Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
TheLastCicada.com Nginx file
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
# Microcaching
fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=thelastcicada:20m inactive=60m max_size=200m;
fastcgi_cache_key "$scheme://request_method$host$request_uri";
fastcgi_ignore_headers Cache-Control Expires;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
server_names_hash_bucket_size 64;
include /etc/nginx/conf.d/*.conf;
}
server {
##DM - uncomment following line for domain mapping
listen 443 default_server ssl spdy;
server_name thelastcicada.com www.thelastcicada.com;
##DM - uncomment following line for domain mapping
#server_name_in_redirect off;
access_log /var/log/nginx/thelastcicada.com.access.log;
error_log /var/log/nginx/thelastcicada.com.error.log;
root /var/www/html/thelastcicada.com;
index index.php;
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
ssl_buffer_size 8k;
ssl_dhparam /etc/nginx/ssl/dh4096.pem;
ssl_session_cache shared:SSL:10m;
#ssl_certificate /etc/nginx/ssl/thelastcicada_com.crt;
ssl_certificate /etc/nginx/ssl/ssl-bundle6.crt;
ssl_certificate_key /etc/nginx/ssl/thelastcicada.key;
ssl_session_timeout 10m;
# Add SSL stapling
ssl_stapling on;
resolver 8.8.8.8;
# Compress the SSL headers
spdy_headers_comp 6;
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
# Announce the SPDY alternate protocal
add_header Alternate-Protocol 443:npn-spdy/3,443:npn-spdy/2;
#add_header X-Frame-Options DENY;
if (!-e $request_filename) {
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
rewrite ^(/[^/]+)?(/wp-.*) $2 last;
rewrite ^(/[^/]+)?(/.*\.php) $2 last;
}
location / {
try_files $uri $uri/ /index.php?$args ;
}
# Microcaching
#Cache everything by default
set $no_cache 0;
#Don't cache logged in users or commenters
if ( $http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" ) {
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/(wp-admin/|wp-login.php)")
{
set $no_cache 1;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#matches keys_zone in fastcgi_cache_path
fastcgi_cache thelastcicada;
#don't serve pages defined earlier
fastcgi_cache_bypass $no_cache;
#don't cache pages defined earlier
fastcgi_no_cache $no_cache;
#defines the default cache time
fastcgi_cache_valid any 90s;
#unsure what the impacts of this variable is
fastcgi_max_temp_file_size 2M;
#Use stale cache items while updating in the background
fastcgi_cache_use_stale updating error timeout invalid_header http_500;
fastcgi_cache_lock on;
fastcgi_cache_lock_timeout 10s;
add_header X-Cache $upstream_cache_status;
}
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off; log_not_found off; expires max;
}
location ~ /\. { deny all; access_log off; log_not_found off; }
# This should match upload_max_filesize in php.ini
client_max_body_size 20M;
}
server {
##DM - uncomment following line for domain mapping
#listen 80;
server_name thelastcicada.com *.thelastcicada.com;
rewrite (.*) https://thelastcicada.com$1 permanent;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.