From 178e8f27a802a79288a130b4a479bbb9acf59fb7 Mon Sep 17 00:00:00 2001
From: "srvproxy001.itguys.com.br" <srvproxy001@itguys.com.br>
Date: Sat, 27 Sep 2025 22:16:01 -0300
Subject: [PATCH] =?UTF-8?q?[Auto-Sync]=20Atualiza=C3=A7=C3=A3o=20das=20con?=
 =?UTF-8?q?figura=C3=A7=C3=B5es=20em=20srvproxy001.itguys.com.br=20-=20202?=
 =?UTF-8?q?5-09-27=2022:16:01?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 nginx/sites-available/ns1.itguys.com.br.conf | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/nginx/sites-available/ns1.itguys.com.br.conf b/nginx/sites-available/ns1.itguys.com.br.conf
index 65512f2..d23ae76 100644
--- a/nginx/sites-available/ns1.itguys.com.br.conf
+++ b/nginx/sites-available/ns1.itguys.com.br.conf
@@ -53,7 +53,7 @@ server {
     access_log /var/log/nginx/ns1.itguys.com.br.access.log combined;
     error_log /var/log/nginx/ns1.itguys.com.br.error.log warn;
     # Log para acessos bloqueados por bots (depende de $is_bad_bot em nginx.conf)
-    access_log /var/log/nginx/ns1.itguys.com.br.bad-bot.log blocked if=$is_bad_bot;
+    access_log /var/log/nginx/ns1.itguys.com.br.bad-bot.log suspicious_bot if=$is_bad_bot;
 
     # Módulo de Segurança Global (Bloqueia bots e URIs suspeitas de nginx.conf)
     if ($block_request) {
@@ -74,8 +74,8 @@ server {
     # ============================================================================
     # CONFIGURAÇÕES DE SSL/TLS (Hardening)
     # ============================================================================
-    ssl_certificate /etc/letsencrypt/live/ns1.itguys.com.br/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/ns1.itguys.com.br/privkey.pem;
+    #ssl_certificate /etc/letsencrypt/live/ns1.itguys.com.br/fullchain.pem;
+    #ssl_certificate_key /etc/letsencrypt/live/ns1.itguys.com.br/privkey.pem;
     ssl_protocols TLSv1.3 TLSv1.2;
     ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305';
     ssl_prefer_server_ciphers on;
@@ -85,9 +85,9 @@ server {
     ssl_session_tickets off;
 
     # OCSP Stapling
-    ssl_stapling on;
-    ssl_stapling_verify on;
-    ssl_trusted_certificate /etc/letsencrypt/live/ns1.itguys.com.br/fullchain.pem;
+    ssl_stapling off;
+    ssl_stapling_verify off;
+    #ssl_trusted_certificate /etc/letsencrypt/live/ns1.itguys.com.br/fullchain.pem;
     resolver 8.8.8.8 8.8.4.4 valid=300s;
     resolver_timeout 5s;