Created
August 11, 2014 18:47
-
-
Save tonykwon/7cb5c1bcf37983ae0da4 to your computer and use it in GitHub Desktop.
Falcon Engine rewrite example for nginx - from http://www.wordfence.com/blog/nginxConf.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
worker_processes 1; | |
events { | |
worker_connections 1024; | |
} | |
http { | |
include mime.types; | |
default_type application/octet-stream; | |
log_format main '[$time_local] $remote_addr - $remote_user - $server_name to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time status $status bytes $body_bytes_sent'; | |
#Uncomment to debug rewrite rules | |
#rewrite_log on; | |
server { | |
listen 80; | |
server_name test1.com; | |
access_log logs/test1.access.log main; | |
#Uncomment to debug rewrite rules | |
#error_log logs/rewrite.log notice; | |
root /usr/local/test1; | |
index index.php; | |
# WORDFENCE FALCON ENGINE CODE | |
#Match on gzip first because ordering matters. | |
location ~ "/site/wp-content/wfcache/.*gzip$" { | |
gzip off; | |
types {} | |
default_type text/html; | |
add_header Vary "Accept-Encoding, Cookie"; | |
add_header Content-Encoding gzip; | |
} | |
#If the previous matched, the following location won't be executed. | |
location ~ /site/wp-content/wfcache/.* { | |
add_header Vary "Accept-Encoding, Cookie"; | |
} | |
set $wordfenceCacheOn 1; | |
#Don't cache form submissions. | |
if ($request_method = POST) { | |
set $wordfenceCacheOn 0; | |
} | |
#Allow caching of /?123=123 because this is a common DDoS to override caches. | |
if ($query_string !~ "^(?:\d+=\d+)?$") { | |
set $wordfenceCacheOn 0; | |
} | |
#Only cache URL's ending in / | |
if ($request_uri !~ \/$) { | |
set $wordfenceCacheOn 0; | |
} | |
#Don't cache any cookies with this in their names e.g. users who are logged in. | |
if ($http_cookie ~* "(comment_author|wp\-postpass|wf_logout|wordpress_logged_in|wptouch_switch_toggle|wpmp_switcher)") { | |
set $wordfenceCacheOn 0; | |
} | |
set $wordfenceEncoding ""; | |
#Oh, you want gzipped content? | |
if ($http_accept_encoding ~ gzip) { | |
set $wordfenceEncoding _gzip; | |
} | |
set $wordfenceHTTPS ""; | |
if ($scheme = 'https'){ | |
#If you want to ENABLE HTTPS caching, comment out the next line. | |
set $wordfenceCacheOn 0; #Comment this line out to enable HTTPS caching. | |
set $wordfenceHTTPS '_https'; #Uncomment this line to enable HTTPS caching. | |
} | |
#The main purpose of this line is to capture the URL components into variables. | |
if ($request_uri !~ "^\/*(?<wfone>[^\/]*)\/*(?<wftwo>[^\/]*)\/*(?<wfthree>[^\/]*)\/*(?<wffour>[^\/]*)\/*(?<wffive>[^\/]*)(?<wfsix>.*)$"){ | |
set $wordfenceCacheOn 0; | |
} | |
#If the file doesn't exist then don't serve from cache. | |
if (!-f "$document_root/site/wp-content/wfcache/${http_host}_${wfone}/${wftwo}~${wfthree}~${wffour}~${wffive}~${wfsix}_wfcache${wordfenceHTTPS}.html${wordfenceEncoding}") { | |
set $wordfenceCacheOn 0; | |
} | |
if ($wordfenceCacheOn = 1) { | |
rewrite .* "/site/wp-content/wfcache/${http_host}_${wfone}/${wftwo}~${wfthree}~${wffour}~${wffive}~${wfsix}_wfcache${wordfenceHTTPS}.html${wordfenceEncoding}" last; | |
} | |
# END Wordfence Rules | |
location / { | |
try_files $uri $uri/ /index.php?$args ; | |
} | |
location ~ .php$ { | |
try_files $uri /index.php; | |
include fastcgi_params; | |
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name; | |
fastcgi_pass unix:/var/run/php5-fpm.sock; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This section doesn't make sense - as neither of these lines are commented. Also, should "site" be replaced with anything?