Skip to content

Instantly share code, notes, and snippets.

@craigsimps
Created May 6, 2016 16:32
Show Gist options
  • Save craigsimps/5bb44e3362659592e46d798ae5b73ec1 to your computer and use it in GitHub Desktop.
Save craigsimps/5bb44e3362659592e46d798ae5b73ec1 to your computer and use it in GitHub Desktop.
Tweaks for nginx conf: wp redirect, gzip, set expiry headers, set security headers.
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php?q=$1 last;
break;
}
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss;
gzip_vary on;
location ~* \.(?:css|js|jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|eot|mp4|ogg|ogv|webm)$ {
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
}
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Xss-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Content-Security-Policy "default-src https: data: 'unsafe-inline' 'unsafe-eval'" always;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment