-8.5.6RC1-nts-Win32-vs17-x64.zipC:\php-*\php-cgi.exePath"%SystemRoot%\explorer.exe" "%SystemDrive%"
"%SystemRoot%\System32\SystemPropertiesAdvanced.exe"
C:\php-8.5.6RC1-nts-Win32-vs17-x64
CD "%SystemDrive%\nginx-"*"\"
"%SystemRoot%\System32\netsh.exe" advfirewall firewall add rule name="nginx" dir="in" action="allow" profile="any" program="%CD%\nginx.exe" protocol="tcp" localport="80,443"
****
"%SystemRoot%\System32\netsh.exe" advfirewall firewall delete rule name="nginx"
****
CD "%SystemDrive%\nginx-"*"\conf" && "%SystemRoot%\System32\notepad.exe" "nginx.conf"
CD "%SystemDrive%\php-"*"-nts-Win32-"*"-x64\" && "%SystemRoot%\System32\notepad.exe" "php.ini-production"
CD "%SystemDrive%\php-"*"-nts-Win32-"*"-x64\" && "%SystemRoot%\System32\notepad.exe" "php.ini-development"
MKDIR "%SystemDrive%\www\nginx\conf" & CD "%SystemDrive%\nginx-"*"\conf" && COPY /Y "fastcgi_params" "%SystemDrive%\www\nginx\conf\fastcgi_params"
MKDIR "%SystemDrive%\www\nginx\conf" & CD "%SystemDrive%\nginx-"*"\conf" && COPY /Y "mime.types" "%SystemDrive%\www\nginx\conf\mime.types"
****
MKDIR "%SystemDrive%\www\php" "%SystemDrive%\www\nginx\conf.d" "%SystemDrive%\www\nginx\default.d" "%SystemDrive%\www\nginx\vhosts.d"
"%SystemRoot%\System32\notepad.exe" "%SystemDrive%\www\nginx\conf.d\http-redirect.conf"
server {
listen "80" "default_server";
listen "[::]:80" "default_server";
return "301" "https://$host$request_uri";
}
# End
"%SystemRoot%\System32\notepad.exe" "%SystemDrive%\www\nginx\conf.d\non-existent.conf"
server {
listen "443" "ssl" "default_server";
http2 "on";
server_name "_";
return "404";
}
# End
include"%SystemRoot%\System32\notepad.exe" "%SystemDrive%\www\nginx\default.d\headers.conf"
add_header "Strict-Transport-Security" "max-age=63072000; includeSubdomains; preload" "always"; add_header "X-Content-Type-Options" "nosniff" "always"; add_header "X-Frame-Options" "sameorigin" "always"; add_header "X-XSS-Protection" "1; mode=block" "always"; add_header "Cache-Control" "max-age=604800, no-transform, public" "always"; add_header "Referrer-Policy" "same-origin" "always"; add_header "Expect-CT" "max-age=0" "always"; add_header "Permissions-Policy" "geolocation=(), microphone=(), payment=(), usb=(), vr=(), magnetometer=(), midi=(), camera=(), ambient-light-sensor=(), accelerometer=()" "always"; # End
"%SystemRoot%\System32\notepad.exe" "%SystemDrive%\www\nginx\nginx.conf"
worker_processes "1";
error_log "logs/error.log" "emerg";
events {
multi_accept "on";
worker_connections "1024";
}
http {
access_log "off";
include "C:/www/nginx/conf.d/*.conf";
include "C:/www/nginx/vhosts.d/*.conf";
include "C:/www/nginx/conf/mime.types";
default_type "application/octet-stream";
sendfile "on";
tcp_nopush "on";
tcp_nodelay "on";
keepalive_timeout "65";
types_hash_max_size "4096";
server_names_hash_bucket_size "64";
gzip "on";
gzip_vary "on";
gzip_proxied "any";
gzip_comp_level "9";
gzip_types "*";
}
# End
CD "%SystemDrive%\nginx-"*"\" && "nginx.exe" -c "%SystemDrive%\www\nginx\nginx.conf" -t
include line(s)add_header Content-Security-Policy "default-src 'self'" always;
add_header Content-Security-Policy "" always;
"%SystemRoot%\System32\notepad.exe" "%SystemDrive%\www\nginx\conf.d\ssl.conf"
ssl_certificate "C:/Certbot/live/realmofespionage.xyz/fullchain.pem"; ssl_trusted_certificate "C:/Certbot/live/realmofespionage.xyz/fullchain.pem"; ssl_certificate_key "C:/Certbot/live/realmofespionage.xyz/privkey.pem"; ssl_session_timeout "10m"; ssl_session_cache "shared:SSL:10m"; ssl_session_tickets "off"; ssl_buffer_size "4k"; ssl_protocols "TLSv1.2" "TLSv1.3"; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM"; ssl_prefer_server_ciphers "on"; ssl_ecdh_curve "secp384r1"; # End
MKDIR "%SystemDrive%\www\scripts\nginx"
"%SystemRoot%\explorer.exe" "%SystemDrive%\www\scripts\nginx"
"%SystemRoot%\System32\notepad.exe" "%SystemDrive%\www\scripts\nginx\Start.bat"
@echo off TITLE nginx CD "%SystemDrive%\nginx-"*"\" "nginx.exe" -c "%SystemDrive%\www\nginx\nginx.conf" :: End
"%SystemDrive%\www\scripts\nginx\Start.bat"
"%SystemRoot%\System32\notepad.exe" "%SystemDrive%\www\scripts\nginx\Stop.bat"
@echo off TITLE nginx Stop CD "%SystemDrive%\nginx-"*"\" "nginx.exe" -s "quit" "%SystemRoot%\System32\timeout.exe" /T "2" /NOBREAK "%SystemRoot%\System32\taskkill.exe" /IM "nginx.exe" /T /F CD "%Temp%" :: End
"%SystemDrive%\www\scripts\nginx\Stop.bat"
"%SystemRoot%\System32\notepad.exe" "%SystemDrive%\www\scripts\nginx\Reload.bat"
@echo off CD "%SystemDrive%\nginx-"*"\" "nginx.exe" -s "reload" "nginx.exe" -s "reopen" CD "%Temp%" :: End
"%SystemDrive%\www\scripts\nginx\Reload.bat"
"%SystemRoot%\System32\schtasks.exe" /Create /SC "ONLOGON" /TN "nginx" /TR "%SystemDrive%\www\scripts\nginx\Start.bat" /F
nginx.exe
[ ] Allow thread opt-out[ ] Also allow loading of images signed by Microsoft Store[ ] Use strict CFG[ ] Enable ATL thunk emulation[x] Validate access for modules that are commonly abused by exploits.[x] Do not allow stripped images[x] Enforce for all modules instead of only compatible modules[ ] Don't use high entropyphp-cgi.exe
[ ] Use strict CFG[ ] Enable ATL thunk emulation[x] Validate access for modules that are commonly abused by exploits.[x] Do not allow stripped images[x] Enforce for all modules instead of only compatible modules[ ] Don't use high entropyvhosts.d\*.conf, it'll 404