Last active
January 24, 2020 11:52
-
-
Save tx2z/8914197 to your computer and use it in GitHub Desktop.
Wordpress NGINX configurarion - http://jesus.perezpaz.es/2014/02/wordpress-nginx-configuration/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
listen 80; ## listen for ipv4 | |
listen [::]:80; ## listen for ipv6 | |
server_name domain.com; | |
access_log /var/log/nginx/domain.com.access.log; | |
error_log /var/log/nginx/domain.com.error.log; | |
root /folder/with/wordpress/installation/; | |
# Include wordpress config file | |
include sites-available/wordpress.conf; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
index index.php index.html; | |
set $cache_uri $request_uri; | |
# POST requests and urls with a query string should always go to PHP | |
if ($request_method = POST) { | |
set $cache_uri 'null cache'; | |
} | |
if ($query_string != "") { | |
set $cache_uri 'null cache'; | |
} | |
# Don't use the cache for logged in users or recent commenters | |
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { | |
set $cache_uri 'null cache'; | |
} | |
# Use cached or actual file if they exists, otherwise pass request to WordPress | |
location / { | |
rewrite ^([^.]*[^/])$ $1/ permanent; | |
try_files /wp-content/cache/page_enhanced/${host}${cache_uri}_index.html $uri $uri/ /index.php?$args; | |
} | |
location ~ ^/wp-content/cache/minify/[^/]+/(.*)$ { | |
try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1; | |
} | |
# Show "Not Found" 404 errors in place of "Forbidden" 403 errors, because | |
# forbidden errors allow attackers potential insight into your server's | |
# layout and contents | |
error_page 403 =404; | |
# Prevent access to any files starting with a dot, like .htaccess | |
# or text editor temp files | |
location ~ /\. { access_log off; log_not_found off; deny all; } | |
# Prevent access to any files starting with a $ (usually temp files) | |
location ~ ~$ { access_log off; log_not_found off; deny all; } | |
# Do not log access to robots.txt, to keep the logs cleaner | |
location = /robots.txt { access_log off; log_not_found off; } | |
# Do not log access to the favicon, to keep the logs cleaner | |
location = /favicon.ico { access_log off; log_not_found off; } | |
# Keep images, CSS and other static files around in browser cache for | |
# as long as possible, to cut down on server load | |
location ~* .(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { | |
expires max; log_not_found off; access_log off; | |
} | |
# Common deny or internal locations, to help prevent access to areas of | |
# the site that should not be public | |
location ~* wp-admin/includes { deny all; } | |
location ~* wp-includes/theme-compat/ { deny all; } | |
location ~* wp-includes/js/tinymce/langs/.*\.php { deny all; } | |
location /wp-content/ { internal; } | |
location /wp-includes/ { internal; } | |
# Protects the wp-config.php|readme.html|license.txt files from being | |
# accessed (uncomment after wordpress installation) | |
# location ~ /(\.|wp-config.php|readme.html|license.txt) { deny all; } | |
# Prevent any potentially-executable files in the uploads directory from | |
# being executed by forcing their MIME type to text/plain | |
location ~* ^/wp-content/uploads/.*.(html|htm|shtml|php)$ { | |
types { } | |
default_type text/plain; | |
} | |
# Add trailing slash to */wp-admin requests so the admin interface | |
# works correctly | |
rewrite /wp-admin$ $scheme://$host$uri/ permanent; | |
location ~ \.php$ { | |
fastcgi_pass 127.0.0.1:9000; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
include fastcgi_params; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment