Advertisement
Here is Ready to Use Nginx WordPress Configuration Sample File Which Can Used With Either Community Edition of Nginx or Nginx Plus & PHP5-FPM. Basic steps to install WordPress on HP Cloud with Nginx or on Rackspace has discussed numerous times, we have a video guide to install Nginx for running WordPress for HP Cloud too.
Nginx WordPress Configuration : Basics
We are assuming that the reader is using community version of Nginx with apt-get install nginx-full command. Installation of Nginx Plus has been discussed separately. In both versions of Nginx, this file is common :
1 | /etc/nginx/nginx.conf |
for community edition of Nginx, there is the additional file :
1 | /etc/nginx/sites-available/default |
This Nginx WordPress configuration sample can be used in any of the above location. We can easily empty any file on SSH with a simple command and then open it and paste the configuration. Always copy the code from our website to a plain text editor and then copy to server. Just for giving an example, we can either add this snippet directly in the above files :
1 2 3 4 5 6 7 8 9 | if ( $memcached_request = 0) { rewrite ^ /index.php last; } } location @rewrites { add_header X-Cache-Engine ""; rewrite ^ /index.php last; } |
or create a different file anyname,conf in any location like /usr/local/nginx/conf/ with the above snippet and call it :
---
1 | include /usr/local/nginx/conf/anyname,conf; |
We guess the first method is easier for the new users, while the next method is easy to manage.
Nginx WordPress Configuration Sample File
Do not keep any comments unless there is huge need. We assume that the WordPress is installed at root of the domain/ FTP root, this is for the nginx.conf file :
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 | user www-data; worker_processes 2; worker_priority 15; pid /run/nginx.pid; worker_rlimit_nofile 65536; events { worker_connections 6000; use epoll; multi_accept on; accept_mutex on; accept_mutex_delay 500ms; } http { sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 20; keepalive_requests 100000; client_max_body_size 30m; client_body_buffer_size 128K; client_header_buffer_size 128k; large_client_header_buffers 4 8k; client_body_timeout 10m; client_header_timeout 10m; client_body_temp_path /spool/nginx/client_temp 1 2; fastcgi_cache_path /usr/share/nginx/cache/fcgi levels=1:2 keys_zone=microcache:10m max_size=1024m inactive=1h; send_timeout 10m; reset_timedout_connection on; types_hash_max_size 2048; server_tokens off; open_file_cache max=200000 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 1; open_file_cache_errors on; server_names_hash_bucket_size 2048; default_type application/octet-stream; error_log /var/log/nginx/error.log crit; log_format '$remote_addr - $upstream_cache_status [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent"'; gzip on; gzip_static on; gzip_disable "msie6"; gzip_vary on; gzip_proxied any; gzip_comp_level 9; gzip_min_length 1; gzip_buffers 32 8k; gzip_http_version 1.1; gzip_types text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml image/png image/jpg image/jpeg image/gif; include /etc/nginx/mime.types; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } |
We are using SSL/HTTPS enabling HSTS, Public Key Pinning with CORS, WP Total Cache, WordPress SEO :
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 | server { listen 80; listen [::]:80 ipv6only=on; root /usr/share/nginx/html; index index.php index.html index.htm; gzip on; gzip_static on; gzip_disable "msie6"; gzip_vary on; gzip_proxied any; gzip_comp_level 9; gzip_buffers 32 8k; gzip_http_version 1.1; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/png image/gif image/jpeg image/jpg; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE'; add_header PS 1; expires modified +7200h; add_header 'Cache-Control' 'public'; server_name thecustomizewindows.com; location ~* .(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { expires max; log_not_found off; access_log off; } # end http server block location / { try_files $uri $uri/ /index.php; expires modified +7200h; add_header 'Cache-Control' 'public'; add_header Pragma public; return 301 https://thecustomizewindows.com$request_uri; if ($http_x_forwarded_proto = "http") { rewrite ^/(.*)$ https://thecustomizewindows.com/$1 permanent; } rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last; rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last; } location /doc/ { alias /usr/share/doc/; autoindex on; allow 127.0.0.1; allow ::1; deny all; } location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=101M"; fastcgi_cache microcache; fastcgi_cache_key $scheme$host$request_uri$request_method; fastcgi_cache_valid 200 301 302 30s; fastcgi_cache_use_stale updating error timeout invalid_header http_500; fastcgi_pass_header Set-Cookie; fastcgi_pass_header Cookie; fastcgi_ignore_headers Cache-Control Expires Set-Cookie; fastcgi_index index.php; fastcgi_buffer_size 128k; fastcgi_buffers 256 16k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; include fastcgi_params; } location ~ /\.ht { deny all; } } server { listen 443 ssl spdy default ipv6only=on; #listen [::]:443 ipv6only=on; server_name thecustomizewindows.com; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; server_tokens off; add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header Public-Key-Pins 'pin-sha256="write your here"; max-age=5184000; includeSubDomains'; add_header X-Cache $upstream_cache_status; expires modified +7200h; add_header 'Cache-Control' 'Public'; root /usr/share/nginx/html; index index.php index.html index.htm; gzip on; gzip_static on; gzip_disable "msie6"; gzip_vary on; gzip_proxied any; gzip_comp_level 9; gzip_buffers 32 8k; gzip_http_version 1.1; gzip_min_length 1; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/javascript application/xml+rss text/javascript image/png image/gif image/jpeg image/jpg; location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { expires modified +90d; add_header Cache-Control "max-age=31536000, public"; root /usr/share/nginx/html; add_header Pragma public; access_log off; } set $no_cache 0; set $cache_uri $request_uri; if ($request_method = POST) { set $cache_uri 'null cache'; } if ($query_string != "") { set $cache_uri 'null cache'; } if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { set $cache_uri 'null cache'; } if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { set $cache_uri 'null cache'; } rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last; rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last; location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { log_not_found off; access_log off; } error_page 404 /404.html; error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } location ~ .php$ { try_files $uri /index.php; include fastcgi_params; fastcgi_pass unix:/var/run/php5-fpm.sock; } ssl on; access_log off; spdy_headers_comp 1; ssl_certificate /etc/nginx/thecustomizewindows.com.crt; ssl_certificate_key /etc/nginx/thecustomizewindows.com.key; ssl_trusted_certificate /etc/nginx/signed_cert_plus_intermediate.crt; ssl_dhparam /etc/nginx/dhparam.pem; ssl_ecdh_curve prime256v1; ssl_session_cache shared:NginxCache123:10m; ssl_session_timeout 10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers ECDH+AESGCM256:DH+AESGCM256:ECDH+AES256:SH+AES256:RSA+AESGCM256:RSA+AES256:!aNULL:!MD5:!kEDH; add_header Alternate-Protocol 443:npn-spdy/3; add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload'; location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_cache microcache; fastcgi_cache_key $scheme$host$request_uri$request_method; fastcgi_cache_valid 200 301 302 30s; fastcgi_cache_use_stale updating error timeout invalid_header http_500; fastcgi_pass_header Set-Cookie; fastcgi_pass_header Cookie; fastcgi_ignore_headers Cache-Control Expires Set-Cookie; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=101M"; fastcgi_index index.php; fastcgi_buffer_size 128k; fastcgi_buffers 256 16k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; include fastcgi_params; set $skip_cache 1; if ($cache_uri != "null cache") { add_header X-Cache-Debug "$cache_uri $cookie_nocache $arg_nocache$arg_comment $http_pragma $http_authorization"; set $skip_cache 0; } fastcgi_cache_bypass $skip_cache; fastcgi_cache_valid any 8m; fastcgi_cache_bypass $http_pragma; add_header X-Cache $upstream_cache_status; fastcgi_pass_header X-Cache; if ($http_origin ~* (https?://[^/]*\.*\.com(:[0-9]+)?)) { set $cors "true"; } if ($http_origin ~* (https?://[^/]*\.*\.net(:[0-9]+)?)) { set $cors "true"; } if ($request_method = 'OPTIONS') { set $cors "${cors}options"; } if ($request_method = 'GET') { set $cors "${cors}get"; } if ($request_method = 'POST') { set $cors "${cors}post"; } if ($cors = "trueget") { add_header 'Access-Control-Allow-Origin' "$http_origin"; add_header 'Access-Control-Allow-Credentials' 'true'; } if ($cors = "truepost") { add_header 'Access-Control-Allow-Origin' "$http_origin"; add_header 'Access-Control-Allow-Credentials' 'true'; } if ($cors = "trueoptions") { add_header 'Access-Control-Allow-Origin' "$http_origin"; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Max-Age' 1728000; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'; return 204; } # BEGIN W3TC Page Cache core set $w3tc_rewrite 1; if ($request_method = POST) { set $w3tc_rewrite 0; } if ($query_string != "") { set $w3tc_rewrite 0; } if ($request_uri !~ \/$) { set $w3tc_rewrite 0; } if ($http_cookie ~* "(comment_author|wp\-postpass|w3tc_logged_out|wordpress_logged_in|wptouch_switch_toggle)") { set $w3tc_rewrite 0; } if ($http_cookie ~* "(w3tc_preview)") { set $w3tc_rewrite _preview; } set $w3tc_ssl ""; if ($scheme = https) { set $w3tc_ssl _ssl; } set $w3tc_enc ""; if ($http_accept_encoding ~ gzip) { set $w3tc_enc _gzip; } set $w3tc_ext ""; if (-f "$document_root/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_rewrite.html$w3tc_enc") { set $w3tc_ext .html; } if (-f "$document_root/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_rewrite.xml$w3tc_enc") { set $w3tc_ext .xml; } if ($w3tc_ext = "") { set $w3tc_rewrite 0; } if ($w3tc_rewrite = 1) { rewrite .* "/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_rewrite$w3tc_ext$w3tc_enc" last; } # END W3TC Page Cache core # BEGIN W3TC Page Cache cache location ~ /wp-content/cache/page_enhanced.*html$ { expires modified 31536000s; add_header Vary "Accept-Encoding, Cookie"; add_header Pragma "public"; add_header Cache-Control "max-age=31536000, public"; } location ~ /wp-content/cache/page_enhanced.*gzip$ { gzip off; types {} default_type text/html; expires modified 31536000s; add_header Vary "Accept-Encoding, Cookie"; add_header Pragma "public"; add_header Cache-Control "max-age=31536000, public"; add_header Content-Encoding gzip; } # END W3TC Page Cache cache # BEGIN W3TC Browser Cache gzip on; gzip_types text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon; location ~ \.(css|htc|less|js|js2|js3|js4)$ { expires 315360000s; add_header Pragma "public"; add_header Cache-Control "max-age=315360000, public"; } location ~ \.(html|htm|rtf|rtx|svg|svgz|txt|xsd|xsl|xml)$ { expires 31536000s; add_header Pragma "public"; add_header Cache-Control "max-age=31536000, public"; } location ~ \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|woff|xla|xls|xlsx|xlt|xlw|zip)$ { expires 31536000s; add_header Pragma "public"; add_header Cache-Control "max-age=31536000, public"; } # END W3TC Browser Cache # BEGIN W3TC CDN location ~ \.(ttf|ttc|otf|eot|woff|font.css)$ { add_header Access-Control-Allow-Origin "*"; expires 31536000s; add_header Pragma "public"; add_header Cache-Control "max-age=31536000, public"; } # END W3TC CDN # BEGIN W3TC Minify cache location ~ /wp-content/cache/minify.*\.js$ { types {} default_type application/x-javascript; expires modified 315360000s; add_header Vary "Accept-Encoding"; add_header Pragma "public"; add_header Cache-Control "max-age=315360000, public"; } location ~ /wp-content/cache/minify.*\.css$ { types {} default_type text/css; expires modified 315360000s; add_header Vary "Accept-Encoding"; add_header Pragma "public"; add_header Cache-Control "max-age=315360000, public"; } location ~ /wp-content/cache/minify.*js\.gzip$ { gzip off; types {} default_type application/x-javascript; expires modified 315360000s; add_header Vary "Accept-Encoding"; add_header Pragma "public"; add_header Cache-Control "max-age=315360000, public"; add_header Content-Encoding gzip; } location ~ /wp-content/cache/minify.*css\.gzip$ { gzip off; types {} default_type text/css; expires modified 315360000s; add_header Vary "Accept-Encoding"; add_header Pragma "public"; add_header Cache-Control "max-age=315360000, public"; add_header Content-Encoding gzip; } # END W3TC Minify cache location ~* \.(?:ico|css|js|gif|jpe?g|png)$ { expires 30d; add_header Pragma public; add_header Cache-Control "public"; } } # end server block location / { try_files $uri $uri/ /index.php; } location /feed/ { expires -1; try_files $uri $uri/ /index.php; } location /ping { access_log /var/log/nginx/ping.log; allow all; fastcgi_split_path_info ^(.+.php)(.*)$; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } location /status { access_log /var/log/nginx/fpm.status.log; stub_status on; allow 127.0.0.1; deny all; fastcgi_split_path_info ^(.+.php)(.*)$; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } |
We have also added Ping and Status. You can copy from this config’s Github project.
You have to create the directories and properly chown them.
Tagged With paperuri:(5fdf35726e52f9f35c8b3f03e1f99042)
