PNG  IHDR* pHYs+ IDATx]n#; cdLb Ǚ[at¤_:uP}>!Usă cag޿ ֵNu`ݼTâabO7uL&y^wFٝA"l[|ŲHLN밪4*sG3|Dv}?+y߉{OuOAt4Jj.u]Gz*҉sP'VQKbA1u\`& Af;HWj hsO;ogTu uj7S3/QzUr&wS`M$X_L7r2;aE+ώ%vikDA:dR+%KzƉo>eOth$z%: :{WwaQ:wz%4foɹE[9<]#ERINƻv溂E%P1i01 |Jvҗ&{b?9g=^wζXn/lK::90KwrюO\!ջ3uzuGv^;騢wq<Iatv09:tt~hEG`v;3@MNZD.1]L:{ծI3`L(÷ba")Y.iljCɄae#I"1 `3*Bdz>j<fU40⨬%O$3cGt]j%Fߠ_twJ;ABU8vP3uEԑwQ V:h%))LfraqX-ۿX]v-\9I gl8tzX ]ecm)-cgʒ#Uw=Wlێn(0hPP/ӨtQ“&J35 $=]r1{tLuǮ*i0_;NƝ8;-vݏr8+U-kruȕYr0RnC]*ެ(M:]gE;{]tg(#ZJ9y>utRDRMdr9㪩̞zֹb<ģ&wzJM"iI( .ꮅX)Qw:9,i좜\Ԛi7&N0:asϓc];=ΗOӣ APqz93 y $)A*kVHZwBƺnWNaby>XMN*45~ղM6Nvm;A=jֲ.~1}(9`KJ/V F9[=`~[;sRuk]rєT!)iQO)Y$V ی ۤmzWz5IM Zb )ˆC`6 rRa}qNmUfDsWuˤV{ Pݝ'=Kֳbg,UҘVz2ﴻnjNgBb{? ߮tcsͻQuxVCIY۠:(V뺕 ٥2;t`@Fo{Z9`;]wMzU~%UA蛚dI vGq\r82iu +St`cR.6U/M9IENDB`lua_ssl_verify_depth 2; lua_ssl_trusted_certificate /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem; ssl_certificate_by_lua_file lua/ssl.lua; set $cpanel_protection 0; set $proxy_part ''; if ($append_port) { set $proxy_part :$destination_port; } set $trust_ezoic 0; rewrite_by_lua_file lua/accesscheck.lua; set $backend_dest $server_addr; if ($backend_dest ~ "^[a-fA-F0-9:]+$") { set $backend_dest [$backend_dest]; } location = /selfcheck { allow 127.0.0.1; allow ::1; deny all; access_log off; add_header "Content-Type" "text/plain"; return 200 "healthy:${msec}\n"; } location @to_static { root html/captcha; try_files $uri /a9bc224bd710f56d27affffddc764239b58c3faa0/shield.png; } location @by_default { proxy_http_version 1.1; proxy_set_header Host $host$proxy_part; proxy_set_header Connection $connection_upgrade; proxy_set_header Upgrade $http_upgrade; # Wafd is responsible for setting this header after it became hidden proxy_hide_header Upgrade; proxy_bind $bind_target; proxy_pass $scheme://$backend_dest:$destination_port; } location / { access_by_lua_file lua/reqrouter.lua; } location @to_backend { access_by_lua_block { local xff = ngx.var.http_x_forwarded_for if not xff or ngx.var.remote_proxy == "0" then ngx.req.set_header("X-Forwarded-For", ngx.var.wsuserip) else ngx.req.set_header("X-Forwarded-For", xff .. ", " .. ngx.var.remote_addr) end } header_filter_by_lua_block { local upgrade_hdr = ngx.var.http_upgrade if upgrade_hdr == "websocket" then ngx.header["Upgrade"] = upgrade_hdr else ngx.header["Upgrade"] = nil end } proxy_set_header Host $host$proxy_part; proxy_set_header X-Real-IP $wsuserip; proxy_set_header X-Remote-IP $remote_addr; proxy_set_header Upgrade $http_upgrade; expires off; proxy_http_version 1.1; proxy_set_header Connection $connection_upgrade; include /etc/imunify360-webshield/webshield-backend.conf.d/*.conf; proxy_bind $bind_target; proxy_pass $scheme://catchall; } location @to_captcha { include /etc/imunify360-webshield/invisible-captcha.conf; root html/captcha; default_type text/html; add_header Last-Modified $date_gmt; add_header Cache-Control 'private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0'; add_header cf-edge-cache no-cache; add_header Expires 'Thu, 01 Jan 1970 00:00:01 GMT'; if_modified_since off; expires off; etag off; keepalive_timeout 0; include /etc/imunify360-webshield/webshield-captcha.conf.d/*.conf; content_by_lua_file lua/captcha.lua; } location @to_splashscreen { root html/splashscreen; default_type text/html; add_header Last-Modified $date_gmt; add_header Cache-Control 'private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0'; add_header cf-edge-cache no-cache; if_modified_since off; expires off; etag off; keepalive_timeout 0; include /etc/imunify360-webshield/webshield-splashscreen.conf.d/*.conf; content_by_lua_file lua/splashscreen.lua; } location @to_wsidchk { content_by_lua_file lua/wsidchk.lua; }