server {
    listen      80;
    server_name cdn.domain.org;
    root /usr/share/nginx/cdn
   
   location / {
      proxy_pass http://domain.org;
      proxy_set_header Host $host;
      proxy_set_header  True-Client-IP  $remote_addr;

    }

   location ~* .(jpg|png|gif|jpeg|webp|css|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ {
    expires max;
    proxy_set_header  X-Real-IP  $remote_addr;
    proxy_pass http://domain.org;
    proxy_ignore_headers X-Accel-Expires Expires Cache-Control;
    proxy_store /usr/share/nginx/cdn$uri;
    proxy_store_access user:rw group:rw all:r;
  }
#blokir htaccess
  location ~ /\. { deny all; }

#blokir temp file dengan awalan $
  location ~ ~$ { deny all; }

#blokir akses php file
  location ~ \.php$ { deny all; }
}