Link Search Menu Expand Document

Configure NGINX for a Multi-Site Wordpress

# move next 4 lines to /etc/nginx/nginx.conf if using fastcgi_cache across many sites
fastcgi_cache_path /tmp/example_cache levels=1:2 keys_zone=zone_www.example.com:100m max_size=1g inactive=60m use_temp_path=off;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;

server {
        root /var/www/www.example.com;
        index index.php index.html index.htm index.nginx-debian.html;
        server_name fallback.example.com *.example.com www.example.com;

        # logs
        access_log /var/log/nginx/www-example.access.log;
        error_log /var/log/nginx/www-example.error.log;

        location / {
                try_files $uri $uri/ /index.php$is_args$args;
        }

        set $skip_cache 0;

        # POST requests and urls with a query string should always go to PHP, no cache
        if ($request_method = POST) {
                set $skip_cache 1;
        }
        if ($query_string != "") {
                set $skip_cache 1;
        }

        # Don't cache URIs containing the following segments
        if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
                set $skip_cache 1;
        }

        # Don't cache for logged in users or recent commenter
        if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
                set $skip_cache 1;
        }

        location ~ \.php$ {
                include /etc/nginx/fastcgi_params;
                include /etc/nginx/fastcgi.conf;
                include snippets/fastcgi-php.conf;

                fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;

                fastcgi_cache zone_www.example.com;
                fastcgi_cache_valid 200 5m;
                fastcgi_cache_bypass $skip_cache;
                fastcgi_no_cache $skip_cache;

                add_header php-cache-5m $upstream_cache_status;
                add_header Last-Modified $date_gmt;
        }

        location ~ /\.ht {
                deny all;
        }

        location = /favicon.ico {
                log_not_found off; access_log off;
        }
        location = /robots.txt {
                log_not_found off; access_log off; allow all;
        }
        location ~ /\. {
                deny all; log_not_found off; access_log off;
        }
        location ~ /\.ht {
                deny all;
        }

        location ~* ^.+\.(cogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
                access_log off;
                log_not_found off;
                expires 1d;
                add_header Cache-Control "public, no-transform";
        }

        listen 443 ssl;
        ssl_certificate /etc/ssl/cf-ssl/*.user.example.com.crt;
        ssl_certificate_key /etc/ssl/cf-ssl/*.user.example.com.key;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
}

server {
        listen 80;
        server_name fallback.example.com *.example.com www.example.com;
        if ($http_x_forwarded_proto = "http") {
                return 301 https://$host$request_uri;
        }
        rewrite ^(.*[^/])$ $1/ permanent;
}