fastcgi_cache_path/tmp/simple_cachelevels=1:2keys_zone=zone_origin.example.com:50minactive=60muse_temp_path=off;fastcgi_cache_key$scheme$request_method$host$request_uri$http_x_custom_header$http_cookie;server{listen80;root/var/www/origin.example.com;indexindex.htmlindex.phpindex.htmindex.nginx-debian.html;server_nameorigin.example.com;# 0=no, 1=yes, cache things by defaultset$skip_cache0;if($query_string){set$skip_cache1;}if($request_method=POST){set$skip_cache1;return200"HelloWorld!";}location/{try_files$uri$uri/=404;allow192.25.25.0;denyall;# say your reverse proxy IP is 192.25.25.0,# by defining here, you are allowing only this IP,# to access this origin for better security}location~\.php${includesnippets/fastcgi-php.conf;fastcgi_passunix:/var/run/php/php7.4-fpm.sock;include/etc/nginx/fastcgi_params;include/etc/nginx/fastcgi.conf;fastcgi_cachezone_origin.example.com;fastcgi_cache_valid2005m;fastcgi_cache_valid4041m;fastcgi_cache_bypass$skip_cache;fastcgi_no_cache$skip_cache;add_headerphp-cache-5m$upstream_cache_status;# this whole block is to cache PHP generated files}location~*\.(css|gif|ico|jpeg|jpg|js|png)$ {expires1h;log_not_foundoff;}listen443ssl;ssl_certificate/etc/letsencrypt/live/origin.example.com/fullchain.pem;ssl_certificate_key/etc/letsencrypt/live/origin.example.com/privkey.pem;include/etc/letsencrypt/options-ssl-nginx.conf;ssl_dhparam/etc/letsencrypt/ssl-dhparams.pem;}