Created
May 19, 2024 13:42
-
-
Save Tusko/2c4fb8c8d2480b7a892ca8e32ca61dcf to your computer and use it in GitHub Desktop.
Hestia Nginx/PHP-FPM for WP Fastest Cache
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#=========================================================================# | |
# Default Web Domain Template # | |
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS # | |
# https://hestiacp.com/docs/server-administration/web-templates.html # | |
#=========================================================================# | |
server { | |
listen %ip%:%web_ssl_port% ssl; | |
server_name %domain_idn% %alias_idn%; | |
root %sdocroot%; | |
index index.php index.html index.htm; | |
access_log /var/log/nginx/domains/%domain%.log combined; | |
access_log /var/log/nginx/domains/%domain%.bytes bytes; | |
error_log /var/log/nginx/domains/%domain%.error.log error; | |
ssl_certificate %ssl_pem%; | |
ssl_certificate_key %ssl_key%; | |
ssl_stapling on; | |
ssl_stapling_verify on; | |
# TLS 1.3 0-RTT anti-replay | |
if ($anti_replay = 307) { return 307 https://$host$request_uri; } | |
if ($anti_replay = 425) { return 425; } | |
include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*; | |
location = /favicon.ico { | |
log_not_found off; | |
access_log off; | |
} | |
location = /robots.txt { | |
try_files $uri $uri/ /index.php?$args; | |
log_not_found off; | |
access_log off; | |
} | |
location ~ /\.(?!well-known\/) { | |
deny all; | |
return 404; | |
} | |
location = /xmlrpc.php { | |
deny all; | |
access_log off; | |
log_not_found off; | |
return 403; | |
} | |
location / { | |
error_page 418 = @cachemiss; # to handle cache misses | |
error_page 419 = @mobileaccess; # to handle mobile visits | |
recursive_error_pages on; | |
set $pathDomain "/wp-content/cache/${host}/all${uri}"; # path domain for multisite | |
set $path "/wp-content/cache/all${uri}"; | |
# bypass POST requests | |
if ($request_method = POST) { return 418; } | |
# uncommenting the following degrades the performance on certain sites. YMMV | |
# if ($query_string != "") { return 418; } | |
# bypass cache for common query strings | |
if ($arg_s != "") { return 418; } # search query | |
if ($arg_p != "") { return 418; } # request a post / page by ID | |
if ($args ~ "amp") { return 418; } # amp test | |
if ($arg_preview = "true") { return 418; } # preview post / page | |
if ($arg_ao_noptimize != "") { return 418; } # support for Autoptimize plugin | |
# if WP related cookies are found, skip cache | |
if ($http_cookie ~* "wordpress_logged_in_") { return 418; } | |
if ($http_cookie ~* "comment_author_") { return 418; } | |
if ($http_cookie ~* "wp_postpass_") { return 418; } | |
# avoid duplicate content on Amazon CloudFront and KeyCDN. | |
if ( $http_user_agent = "Amazon CloudFront" ) { return 403; access_log off; } | |
if ($http_x_pull = "KeyCDN") { return 403; access_log off; } | |
# look for cached version; if-not-found, then send the request to PHP | |
try_files "${path}index.html" "${path}/index.html" "${pathDomain}index.html" "${pathDomain}/index.html" $uri $uri/ /index.php$is_args$args; | |
add_header "X-Cache" "HIT - WP Fastest Cache"; | |
add_header "X-CF-Powered-By" "WP Fastest Cache"; | |
add_header "Vary" "Cookie"; | |
expires 1h; | |
add_header "Cache-Control" "must-revalidate"; | |
location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|woff2|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|webp|ico|bmp|mid|midi|wav|rtf|css|js|jar)$ { | |
expires 30d; | |
fastcgi_hide_header "Set-Cookie"; | |
} | |
location ~* /(?:uploads|files)/.*.php$ { | |
deny all; | |
return 404; | |
} | |
location = /xmlrpc.php { | |
deny all; | |
access_log off; | |
log_not_found off; | |
return 403; | |
} | |
location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|woff2|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|webp|ico|bmp|mid|midi|wav|rtf|css|js|jar)$ { | |
expires 30d; | |
fastcgi_hide_header "Set-Cookie"; | |
} | |
location ~* /(?:uploads|files)/.*.php$ { | |
deny all; | |
return 404; | |
} | |
location ~ [^/]\.php(/|$) { | |
try_files $uri =404; | |
include /etc/nginx/fastcgi_params; | |
fastcgi_index index.php; | |
fastcgi_param HTTP_EARLY_DATA $rfc_early_data if_not_empty; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
fastcgi_pass %backend_lsnr%; | |
include %home%/%user%/conf/web/%domain%/nginx.fastcgi_cache.conf*; | |
if ($request_uri ~* "/wp-admin/|/wp-json/|wp-.*.php|xmlrpc.php|index.php|/store.*|/cart.*|/my-account.*|/checkout.*") { | |
set $no_cache 1; | |
} | |
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|woocommerce_items_in_cart|woocommerce_cart_hash|PHPSESSID") { | |
set $no_cache 1; | |
} | |
} | |
} | |
location /error/ { | |
alias %home%/%user%/web/%domain%/document_errors/; | |
} | |
location /vstats/ { | |
alias %home%/%user%/web/%domain%/stats/; | |
include %home%/%user%/web/%domain%/stats/auth.conf*; | |
} | |
proxy_hide_header Upgrade; | |
location @cachemiss { | |
# on cache miss, send the request to PHP | |
try_files $uri $uri/ /index.php$is_args$args; | |
} | |
include /etc/nginx/conf.d/phpmyadmin.inc*; | |
include /etc/nginx/conf.d/phppgadmin.inc*; | |
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#=========================================================================# | |
# Default Web Domain Template # | |
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS # | |
# https://hestiacp.com/docs/server-administration/web-templates.html # | |
#=========================================================================# | |
server { | |
listen %ip%:%web_port%; | |
server_name %domain_idn% %alias_idn%; | |
root %docroot%; | |
index index.php index.html index.htm; | |
access_log /var/log/nginx/domains/%domain%.log combined; | |
access_log /var/log/nginx/domains/%domain%.bytes bytes; | |
error_log /var/log/nginx/domains/%domain%.error.log error; | |
include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*; | |
location = /favicon.ico { | |
log_not_found off; | |
access_log off; | |
} | |
location = /robots.txt { | |
try_files $uri $uri/ /index.php?$args; | |
log_not_found off; | |
access_log off; | |
} | |
location ~ /\.(?!well-known\/) { | |
deny all; | |
return 404; | |
} | |
location / { | |
error_page 418 = @cachemiss; # to handle cache misses | |
error_page 419 = @mobileaccess; # to handle mobile visits | |
recursive_error_pages on; | |
set $pathDomain "/wp-content/cache/${host}/all${uri}"; # path domain for multisite | |
set $path "/wp-content/cache/all${uri}"; | |
# bypass POST requests | |
if ($request_method = POST) { return 418; } | |
# uncommenting the following degrades the performance on certain sites. YMMV | |
# if ($query_string != "") { return 418; } | |
# bypass cache for common query strings | |
if ($arg_s != "") { return 418; } # search query | |
if ($arg_p != "") { return 418; } # request a post / page by ID | |
if ($args ~ "amp") { return 418; } # amp test | |
if ($arg_preview = "true") { return 418; } # preview post / page | |
if ($arg_ao_noptimize != "") { return 418; } # support for Autoptimize plugin | |
# if WP related cookies are found, skip cache | |
if ($http_cookie ~* "wordpress_logged_in_") { return 418; } | |
if ($http_cookie ~* "comment_author_") { return 418; } | |
if ($http_cookie ~* "wp_postpass_") { return 418; } | |
# avoid duplicate content on Amazon CloudFront and KeyCDN. | |
if ( $http_user_agent = "Amazon CloudFront" ) { return 403; access_log off; } | |
if ($http_x_pull = "KeyCDN") { return 403; access_log off; } | |
# look for cached version; if-not-found, then send the request to PHP | |
try_files "${path}index.html" "${path}/index.html" "${pathDomain}index.html" "${pathDomain}/index.html" $uri $uri/ /index.php$is_args$args; | |
add_header "X-Cache" "HIT - WP Fastest Cache"; | |
add_header "X-CF-Powered-By" "WP Fastest Cache"; | |
add_header "Vary" "Cookie"; | |
expires 1h; | |
add_header "Cache-Control" "must-revalidate"; | |
location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|woff2|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|webp|ico|bmp|mid|midi|wav|rtf|css|js|jar)$ { | |
expires 30d; | |
fastcgi_hide_header "Set-Cookie"; | |
} | |
location ~* /(?:uploads|files)/.*.php$ { | |
deny all; | |
return 404; | |
} | |
location = /xmlrpc.php { | |
deny all; | |
access_log off; | |
log_not_found off; | |
return 403; | |
} | |
location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|woff2|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|webp|ico|bmp|mid|midi|wav|rtf|css|js|jar)$ { | |
expires 30d; | |
fastcgi_hide_header "Set-Cookie"; | |
} | |
location ~* /(?:uploads|files)/.*.php$ { | |
deny all; | |
return 404; | |
} | |
location ~ [^/]\.php(/|$) { | |
try_files $uri =404; | |
include /etc/nginx/fastcgi_params; | |
fastcgi_index index.php; | |
fastcgi_param HTTP_EARLY_DATA $rfc_early_data if_not_empty; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
fastcgi_pass %backend_lsnr%; | |
include %home%/%user%/conf/web/%domain%/nginx.fastcgi_cache.conf*; | |
if ($request_uri ~* "/wp-admin/|/wp-json/|wp-.*.php|xmlrpc.php|index.php|/store.*|/cart.*|/my-account.*|/checkout.*") { | |
set $no_cache 1; | |
} | |
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|woocommerce_items_in_cart|woocommerce_cart_hash|PHPSESSID") { | |
set $no_cache 1; | |
} | |
} | |
} | |
location /error/ { | |
alias %home%/%user%/web/%domain%/document_errors/; | |
} | |
location /vstats/ { | |
alias %home%/%user%/web/%domain%/stats/; | |
include %home%/%user%/web/%domain%/stats/auth.conf*; | |
} | |
proxy_hide_header Upgrade; | |
location @cachemiss { | |
# on cache miss, send the request to PHP | |
try_files $uri $uri/ /index.php$is_args$args; | |
} | |
include /etc/nginx/conf.d/phpmyadmin.inc*; | |
include /etc/nginx/conf.d/phppgadmin.inc*; | |
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment