Created
January 30, 2016 12:28
-
-
Save hiddenl00p/1e3bdfa08636677255a9 to your computer and use it in GitHub Desktop.
Laravel Forge WordPress nginx.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Redirect everything to the main site. We use a separate server statement and NOT an if statement - see http://wiki.nginx.org/IfIsEvil | |
server { | |
server_name _; | |
rewrite ^ $scheme://sitename.com$request_uri redirect; | |
} | |
server { | |
listen 80; | |
server_name sitename.com; | |
root /home/forge/sitename.com; | |
# FORGE SSL (DO NOT REMOVE!) | |
# ssl_certificate; | |
# ssl_certificate_key; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
index index.php; | |
charset utf-8; | |
access_log off; | |
error_log /var/log/nginx/sitename.com-error.log error; | |
### Global restrictions ### | |
location = /favicon.ico { | |
log_not_found off; | |
access_log off; | |
} | |
location = /robots.txt { | |
allow all; | |
log_not_found off; | |
access_log off; | |
} | |
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). | |
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) | |
location ~ /\. { | |
deny all; | |
} | |
# Deny access to any files with a .php extension in the uploads directory | |
# Works in sub-directory installs and also in multisite network | |
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) | |
location ~* /(?:uploads|files)/.*\.php$ { | |
deny all; | |
} | |
### WordPress Rules ### | |
# This order might seem weird - this is attempted to match last if rules below fail. | |
# http://wiki.nginx.org/HttpCoreModule | |
location / { | |
try_files $uri $uri/ /index.php?$args; | |
} | |
# Add trailing slash to */wp-admin requests. | |
rewrite /wp-admin$ $scheme://$host$uri/ permanent; | |
# Directives to send expires headers and turn off 404 error logging. | |
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { | |
access_log off; log_not_found off; expires max; | |
} | |
# Uncomment one of the lines below for the appropriate caching plugin (if used). | |
#include global/wordpress-wp-super-cache.conf; | |
#include global/wordpress-w3-total-cache.conf; | |
# Pass all .php files onto a php-fpm/php-fcgi server. | |
location ~ [^/]\.php(/|$) { | |
fastcgi_split_path_info ^(.+?\.php)(/.*)$; | |
if (!-f $document_root$fastcgi_script_name) { | |
return 404; | |
} | |
# This is a robust solution for path info security issue and works with "cgi.fix_pathinfo = 1" in /etc/php.ini (default) | |
include fastcgi.conf; | |
fastcgi_index index.php; | |
fastcgi_intercept_errors off; | |
fastcgi_pass php; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment