nginx microcache to improve drupal 7 performance - nginx

I want to imporve drupal website performance.
Already did settings for drupal cache & Advanced CSS/JS Aggregation.
Also implemented the changes requested by gtmatix still it takes 20 seconds to load.
Also implemented fastcgi cache but no improvement.
Below is my nginx.conf settings:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
}
http {
client_max_body_size 24M;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/xml+rss application/atom+xml image/svg+xml;
fastcgi_cache_path /etc/nginx-cache levels=1:2 keys_zone=microcache:5m max_size=1000m;
log_format cache '$remote_addr - $remote_user [$time_local] "$request" '
'$status $upstream_cache_status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
Below is file from sites-enabled directory:
server {
root /var/www/vhosts/www.example.com.cn/public_html;
index index.php index.html index.htm;
server_name www.example.com.cn;
access_log off;
error_log /var/www/vhosts/www.example.com.cn/log/www.example.com.cn.error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ /\.ht {
deny all;
}
location ~ \..*/.*\.php$ {
return 403;
}
location ~ ^/sites/.*/private/ {
return 403;
}
location ~ ^/sites/[^/]+/files/.*\.php$ {
deny all;
}
location ~ (^|/)\. {
return 403;
}
location / {
try_files $uri /index.php?$query_string; # For Drupal >= 7
}
location #rewrite {
rewrite ^/(.*)$ /index.php?q=$1;
}
location ~ \.php$ {
# Setup var defaults
set $no_cache "";
# If non GET/HEAD, don't cache & mark user as uncacheable for 1 second via cookie
if ($request_method !~ ^(GET|HEAD)$) {
set $no_cache "1";
}
# Drop no cache cookie if need be
# (for some reason, add_header fails if included in prior if-block)
if ($no_cache = "1") {
add_header Set-Cookie "_mcnc=1; Max-Age=2; Path=/";
add_header X-Microcachable "0";
}
# Bypass cache if no-cache cookie is set
if ($http_cookie ~* "_mcnc") {
set $no_cache "1";
}
# Bypass cache if flag is set
fastcgi_no_cache $no_cache;
#fastcgi_cache_bypass $no_cache;
fastcgi_cache microcache;
fastcgi_cache_key $server_name|$request_uri;
fastcgi_cache_valid 404 30m;
fastcgi_cache_valid 200 301 302 10m;
fastcgi_max_temp_file_size 1M;
fastcgi_cache_use_stale updating;
fastcgi_pass_header Set-Cookie;
fastcgi_pass_header Cookie;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#proxy_cache_use_stale updating error timeout http_500 http_502 http_503 http_504;
fastcgi_cache_revalidate on;
#fastcgi_cache_background_update on;
fastcgi_param PATH_INFO $fastcgi_path_info;
#fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include fastcgi_params;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ ^/sites/.*/files/styles/ { # For Drupal >= 7
try_files $uri #rewrite;
}
location ~ ^(/[a-z\-]+)?/system/files/ { # For Drupal >= 7
try_files $uri /index.php?$query_string;
}
location ~* \.(jpg|js|css|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|pdf|woff|woff2|ttf)$ {
try_files $uri #rewrite;
expires max;
log_not_found off;
access_log off;
add_header 'Access-Control-Allow-Origin' '*';
}
location ~ ^/sites/default/files/(?:css|js) {
gzip_static on;
access_log off;
expires max;
}
}

Related

WordPress Running Slow with Amazon RDS

I'm working on a server containing a WordPress installation located at http://67.225.176.58/ which is using Nginx, Varnish, and HH-VM and is running really slowly. I was using PHP-FPM with the same results. Please see my Nginx configuration to see how I have it set up and I can give any other configuration files needed. I can't seem to figure out what the issue is.
nginx.conf
worker_processes 24;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 50000;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
gzip on;
gzip_disable "msie6";
gzip_min_length 1100;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 2;
gzip_buffers 4 32k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
types_hash_max_size 2048;
server_tokens off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# increase buffer and timeouts
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 8m;
large_client_header_buffers 4 16k;
client_body_timeout 12;
client_header_timeout 12;
keepalive_timeout 15;
send_timeout 10;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*.conf;
server {
listen 8080;
server_name host.friendshipcollar.com;
# note that these lines are originally from the "location /" block
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.(hh|php)$ {
fastcgi_keep_conn on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
}
friendshipcollar.com.conf
server {
listen 80; ## listen for ipv4; this line is default and implied
root /usr/share/nginx/friendshipcollar.com;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name 67.225.176.58 friendshipcollar.com www.friendshipcollar.com;
location / {
try_files $uri $uri/ /index.html;
}
location ~* \.html$ {
expires -1;
}
location ~* \.(css|js|gif|jpe?g|png)$ {
expires 168h;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
allow ::1;
deny all;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/friendshipcollar.com;
}
# pass the PHP scripts to PHP-FPM server listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache’s document root
# concurs with nginx’s one
#
# location ~ /\.ht {
# deny all;
# }
}

Mpeg-dash support in nginx-plus

I searched enough but couldn't sort out how to configure mpeg-dash in nginx plus .
rtmp module is supporting it i guess but i dont understand it much how can i configure it and request it in nginx plus server.
When i configured rtmp in nginx.conf getting the error
unknown directive "rtmp" in /etc/nginx/nginx.conf:13
Configuration is
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
rtmp {
server {
listen 98;
server_name 127.0.0.1;
application dash {
live on;
dash on;
dash_path /usr/share/nginx/html/dash;
}
}
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
server {
listen 99;
server_name 127.0.0.1;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
rewrite ^(.*)$ /crossdomain.xml;
}
location = /crossdomain.xml {
root /var/www/crossdomain;
}
location /images {
root /usr;
}
location /flv {
root /usr;
flv;
mp4_buffer_size 1m;
mp4_max_buffer_size 5m;
mp4_limit_rate on;
mp4_limit_rate_after 30s;
}
location /video {
root /usr;
mp4;
mp4_buffer_size 1m;
mp4_max_buffer_size 5m;
mp4_limit_rate on;
mp4_limit_rate_after 30s;
}
location /hls {
root /usr/share/nginx/html;
hls;
hls_fragment 5s;
hls_buffers 10 10m;
hls_mp4_buffer_size 1m;
hls_mp4_max_buffer_size 5m;
types
{
application/vnd.apple.mpegurl m3u8;
video/mp2t ts;
}
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Cache-Control' 'no-cache';
}
location /dash {
root /usr/share/nginx/html;
add_header Cache-Control no-cache;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
include /etc/nginx/conf.d/*.conf;
}
How can i enable rtmp in nginx-plus
The rtmp section must be placed outside the http, like this:
rtmp {
server {
...
}
http {
server {
...
}
For a full example see the Readme: https://github.com/arut/nginx-rtmp-module

"server" directive is not allowed here in /usr/local/apps/nginx/etc/conf.d/, what i did wrong here ? (0 Replies, Read 16 times)

i got this Error :
"server" directive is not allowed here in /usr/local/apps/nginx/etc/conf.d/mydomain.com.conf:1
nginx: configuration file /usr/local/apps/nginx/etc/nginx.conf test failed
i use with Webuzo control panel + Lemp Stack from there .
this what i did...
i configured nginx.conf to this settings:
#user www-data;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid /usr/local/apps/nginx/var/log/nginx.pid;
events {
worker_connections 1024;
}
http {
# Let NGINX get the real client IP for its access logs
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
# Basic Settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 20;
client_max_body_size 15m;
client_body_timeout 60;
client_header_timeout 60;
client_body_buffer_size 1K;
client_header_buffer_size 1k;
large_client_header_buffers 4 8k;
send_timeout 60;
reset_timedout_connection on;
types_hash_max_size 2048;
server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /usr/local/apps/nginx/etc/mime.types;
default_type application/octet-stream;
# Logging Settings
error_log /usr/local/apps/nginx/var/log/error_log debug;
access_log /usr/local/apps/nginx/var/log/web.access.log;
# Log Format
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Gzip Settings
gzip on;
gzip_static on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_min_length 512;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/css text/javascript text/xml text/plain text/x-component
application/javascript application/x-javascript application/json
application/xml application/rss+xml font/truetype application/x-font-ttf
font/opentype application/vnd.ms-fontobject image/svg+xml;
include /usr/local/apps/nginx/etc/conf.d/*.conf;
}
and after that i checked with nginx -t and it was ok...
I continued to the next file mydomain.com.conf and this what i putted there:
server {
listen 127.0.0.1:8080;
server_name mydomain.com;
port_in_redirect off;
server_tokens off;
autoindex off;
client_max_body_size 15m;
client_body_buffer_size 128k;
access_log /usr/local/apps/nginx/var/log/mydomain.com.log main;
error_log /usr/local/apps/nginx/var/log/mydomain.com.err;
root /home/www-data/public_html;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php;
error_page 404 /404.html;
location = /404.html {
root /usr/local/apps/nginx/etc//html;
}
# Define default caching of 24h
expires 86400s;
add_header Pragma public;
add_header Cache-Control "max-age=86400, public, must-revalidate, proxy-revalidate";
# Redirect server error pages to static 50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/apps/nginx/etc//html;
}
# Don't log robots.txt requests
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Rewrite for versioned CSS+JS via filemtime
location ~* ^.+.(css|js) {
rewrite ^(.+).(d+).(css|js)$ $1.$3 last;
expires 31536000s;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
}
# Aggressive caching for static files
# If you alter static files often, please use
# add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
location ~* .(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg$
expires 31536000s;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
}
location ~* (^(?!(?:(?!(php|inc)).)*/uploads/).*?(php)) {
try_files $uri = 404;
fastcgi_split_path_info ^(.+.php)(.*)$;
fastcgi_pass unix:/var/run/php-fpm.socket;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include /usr/local/apps/nginx/etc/fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
}
and WebuzoVH.conf
code:
# DO NOT EDIT. AUTOMATICALLY GENERATED BY WEBUZO.
server {
listen 80;
server_name mydomain.com www.my domain.com;
# The Document Root
root /home/www-data/public_html;
error_log /usr/local/apps/nginx/var/log/mydomain.com.err;
access_log /usr/local/apps/nginx/var/log/mydomain.com.log main;
include /usr/local/apps/nginx/etc/conf.d/common;
}
what wrong here , how can I fix that ?
i sit on that almost 5 hours :-(
thanks for all who can help me,
Tomer.
i change to this setting and now Nginx give OK in Command
this what i changed..
maybe this can be help to other..
the nginx.conf file
#user www-data;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid /usr/local/apps/nginx/var/log/nginx.pid;
events {
worker_connections 1024;
multi_accept on;
use epoll;
}
http {
# Let NGINX get the real client IP for its access logs
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
# Basic Settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 20;
client_max_body_size 15m;
client_body_timeout 60;
client_header_timeout 60;
client_body_buffer_size 1K;
client_header_buffer_size 1k;
large_client_header_buffers 4 8k;
send_timeout 60;
reset_timedout_connection on;
types_hash_max_size 2048;
server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /usr/local/apps/nginx/etc/mime.types;
default_type application/octet-stream;
# Logging Settings
#access_log /usr/local/apps/nginx/var/log/web.access.log;
error_log /usr/local/apps/nginx/var/log/error_log debug;
# Log Format
log_format main '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Gzip Settings
gzip on;
gzip_static on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_min_length 512;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/css text/javascript text/xml text/plain text/x-component
application/javascript application/x-javascript application/json
application/xml application/rss+xml font/truetype application/x-font-ttf
font/opentype application/vnd.ms-fontobject image/svg+xml
include /usr/local/apps/nginx/etc/conf.d/*.conf;
include /usr/local/apps/nginx/etc/sites-enabled/*;
}
and this for Mydomain.com.conf file
server {
listen 127.0.0.1:8080;
server_name mydomain.com;
port_in_redirect off;
server_tokens off;
autoindex off;
client_max_body_size 15m;
client_body_buffer_size 128k;
access_log /usr/local/apps/nginx/var/log/mydomian.com.log main;
error_log /usr/local/apps/nginx/var/log/mydomian.com.err;
root /home/www-data/public_html;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php;
error_page 404 /404.html;
location = /404.html {
root /usr/local/apps/nginx/etc//html;
}
# Define default caching of 24h
expires 86400s;
add_header Pragma public;
add_header Cache-Control "max-age=86400, public, must-revalidate, proxy-revalidate";
# Redirect server error pages to static 50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/apps/nginx/etc//html;
}
# Don't log robots.txt requests
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Rewrite for versioned CSS+JS via filemtime
location ~* ^.+\.(css|js) {
rewrite ^(.+)\.(\d+)\.(css|js)$ $1.$3 last;
expires 31536000s;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
}
# Aggressive caching for static files
# If you alter static files often, please use
# add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
location ~* \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|odb|odc|odf|odg|odp|ods|odt|ogg|ogv|otf|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|t?gz|tif|tiff|ttf|wav|webm|wma|woff|wri|xla|xls|xlsx|xlt|xlw|zip)$ {
expires 31536000s;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
}
location ~* (^(?!(?:(?!(php|inc)).)*/uploads/).*?(php)) {
try_files $uri = 404;
fastcgi_split_path_info ^(.+.php)(.*)$;
fastcgi_pass unix:/var/run/php-fpm.socket;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include /usr/local/apps/nginx/etc/fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
}

Nginx normalize redirect ends in permission denied for /

I can't find the source of my normalization error when trying both redirects with www and non-www domain like:
server {
listen 80;
server_name www.aws.mikeg.de;
rewrite ^/(.*) http://aws.mikeg.de/$1 permanent;
return 301 http://aws.mikeg.de$request_uri;
}
All folder an file permissions I checked twice. What I am confused about is that the redirect to the www.Subdomain works while the reverse redirect to non-www doesn't. Here is my full nginx config:
user www-data www-data;
worker_processes 1;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
include fastcgi.conf;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format cache '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" nocache:$skip_cache '
'$upstream_cache_status';
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log;
sendfile on;
keepalive_timeout 65;
tcp_nodelay on;
server_names_hash_bucket_size 128;
# Use gzip compression
# gzip_static on; # Uncomment if you compiled Nginx using --with-http_gzip_static_module
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css text/javascript text/xml application/json application/x-javascript application/xml application/xm$ application/xml+rss image/png image/gif image/jpeg;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
# Fast-CGI cache
fastcgi_cache_path /var/cache/nginx/wordpress levels=1:2 keys_zone=WORDPRESS:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header http_500;
add_header X-Cache $upstream_cache_status;
server {
listen 80;
server_name www.aws.mikeg.de;
#rewrite ^/(.*) http://aws.mikeg.de/$1 permanent;
return 301 http://aws.mikeg.de$request_uri;
}
server {
listen 80 default_server;
server_name aws.mikeg.de 54.194.222.209;
root /srv/wordpress/;
index index.php;
# Turned off since W3 Total Cache will handle caching
# and mod_pagespeed won't enhance WP: http://wordpress.org/support/topic/plugin-w3-total-cache-googles-mod_pagespeed-and-w3
pagespeed Off;
# Include nginx.conf made by W3 Total Cache
include /srv/wordpress/nginx.conf;
access_log /var/log/nginx/wordpress.log cache;
error_log /var/log/nginx/wordpress.error.log;
rewrite_log on;
# Set a variable to work around the lack of nested conditionals
set $cache_uri $request_uri;
set $skip_cache 0;
if ($query_string != "") {
set $skip_cache 1;
}
# Don't cache uris containing the following segments
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml|\/wp-(app|cron|login|register|mail)\.php|wp\-comments\-popup\.php|wp\-links\-opml\.php|wp\-locations\.php") {
set $skip_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
location ~ /purge(/.*) {
fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";
}
location / {
# Use cached or actual file if they exists, otherwise pass request to WordPress
#try_files $uri $uri/ /index.php?q=$uri&$args;
try_files $uri $uri/ /index.php?q=$request_uri;
# SECURITY
if ($request_method !~ ^(GET|HEAD|POST)$ ) {
return 444;
}
# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
set $skip_cache 1;
}
# this serves static files that exist without running other rewrite tests
if (-f $request_filename) {
expires 30d; break;
}
}
location ~ \.php$ {
fastcgi_cache WORDPRESS;
fastcgi_cache_valid 200 60m;
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
# Note: fastcgi_index is not needed is standard PHP location ~ \.php$ is useed: http://blog.martinfjordvald.com/2011/01/no-input-file-specified-with-php-and-nginx/
}
# Rewrites fpr category base
# SECURITY
# Deny access to hidden files
location ~* /\. {
deny all;
access_log off;
log_not_found off;
}
# Deny access to any files with a .php extension in the uploads directory
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
# Deny access to system files in root
location ~ /(\.|wp-config.php|liesmich.html|readme.html) {
return 444;
}
# Allow access to favicon and robots.txt
location = /(favicon\.ico|robots\.txt) {
allow all;
log_not_found off;
access_log off;
}
# Only recommended when wordpress comments are disabled
#location ~ /(\.|wp-config.php|liesmich.html|readme.html|xmlrpc.php|wp-comments-post.php) {
#return 444
#}
}
}
EDIT: Got it … my provider messed up th eDNS settings. The nginx config works pritty fine.
Use this as your default server block to catch and reject all traffic to locations that aren't explicitly defined.
server {
listen 80 default_server;
server_name _;
deny all;
}

Bugged nginx server

I currently have an nginx setup with the following config:
worker_processes 10;
error_log logs/error.log;
pid logs/nginx.pid;
events {
worker_connections 4000;
}
http {
include mime.types;
default_type application/octet-stream;
access_log off;
sendfile on;
tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 30;
keepalive_requests 100000;
ssl_session_timeout 10m;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1 SSLv3;
ssl_ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH;
ssl_prefer_server_ciphers on;
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
# http server
server {
proxy_pass_header Server;
listen 80; # IPv4
server_name localhost;
## Parameterization using hostname of access and log filenames.
access_log logs/localhost_access.log;
error_log logs/localhost_error.log;
## Root and index files.
root html;
index index.php index.html index.htm;
## If no favicon exists return a 204 (no content error).
location = /favicon.ico {
try_files $uri =204;
log_not_found off;
access_log off;
}
## Don't log robots.txt requests.
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
## Try the requested URI as files before handling it to PHP.
location / {
## Regular PHP processing.
location ~ \.php$ {
root html;
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
## Static files
location ~* \.(?:css|gif|htc|ico|js|jpe?g|png|swf)$ {
expires max;
log_not_found off;
## No need to bleed constant updates. Send the all shebang in one
## fell swoop.
tcp_nodelay on;
## Set the OS file cache.
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
}
## Keep a tab on the 'big' static files.
location ~* ^.+\.(?:ogg|pdf|pptx?)$ {
expires 30d;
## No need to bleed constant updates. Send the all shebang in one
## fell swoop.
tcp_nodelay off;
}
} # / location
} # end http server
# https server
server {
listen 443 spdy ssl;
server_name localhost;
ssl_certificate my.crt;
ssl_certificate_key my.key;
## Parameterization using hostname of access and log filenames.
access_log logs/localhost_access.log;
error_log logs/localhost_error.log;
## Root and index files.
root html;
index index.php index.html index.htm;
## If no favicon exists return a 204 (no content error).
location = /favicon.ico {
try_files $uri =204;
log_not_found off;
access_log off;
}
## Don't log robots.txt requests.
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
## Try the requested URI as files before handling it to PHP.
location / {
## Regular PHP processing.
location ~ \.php$ {
root html;
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
## Static files are served directly.
location ~* \.(?:css|gif|htc|ico|js|jpe?g|png|swf)$ {
expires max;
log_not_found off;
## No need to bleed constant updates. Send the all shebang in one
## fell swoop.
tcp_nodelay off;
## Set the OS file cache.
open_file_cache max=1000 inactive=120s;
open_file_cache_valid 45s;
open_file_cache_min_uses 2;
open_file_cache_errors off;
}
## Keep a tab on the 'big' static files.
location ~* ^.+\.(?:ogg|pdf|pptx?)$ {
expires 30d;
## No need to bleed constant updates. Send the all shebang in one
## fell swoop.
tcp_nodelay off;
}
} # / location
} # end https server
}
The web server seems to be lagging. Allowing .htaccess download periodically, sometimes an error will occur server side (or so I suspect) and the web server will begin serving pages that I did not request or that were previously requested (even if I explicitly demand index.php I will be served some other non-related page) overall it's a very worrisome behavior.
Can anyone give some clues?
To prevent downloading of .ht* files (ex .htaccess/.htpasswd) you have to add this line to your config
location ~ /\.ht { access_log off; log_not_found off; deny all; }
Please define your occurrently error more accurate without defined error messages it's impossible to give you some advice.

Resources