Nginx WordPress

Here is nginx configuration for wordpress

server {
    listen 80;
    server_name serverok.in www.serverok.in;
    root /var/www/html;
    index index.php;
    client_max_body_size 100M;

    location = /favicon.ico {
            log_not_found off;
            access_log off;
    }

    location = /robots.txt {
            allow all;
            log_not_found off;
            access_log off;
    }

    location / {
            try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        proxy_read_timeout 180;
        fastcgi_intercept_errors on;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

    location ~* \.(txt|xml|js)$ {
            expires max;
            log_not_found off;
            access_log off;
    }

    location ~* \.(css)$ {
            expires max;
            log_not_found off;
            access_log off;
    }

    location ~* \.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav|mp4|m4v|ogg|webm|aac|eot|ttf|otf|woff|svg)$ {
            expires max;
            log_not_found off;
            access_log off;
    }

    location ~* \.(jpg|jpeg|png|gif|swf|webp)$ {
             expires max;
             log_not_found off;
             access_log off;
    }

    gzip on;
    gzip_http_version  1.1;
    gzip_comp_level    5;
    gzip_min_length    256;
    gzip_proxied       any;
    gzip_vary          on;
    gzip_types
        application/atom+xml
        application/javascript
        application/json
        application/rss+xml
        application/vnd.ms-fontobject
        application/x-font-ttf
        application/x-web-app-manifest+json
        application/xhtml+xml
        application/xml
        font/opentype
        image/svg+xml
        image/x-icon
        text/css
        text/plain
        text/x-component;
}

Nginx Config with FCGI Cache + gzip compression

fastcgi_cache_path /tmp/nginx-cache levels=1:2 keys_zone=WORDPRESS:500m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header http_500;

server {
    listen *:443 ssl http2;
    server_name www.serverok.in serverok.in;
    root /var/www/html;
    index index.php;
    client_max_body_size 100M;

    location = /favicon.ico {
            log_not_found off;
            access_log off;
    }

    location = /robots.txt {
            allow all;
            log_not_found off;
            access_log off;
    }

    location / {
            try_files $uri $uri/ /index.php?$args;
    }

    #fastcgi_cache start
    set $no_cache 0;

    # POST requests and urls with a query string should always go to PHP
    if ($request_method = POST) {
            set $no_cache 1;
    }   
    if ($query_string != "") {
            set $no_cache 1;
    }   

    # Don't cache uris containing the following segments
    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
            set $no_cache 1;
    }   

    # Don't use the cache for logged in users or recent commenters
    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
            set $no_cache 1;
    } 

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        proxy_read_timeout 180;
        fastcgi_intercept_errors on;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;

        fastcgi_cache_bypass $no_cache;
        fastcgi_no_cache $no_cache;
        fastcgi_cache WORDPRESS;
        fastcgi_cache_valid 200 60m;

        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

    location ~* \.(txt|xml|js)$ {
            expires max;
            log_not_found off;
            access_log off;
    }

    location ~* \.(css)$ {
            expires max;
            log_not_found off;
            access_log off;
    }

    location ~* \.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav|mp4|m4v|ogg|webm|aac|eot|ttf|otf|woff|svg)$ {
            expires max;
            log_not_found off;
            access_log off;
    }

    location ~* \.(jpg|jpeg|png|gif|swf|webp)$ {
             expires max;
             log_not_found off;
             access_log off;
    }

    ssl on;
    ssl_certificate /etc/ssl/serverok.in.crt;
    ssl_certificate_key /etc/ssl/serverok.in.key;

    # Enable HSTS. This forces SSL on clients that respect it, most modern browsers. The includeSubDomains flag is optional.
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

    # Set caches, protocols, and accepted ciphers. This config will merit an A+ SSL Labs score as of Sept 2015.
    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout 10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:CAMELLIA256-SHA:CAMELLIA128-SHA256;

    # Compression

    # Enable Gzip compressed.
    gzip on;

    # Enable compression both for HTTP/1.0 and HTTP/1.1.
    gzip_http_version  1.1;

    # Compression level (1-9).
    # 5 is a perfect compromise between size and cpu usage, offering about
    # 75% reduction for most ascii files (almost identical to level 9).
    gzip_comp_level    5;

    # Don't compress anything that's already small and unlikely to shrink much
    # if at all (the default is 20 bytes, which is bad as that usually leads to
    # larger files after gzipping).
    gzip_min_length    256;

    # Compress data even for clients that are connecting to us via proxies,
    # identified by the "Via" header (required for CloudFront).
    gzip_proxied       any;

    # Tell proxies to cache both the gzipped and regular version of a resource
    # whenever the client's Accept-Encoding capabilities header varies;
    # Avoids the issue where a non-gzip capable client (which is extremely rare
    # today) would display gibberish if their proxy gave them the gzipped version.
    gzip_vary          on;

    # Compress all output labeled with one of the following MIME-types.
    gzip_types
        application/atom+xml
        application/javascript
        application/json
        application/rss+xml
        application/vnd.ms-fontobject
        application/x-font-ttf
        application/x-web-app-manifest+json
        application/xhtml+xml
        application/xml
        font/opentype
        image/svg+xml
        image/x-icon
        text/css
        text/plain
        text/x-component;
}
 
server {
    listen 80;
    server_name  www.serverok.in serverok.in;
    return       301 https://serverok.in$request_uri;
}

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *