-
-
Save cgrymala/f1870b4c4d966b72c4b1 to your computer and use it in GitHub Desktop.
nginx config at UMW
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| proxy_cache_valid 200 30m; | |
| listen 80; ## listen for ipv4 | |
| server_name www.example.com; | |
| access_log /var/log/nginx/access.log combined; | |
| # Set the real IP. | |
| proxy_set_header X-Real-IP $remote_addr; | |
| # Set the hostname | |
| proxy_set_header Host $host; | |
| #Set the forwarded-for header. | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| #set the cache key | |
| set $cache_key "$scheme://$host$request_uri "; | |
| location / { | |
| # If logged in, don't cache. | |
| if ($http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" ) { | |
| set $do_not_cache 1; | |
| } | |
| # cache mobile devices separately | |
| if ($http_user_agent ~* "(iphone|ipod|incognito|webmate|android|dream|cupcake|froyo|blackberry|mobile|webos|s8000|bada)" ) { | |
| set $mobile "m"; | |
| } | |
| # exclude iPad from mobile devices | |
| if ($http_user_agent ~* "(ipad)" ) { | |
| set $mobile ""; | |
| } | |
| proxy_cache_key "$cache_key$mobile$do_not_cache"; | |
| proxy_cache staticfilecache; | |
| proxy_pass http://wordpressapache; | |
| } | |
| location ~* wp\-.*\.php|wp\-admin { | |
| # Don't static file cache admin-looking things. | |
| proxy_pass http://wordpressapache; | |
| } | |
| # For the Nginx Proxy Cache Purge plugin | |
| location ~ /purge(/.*) { | |
| proxy_cache_purge staticfilecache "$scheme://$host$1 "; | |
| } | |
| location ~ /mobilepurge(/.*) { | |
| proxy_cache_purge staticfilecache "$scheme://$host$1 m"; | |
| } | |
| location ~* \.(jpg|png|gif|jpeg|css|js|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ { | |
| # Cache static-looking files for 120 minutes, setting a 10 day expiry time in the HTTP header, | |
| # whether logged in or not (may be too heavy-handed). | |
| expires 864000; | |
| proxy_pass http://wordpressapache; | |
| proxy_cache staticfilecache; | |
| } | |
| location ~* \/[^\/]+\/(feed|\.xml)\/? { | |
| # Cache RSS looking feeds for 45 minutes unless logged in. | |
| if ($http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" ) { | |
| set $do_not_cache 1; | |
| } | |
| # cache mobile devices separately | |
| if ($http_user_agent ~* "(iphone|ipod|incognito|webmate|android|dream|cupcake|froyo|blackberry|mobile|webos|s8000|bada)" ) { | |
| set $mobile "m"; | |
| } | |
| # exclude iPad from mobile devices | |
| if ($http_user_agent ~* "(ipad)" ) { | |
| set $mobile ""; | |
| } | |
| proxy_cache_key "$cache_key$mobile$do_not_cache"; | |
| proxy_cache staticfilecache; | |
| proxy_pass http://wordpressapache; | |
| } | |
| location = /50x.html { | |
| root /var/www/nginx-default; | |
| } | |
| # No access to .htaccess files. | |
| location ~ /\.ht { | |
| deny all; | |
| } | |
| } | |
| # HTTPS server | |
| server { | |
| listen 443; | |
| ssl on; | |
| ssl_certificate /etc/ssl/certs/www.crt; | |
| ssl_certificate_key /etc/ssl/private/www.key; | |
| ssl_session_timeout 5m; | |
| ssl_protocols SSLv3 TLSv1; | |
| # ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; | |
| ssl_ciphers ALL:!ADH:!EXPORT56:!LOW:!EXP:!aNULL:!eNULL:RC4+RSA:+HIGH:+MEDIUM:+SSLv3; | |
| ssl_prefer_server_ciphers on; | |
| proxy_cache_valid 200 30m; | |
| access_log /var/log/nginx/access.log combined; | |
| # Set the real IP. | |
| proxy_set_header X-Real-IP $remote_addr; | |
| # Set the hostname | |
| proxy_set_header Host $host; | |
| #Set the forwarded-for header. | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| #set the cache key | |
| set $cache_key "$scheme://$host$request_uri "; | |
| location / { | |
| # If logged in, don't cache. | |
| if ($http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" ) { | |
| set $do_not_cache 1; | |
| } | |
| proxy_cache_key "$cache_key$do_not_cache"; | |
| proxy_cache staticfilecache; | |
| proxy_pass http://wordpressapache; | |
| } | |
| location ~* wp\-.*\.php|wp\-admin { | |
| # Don't static file cache admin-looking things. | |
| proxy_pass http://wordpressapache; | |
| } | |
| location ~* \.(jpg|png|gif|jpeg|css|js|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ { | |
| # Cache static-looking files for 120 minutes, setting a 10 day expiry time in the HTTP header, | |
| # whether logged in or not (may be too heavy-handed). | |
| expires 864000; | |
| proxy_pass http://wordpressapache; | |
| proxy_cache staticfilecache; | |
| } | |
| location ~* \/[^\/]+\/(feed|\.xml)\/? { | |
| # Cache RSS looking feeds for 45 minutes unless logged in. | |
| if ($http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" ) { | |
| set $do_not_cache 1; | |
| } | |
| proxy_cache_key "$cache_key$do_not_cache"; | |
| proxy_cache staticfilecache; | |
| proxy_pass http://wordpressapache; | |
| } | |
| # For the Nginx Proxy Cache Purge plugin | |
| location ~ /purge(/.*) { | |
| proxy_cache_purge staticfilecache "$scheme://$host$1 "; | |
| } | |
| location = /50x.html { | |
| root /var/www/nginx-default; | |
| } | |
| # No access to .htaccess files. | |
| location ~ /\.ht { | |
| deny all; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment