TheLastCicada.com Nginx file
user www-data; | |
worker_processes 1; | |
error_log /var/log/nginx/error.log warn; | |
pid /var/run/nginx.pid; | |
events { | |
worker_connections 1024; | |
} | |
http { | |
include /etc/nginx/mime.types; | |
default_type application/octet-stream; | |
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' | |
'$status $body_bytes_sent "$http_referer" ' | |
'"$http_user_agent" "$http_x_forwarded_for"'; | |
access_log /var/log/nginx/access.log main; | |
# Microcaching | |
fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=thelastcicada:20m inactive=60m max_size=200m; | |
fastcgi_cache_key "$scheme://request_method$host$request_uri"; | |
fastcgi_ignore_headers Cache-Control Expires; | |
sendfile on; | |
#tcp_nopush on; | |
keepalive_timeout 65; | |
gzip on; | |
gzip_disable "msie6"; | |
gzip_vary on; | |
gzip_proxied any; | |
gzip_comp_level 6; | |
gzip_buffers 16 8k; | |
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; | |
server_names_hash_bucket_size 64; | |
include /etc/nginx/conf.d/*.conf; | |
} |
server { | |
##DM - uncomment following line for domain mapping | |
listen 443 default_server ssl spdy; | |
server_name thelastcicada.com www.thelastcicada.com; | |
##DM - uncomment following line for domain mapping | |
#server_name_in_redirect off; | |
access_log /var/log/nginx/thelastcicada.com.access.log; | |
error_log /var/log/nginx/thelastcicada.com.error.log; | |
root /var/www/html/thelastcicada.com; | |
index index.php; | |
ssl on; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_prefer_server_ciphers on; | |
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS; | |
ssl_buffer_size 8k; | |
ssl_dhparam /etc/nginx/ssl/dh4096.pem; | |
ssl_session_cache shared:SSL:10m; | |
#ssl_certificate /etc/nginx/ssl/thelastcicada_com.crt; | |
ssl_certificate /etc/nginx/ssl/ssl-bundle6.crt; | |
ssl_certificate_key /etc/nginx/ssl/thelastcicada.key; | |
ssl_session_timeout 10m; | |
# Add SSL stapling | |
ssl_stapling on; | |
resolver 8.8.8.8; | |
# Compress the SSL headers | |
spdy_headers_comp 6; | |
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains"; | |
# Announce the SPDY alternate protocal | |
add_header Alternate-Protocol 443:npn-spdy/3,443:npn-spdy/2; | |
#add_header X-Frame-Options DENY; | |
if (!-e $request_filename) { | |
rewrite /wp-admin$ $scheme://$host$uri/ permanent; | |
rewrite ^(/[^/]+)?(/wp-.*) $2 last; | |
rewrite ^(/[^/]+)?(/.*\.php) $2 last; | |
} | |
location / { | |
try_files $uri $uri/ /index.php?$args ; | |
} | |
# Microcaching | |
#Cache everything by default | |
set $no_cache 0; | |
#Don't cache logged in users or commenters | |
if ( $http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" ) { | |
set $no_cache 1; | |
} | |
#Don't cache the following URLs | |
if ($request_uri ~* "/(wp-admin/|wp-login.php)") | |
{ | |
set $no_cache 1; | |
} | |
location ~ \.php$ { | |
try_files $uri =404; | |
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini | |
include /etc/nginx/fastcgi_params; | |
fastcgi_pass unix:/var/run/php5-fpm.sock; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
#matches keys_zone in fastcgi_cache_path | |
fastcgi_cache thelastcicada; | |
#don't serve pages defined earlier | |
fastcgi_cache_bypass $no_cache; | |
#don't cache pages defined earlier | |
fastcgi_no_cache $no_cache; | |
#defines the default cache time | |
fastcgi_cache_valid any 90s; | |
#unsure what the impacts of this variable is | |
fastcgi_max_temp_file_size 2M; | |
#Use stale cache items while updating in the background | |
fastcgi_cache_use_stale updating error timeout invalid_header http_500; | |
fastcgi_cache_lock on; | |
fastcgi_cache_lock_timeout 10s; | |
add_header X-Cache $upstream_cache_status; | |
} | |
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { | |
access_log off; log_not_found off; expires max; | |
} | |
location ~ /\. { deny all; access_log off; log_not_found off; } | |
# This should match upload_max_filesize in php.ini | |
client_max_body_size 20M; | |
} | |
server { | |
##DM - uncomment following line for domain mapping | |
#listen 80; | |
server_name thelastcicada.com *.thelastcicada.com; | |
rewrite (.*) https://thelastcicada.com$1 permanent; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment