pnommensen/nginx ssl spdy

## nginx ssl spdy
## Use the Nginx Helper plugin to define cache purge rules and purge cache from dashboard
## Add the following three lines to /etc/nginx/nginx.conf

fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:100m inactive=60m;
#inactive == if the page isn't accessed once during this time, it's deleted.
#keys_zone == name of the zone and max space allocation. If you have high ram, can mount as tmpfs.
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header http_500;

server {
    listen 443 ssl spdy;
    # listen 80; for non SSL websites
    server_name domain.com;
    root /usr/share/nginx/domain/wordpress;
    index index.php;

    ## SSL Configuration
    ssl_certificate /etc/ssl/domain.crt;
    ssl_certificate_key /etc/ssl/domain.key;
    ssl_trusted_certificate /root/ssl/trustchain.crt;
    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout 10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8 8.8.4.4;
    add_header Strict-Transport-Security "max-age=31536000";

    #Start WordPress Configuration
    set $skip_cache 0;

    if ($request_method = POST) {
            set $skip_cache 1;
        }

    if ($query_string != "") {
            set $skip_cache 1;
        }

    if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
            set $skip_cache 1;
        }

    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
            set $skip_cache 1;
        }

    location / {
            try_files $uri $uri/ /index.php?$args;
        }

    location ~ .php$ {
            try_files $uri /index.php;
            include fastcgi_params;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_cache_bypass $skip_cache;
            fastcgi_no_cache $skip_cache;
	    fastcgi_cache WORDPRESS;
	    fastcgi_cache_valid  12h; #sets how long pages are valid if they are not first purged.
        }

    location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
            expires 3h; #Sets the browser cache for 3 hours, a safe setting.
            access_log off;
	}
}
	## Use the Nginx Helper plugin to define cache purge rules and purge cache from dashboard
	## Add the following three lines to /etc/nginx/nginx.conf

	fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:100m inactive=60m;
	#inactive == if the page isn't accessed once during this time, it's deleted.
	#keys_zone == name of the zone and max space allocation. If you have high ram, can mount as tmpfs.
	fastcgi_cache_key "$scheme$request_method$host$request_uri";
	fastcgi_cache_use_stale error timeout invalid_header http_500;

	server {
	listen 443 ssl spdy;
	# listen 80; for non SSL websites
	server_name domain.com;
	root /usr/share/nginx/domain/wordpress;
	index index.php;

	## SSL Configuration
	ssl_certificate /etc/ssl/domain.crt;
	ssl_certificate_key /etc/ssl/domain.key;
	ssl_trusted_certificate /root/ssl/trustchain.crt;
	ssl_session_cache shared:SSL:20m;
	ssl_session_timeout 10m;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
	ssl_stapling on;
	ssl_stapling_verify on;
	resolver 8.8.8.8 8.8.4.4;
	add_header Strict-Transport-Security "max-age=31536000";

	#Start WordPress Configuration
	set $skip_cache 0;

	if ($request_method = POST) {
	set $skip_cache 1;
	}

	if ($query_string != "") {
	set $skip_cache 1;
	}

	if ($request_uri ~* "/wp-admin/\|/xmlrpc.php\|wp-.*.php\|/feed/\|index.php\|sitemap(_index)?.xml") {
	set $skip_cache 1;
	}

	if ($http_cookie ~* "comment_author\|wordpress_[a-f0-9]+\|wp-postpass\|wordpress_no_cache\|wordpress_logged_in") {
	set $skip_cache 1;
	}

	location / {
	try_files $uri $uri/ /index.php?$args;
	}

	location ~ .php$ {
	try_files $uri /index.php;
	include fastcgi_params;
	fastcgi_pass unix:/var/run/php5-fpm.sock;
	fastcgi_cache_bypass $skip_cache;
	fastcgi_no_cache $skip_cache;
	fastcgi_cache WORDPRESS;
	fastcgi_cache_valid 12h; #sets how long pages are valid if they are not first purged.
	}

	location ~* .(jpg\|jpeg\|png\|gif\|ico\|css\|js)$ {
	expires 3h; #Sets the browser cache for 3 hours, a safe setting.
	access_log off;
	}
	}