Last active
October 14, 2018 08:41
-
-
Save thomijasir/0f82aee8b0e3fb26c82b0b87bfcfdd8a to your computer and use it in GitHub Desktop.
Great Setting Nginx Conf SSL For Wordpress
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
listen 80; | |
listen [::]:80; | |
server_name apknool.com www.apknool.com; | |
return 301 https://www.apknool.com$request_uri; | |
} | |
server { | |
listen 443 ssl http2; | |
listen [::]:443 ssl http2; | |
server_name apknool.com www.apknool.com; | |
error_log off; | |
access_log off; | |
root /srv/apknool.com/public_html; | |
index index.php index.html index.htm index.nginx-debian.html; | |
# include your HTTPS config here | |
ssl on; | |
ssl_certificate /srv/apknool.com/ssl/ssl_bundle_apknool.crt; | |
ssl_certificate_key /srv/apknool.com/ssl/ssl_bundle_apknool.key; | |
ssl_session_cache shared:SSL:20m; | |
ssl_session_timeout 60m; | |
ssl_prefer_server_ciphers on; | |
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5; | |
ssl_dhparam /srv/apknool.com/ssl/dhparam.pem; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; | |
add_header Strict-Transport-Security "max-age=31536000" always; | |
#Location Configuration | |
location /{ | |
#rewrite ^/safelink/(.*)$ /safelink/safe.php?url=$1 last; | |
ttry_files $uri $uri/ /index.php$is_args$args; | |
} | |
location = /robots.txt { | |
allow all; | |
log_not_found off; | |
access_log off; | |
} | |
location ~ \.php$ { | |
include snippets/fastcgi-php.conf; | |
fastcgi_pass unix:/run/php/php7.0-fpm.sock; | |
} | |
location ~ /\.ht { | |
deny all; | |
} | |
# Don't cache uris containing the following segments | |
if ($request_uri ~* "(\/wp-admin\/|\/xmlrpc.php|\/wp-(app|cron|login|register|mail)\.php|wp-.*\.php|index\.php|wp\-comments\-popup\.php|wp\-links\-opml\.php|wp\-locations\.php)") { | |
set $cache_uri "no cache"; | |
} | |
# Don't use the cache for logged in users or recent commenters | |
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp\-postpass|wordpress_logged_in") { | |
set $cache_uri 'no cache'; | |
} | |
#Chaching Files On Nginx | |
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { | |
try_files $uri =404; | |
expires max; | |
access_log off; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment