Created
July 18, 2012 13:40
-
-
Save hpatoio/3136270 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
proxy_cache_path /var/nginx_cache/mycache levels=1:2 keys_zone=MYCACHE:5m inactive=12h max_size=20m; | |
# The config is even for the non-www host later you will see how we manage the redirect | |
server_name www.mysite.it mysite.it; | |
listen 111.222.333.444:80; | |
access_log /var/log/nginx/nginx.mysite_it.log upstream; | |
proxy_redirect off; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_store_access user:rw group:rw all:r; | |
# If the request is for the non-www host we redirect the client to the www version | |
# Doing the redirect here at the NGINX level save some work to out backend | |
if ($host != 'www.mysite.it' ) { | |
rewrite ^/(.*)$ http://www.mysite.it/$1 permanent; | |
} | |
location / { | |
# If logged in, don't cache. Feel free to add other cookies to the condition | |
if ($http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" ) { | |
set $do_not_cache 1; | |
} | |
# Do not cache request from Facebook and Apple devices | |
# If you don't have any mobile version of your site you can change the condition like | |
# if ($http_user_agent ~* "(facebookexternalhit)" ) | |
# I prefer to not cache request from Facebook so it can access always the freshest data | |
# Facebook has already a cache system, so you wont get useless load on the backend | |
if ($http_user_agent ~* "(facebookexternalhit|2\.0 MMP|240x320|400X240|AvantGo|BlackBerry|Blazer|Cellphone|Danger|DoCoMo|Elaine\/3\.0|EudoraWeb|Googlebot-Mobile|hiptop|IEMobile|KYOCERA\/WX310K|LG\/U990|MIDP-2\.|MMEF20|MOT-V|NetFront|Newt|Nintendo Wii|Nitro|Nokia|Opera Mini|Palm|PlayStation Portable|portalmmm|Proxinet|ProxiNet|SHARP-TQ-GX10|SHG-i900|Small|SonyEricsson|Symbian OS|SymbianOS|TS21i-10|UP\.Browser|UP\.Link|webOS|Windows CE|WinWAP|YahooSeeker\/M1A1-R2D2|NF-Browser|iPhone|iPod|Android|BlackBerry9530|G-TU915 Obigo|LGE VX|webOS|Nokia5800)" ) { | |
set $do_not_cache 1; | |
} | |
# We tell NGINX to do not cached the response | |
proxy_no_cache $do_not_cache; | |
# Serve cached version during update or error (backend not available) | |
# | |
# Serve cached pages while the cached version is getting updated is very important. | |
# In this way only the first request that hit an expired entry is passed to the backend, all the other get a stale version. | |
proxy_cache_use_stale error timeout invalid_header updating; | |
# Ignore Expires and Cache-Control headers to cache 404 response | |
# Have a look at the bug/misfeature I've found http://www.ruby-forum.com/topic/3707266 | |
proxy_ignore_headers Expires Cache-Control; | |
proxy_cache MYCACHE; | |
proxy_pass http://ALL_backend; | |
} | |
# To make this works you need to install this module http://labs.frickle.com/nginx_ngx_cache_purge/ | |
location ~ /purge(/.*) { | |
include sites/includes/allowed_ip_for_cache_purging.includes; | |
proxy_cache_purge MYCACHE "$scheme://$host$1$is_args$args"; | |
} | |
# Caching static files. | |
# | |
# Please note the case-insensitive match and be sure to put this directive before the one for the wp-admin | |
# otherwise static files under in the admin interface are not cached | |
location ~* \.(bmp|gif|jpg|png|css|jpeg|js|ico|eot|woff|ttf|svg)$ { | |
proxy_pass http://ALL_backend; | |
proxy_cache MYCACHE; | |
proxy_ignore_headers Expires Cache-Control; | |
proxy_cache_valid 200 302 301 404 7d; | |
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; | |
expires 7d; | |
# Turn off access log for performance reasons. Feel free to turn this on. | |
access_log off; | |
} | |
# Do not cache request for admin | |
location ~* wp\-.*\.php|wp\-admin { | |
proxy_pass http://ALL_ADMIN_backend; | |
} | |
# No access to .htaccess files. | |
location ~ /\.ht { | |
deny all; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment