diff --git a/etc/nginx/fastcgi_cache b/etc/nginx/fastcgi_cache index a2418d5..cdf6b19 100644 --- a/etc/nginx/fastcgi_cache +++ b/etc/nginx/fastcgi_cache @@ -3,43 +3,42 @@ fastcgi_cache_path /var/cache/nginx/fastcgi_cache levels=1:2 keys_zone=FASTCGICACHE:100m max_size=1g inactive=60m; fastcgi_cache_key "$scheme$request_method$host$request_uri"; -fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503; +fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503; fastcgi_cache_revalidate on; fastcgi_cache_background_update on; -# Header status -add_header X-FastCGI-Cache $upstream_cache_status; - -# Ignore header -fastcgi_ignore_headers Cache-Control Expires Set-Cookie; - -# Designed to be used with Nginx Cache Controller WP plugin -#fastcgi_pass_header "X-Accel-Redirect"; -#fastcgi_pass_header "X-Accel-Expires"; # FastCGI Log Format log_format cache '$remote_addr - $upstream_cache_status [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent"'; -# Map Mobile -map $http_user_agent $is_mobile { - default 0; - ~*android|ip(hone|ad|od)|windows\s+(?:ce|phone) 1; - ~*symbian|sony|samsung|lg|blackberry 1; - ~*mobile|mini 1; + +## Initialize default caching conditions. ## + +# Purge cache for request method. +map $request_method $purge_method { + PURGE 1; + default 0; } -# Map Cache - -# Skip caching on post +# Skip caching for request method. map $request_method $skip_cache { - default 0; - POST 1; + default 0; + POST 1; } -# Skip PHP Session cookie -map $http_cookie $skip_cache { - default 0; - ~SESS 1; +# Skip caching for mobile device. +# COMMENTED by default as most modern website are responsive and smartphone are widely used. +map $http_user_agent $is_mobile { + default 0; +# ~*2.0\ MMP|240x320|400X240|AvantGo|BlackBerry|Blazer|Cellphone|Danger|DoCoMo|Elaine/3.0|EudoraWeb|Googlebot-Mobile|hiptop|IEMobile|KYOCERA/WX310K|LG/U990|MIDP-2.|MMEF20|MOT-V|NetFront|Newt|Nintendo\ Wii|Nitro|Nokia|Opera\ Mini|Palm|PlayStation\ Portable|portalmmm|Proxinet|ProxiNet|SHARP-TQ-GX10|SHG-i900|Small|SonyEricsson|Symbian\ OS|SymbianOS|TS21i-10|UP.Browser|UP.Link|webOS|Windows\ CE|WinWAP|YahooSeeker/M1A1-R2D2|iPhone|iPod|Android|BlackBerry9530|LG-TU915\ Obigo|LGE\ VX|webOS|Nokia5800 1; +# ~*w3c\ |w3c-|acs-|alav|alca|amoi|audi|avan|benq|bird|blac|blaz|brew|cell|cldc|cmd-|dang|doco|eric|hipt|htc_|inno|ipaq|ipod|jigs|kddi|keji|leno|lg-c|lg-d|lg-g|lge-|lg/u|maui|maxo|midp|mits|mmef|mobi|mot-|moto|mwbp|nec-|newt|noki|palm|pana|pant|phil|play|port|prox|qwap|sage|sams|sany|sch-|sec-|send|seri|sgh-|shar|sie-|siem|smal|smar|sony|sph-|symb|t-mo|teli|tim-|tosh|tsm-|upg1|upsi|vk-v|voda|wap-|wapa|wapi|wapp|wapr|webc|winw|winw|xda\ |xda- 1; +# ~*symbian|sony|samsung|lg|blackberry|nokia|mobile|mini|wap 1; +} + +# Cache uri request method (used by WP SuperCache). +map $request_method $cache_uri { + default $request_uri; + POST "null cache"; } diff --git a/etc/nginx/includes/fastcgi_cache.conf b/etc/nginx/includes/fastcgi_cache.conf index 753aa27..708ec4f 100644 --- a/etc/nginx/includes/fastcgi_cache.conf +++ b/etc/nginx/includes/fastcgi_cache.conf @@ -9,4 +9,19 @@ fastcgi_cache_min_uses 1; fastcgi_cache_lock on; fastcgi_cache_bypass $skip_cache $is_mobile; +fastcgi_cache_bypass $http_pragma $http_authorization; + fastcgi_no_cache $skip_cache $is_mobile; +fastcgi_no_cache $http_pragma $http_authorization; + +fastcgi_cache_purge $purge_method; + +# Ignore header +fastcgi_ignore_headers Cache-Control Expires Set-Cookie; + +# Header status +add_header X-FastCGI-Cache $upstream_cache_status; + +# Designed to be used with Nginx Cache Controller WP plugin +#fastcgi_pass_header "X-Accel-Redirect"; +#fastcgi_pass_header "X-Accel-Expires"; diff --git a/etc/nginx/includes/rules_fastcgi_cache.conf b/etc/nginx/includes/rules_fastcgi_cache.conf index 9acfc50..64a55c4 100644 --- a/etc/nginx/includes/rules_fastcgi_cache.conf +++ b/etc/nginx/includes/rules_fastcgi_cache.conf @@ -1,98 +1,92 @@ ## FastCGI Cache Rules. # Designed to be included in any server {} block. -## Default FastCGI Cache Rules. -# Ref: http://rtcamp.com/wordpress-nginx/tutorials/single-site/fastcgi-cache-with-purging/ -# Ref: https://gist.github.com/magnetikonline/10450786 - -set $skip_cache 0; +# Set caching conditions. +#set $skip_cache 0; # WP Supercache related stuff. #set $cache_uri $request_uri; # POST requests and urls with a query string should always go to PHP. -if ($request_method = POST) { - set $skip_cache 1; - #set $cache_uri "null cache"; -} +#if ($request_method = POST) { +# set $skip_cache 1; +# set $cache_uri "null cache"; +#} +# Skip caching if query string not empty. if ($query_string != "") { - set $skip_cache 1; - #set $cache_uri "null cache"; + set $skip_cache 1; + set $cache_uri "null cache"; } +# Skip caching for custom header request. if ($http_x_custom_header) { - set $skip_cache 1; - #set $cache_uri "null cache"; -} - -# Skip cache for uris containing the following segments. -if ($request_uri ~* "(apc.php|(mem|op)cache.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { - set $skip_cache 1; - #set $cache_uri "null cache"; -} - -# DO NOT CACHE Search Engine Bot crawler. -if ($http_user_agent ~ "\b(Googlebot|Yahoo|bingbot|MSNBot|YandexBot|Baiduspider|Alexabot|AhrefsBot)\b") { - set $skip_cache 1; - #set $cache_uri "null cache"; -} - -# Skip cache on admin pages. -if ($request_uri ~* "(/account/*|/admin/*|/backend/*|/dashboard/*)") { set $skip_cache 1; - #set $cache_uri "null cache"; + set $cache_uri "null cache"; } -# Skip cache for logged in cookies, -# you can customize this rule according to your cookie setting. -if ($http_cookie ~ "users_login_cookie") { - set $skip_cache 1; - #set $cache_uri "null cache"; -} - -## WordPress Cache Rules ## - -# Skip cache for uris containing the following segments. -if ($request_uri ~* "(/wp-admin|/xmlrpc.php|wp-*.php|/feed/|index.php|upgrade.php|update-core.php|memcache.php|apc.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { - set $skip_cache 1; - #set $cache_uri "null cache"; -} - -# Skip cache for logged in users or recent commenters. -if ($http_cookie ~* "(comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in)") { - set $skip_cache 1; - #set $cache_uri "null cache"; -} - -# Skip cache on WooCommerce pages. -if ($request_uri ~* "(/addons.*|/basket.*|/cart.*|/checkout.*|/my-account.*|/shop.*)") { - set $skip_cache 1; - #set $cache_uri "null cache"; -} - -# Skip cache for WooCommerce query string. -if ($arg_add-to-cart != "") { +# Skip caching for Search Engine Bot crawler. +if ($http_user_agent ~* "baiduspider|(ahref|alexa|bing|google|msn|yandex)bot|yahoo") { set $skip_cache 1; - #set $cache_uri "null cache"; + set $cache_uri "null cache"; } -# Skip cache when WooCommerce cart is not empty. -if ($cookie_woocommerce_items_in_cart != "0") { - set $skip_cache 1; - #set $cache_uri "null cache"; +# Skip caching for uris containing the following segments. +if ($request_uri ~* "apc.php|(mem|op)cache.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml") { + set $skip_cache 1; + set $cache_uri "null cache"; } +# Skip caching on admin pages. +if ($request_uri ~* "^(/account/*|/admin/*|/backend/*|/dashboard/*)") { + set $skip_cache 1; + set $cache_uri "null cache"; +} + +## WordPress-related Cache Rules ## + +## Skip caching for uris containing the following segments. +if ($request_uri ~* "index.php|upgrade.php|update-core.php|/wp-admin|/xmlrpc.php|wp-*.php|/feed/|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml") { + set $skip_cache 1; + set $cache_uri "null cache"; +} + +# Skip caching on WooCommerce pages. +if ($request_uri ~* "^(/addons.*|/basket.*|/cart.*|/checkout.*|/my-account.*|/shop.*)") { + set $skip_cache 1; + set $cache_uri "null cache"; +} + +# Skip caching for logged in users or recent commenters. +if ($http_cookie ~* "(comment_author|wp-postpass|wordpress_no_cache|wordpress_logged_in|users_login_cookie|wordpress_[a-f0-9]+)") { + set $skip_cache 1; + set $cache_uri "null cache"; +} + +# Skip caching for WooCommerce query string. +if ($arg_add-to-cart ~ "[0-9]+") { + set $skip_cache 1; + set $cache_uri "null cache"; +} + +# Skip caching when WooCommerce cart is not empty (cookie set to 1). +if ($cookie_woocommerce_items_in_cart = "1" ) { + set $skip_cache 1; + set $cache_uri "null cache"; +} ## Purging FastCGI cache ## +# Purge uri. location ~ /purge(/.*) { - deny all; - allow 127.0.0.1; + allow 127.0.0.1; + deny all; access_log off; - log_not_found off; - fastcgi_cache_purge FASTCGICACHE "$scheme$request_method$host$request_uri"; - return 301 $scheme://$server_name; + log_not_found off; + + fastcgi_cache_purge FASTCGICACHE "$scheme$request_method$host$1"; + + #return 301 $scheme://$host$uri; } ## You may add your own FastCGI cache rules here... diff --git a/etc/nginx/vhost/site_wordpress-bwps.conf b/etc/nginx/vhost/site_wordpress-bwps.conf index cdcd2f8..0d4fcbd 100644 --- a/etc/nginx/vhost/site_wordpress-bwps.conf +++ b/etc/nginx/vhost/site_wordpress-bwps.conf @@ -1,9 +1,11 @@ # BEGIN Better WP Security -location ~ /\.ht { deny all; } -location ~ wp-config.php { deny all; } -location ~ readme.html { deny all; } -location ~ readme.txt { deny all; } -location ~ /install.php { deny all; } + +# COMMENTED as restrictions already handled by default LEMPer configuration. +#location ~ /\.ht { deny all; } +#location ~ wp-config.php { deny all; } +#location ~ readme.html { deny all; } +#location ~ readme.txt { deny all; } +#location ~ /install.php { deny all; } set $susquery 0; set $rule_2 0; @@ -12,7 +14,7 @@ set $rule_3 0; rewrite ^wp-includes/(.*).php /not_found last; rewrite ^/wp-admin/includes(.*)$ /not_found last; -if ($request_method ~* "^(TRACE|DELETE|TRACK)"){ return 403; } +if ($request_method ~* "^(TRACE|DELETE|TRACK)") { return 403; } location /wp-comments-post.php { valid_referers jetpack.wordpress.com/jetpack-comment/ $server_name; diff --git a/etc/nginx/vhost/site_wordpress-ms.conf b/etc/nginx/vhost/site_wordpress-ms.conf index d037636..ad567ad 100644 --- a/etc/nginx/vhost/site_wordpress-ms.conf +++ b/etc/nginx/vhost/site_wordpress-ms.conf @@ -1,33 +1,31 @@ ## WordPress Multisite rules. # Designed to be included in any server {} block. -# We're utilizing the Wordpress Singlesite configuration in site_wordpress.conf, +# We're utilizing the Wordpress single-site configuration from site_wordpress.conf, # since the basic rules & directives is the same. include /etc/nginx/vhost/site_wordpress.conf; -## Below the Multisite specific stuff. - # Directive to avoid php readfile() for WordPress Multisite. # The $root_path variable must be predefined in your vhost config file, use 'set' inside server{} block or 'map' before server{} block. location ^~ /blogs.dir { - internal; - alias $root_path/wp-content/blogs.dir; - access_log off; - log_not_found off; - expires max; + internal; + alias $root_path/wp-content/blogs.dir; + access_log off; + log_not_found off; + expires max; } # Directives to send expires headers for WordPress files. location ~ ^/[_0-9a-zA-Z-]+/files/(.*)$ { - try_files /wp-content/blogs.dir/$blogid/files/$2 /wp-includes/ms-files.php?file=$2 ; - access_log off; - log_not_found off; - expires max; + try_files /wp-content/blogs.dir/$blogid/files/$2 /wp-includes/ms-files.php?file=$2 ; + access_log off; + log_not_found off; + expires max; } # Rewrite multisite '.../wp-.*' and '.../*.php'. if (!-e $request_filename) { - rewrite /wp-admin$ $scheme://$host$uri/ permanent; - rewrite ^/[_0-9a-zA-Z-]+(/wp-.*) $1 last; - rewrite ^/[_0-9a-zA-Z-]+(/.*\.php)$ $1 last; + rewrite /wp-admin$ $scheme://$host$uri/ permanent; + rewrite ^/[_0-9a-zA-Z-]+(/wp-.*) $1 last; + rewrite ^/[_0-9a-zA-Z-]+(/.*\.php)$ $1 last; } diff --git a/etc/nginx/vhost/site_wordpress-w3tc.conf b/etc/nginx/vhost/site_wordpress-w3tc.conf index 52bd6eb..a9e57e6 100644 --- a/etc/nginx/vhost/site_wordpress-w3tc.conf +++ b/etc/nginx/vhost/site_wordpress-w3tc.conf @@ -4,11 +4,13 @@ location ~ /wp-content/cache/minify.*\.js$ { default_type application/x-javascript; add_header Vary "Accept-Encoding"; } + location ~ /wp-content/cache/minify.*\.css$ { types {} default_type text/css; add_header Vary "Accept-Encoding"; } + location ~ /wp-content/cache/minify.*js\.gzip$ { gzip off; types {} @@ -16,6 +18,7 @@ location ~ /wp-content/cache/minify.*js\.gzip$ { add_header Vary "Accept-Encoding"; add_header Content-Encoding gzip; } + location ~ /wp-content/cache/minify.*css\.gzip$ { gzip off; types {} @@ -26,13 +29,14 @@ location ~ /wp-content/cache/minify.*css\.gzip$ { # END W3TC Minify cache # BEGIN W3TC Browser Cache -gzip on; -gzip_types text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon; +# COMMENTED as Gzip is enabled by default and managed directly from LEMPer cli. +#gzip on; +#gzip_types text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon; # END W3TC Browser Cache # BEGIN W3TC CDN location ~ \.(ttf|ttc|otf|eot|woff|font.css)$ { - add_header Access-Control-Allow-Origin "*"; + add_header Access-Control-Allow-Origin "*"; } # END W3TC CDN diff --git a/etc/nginx/vhost/site_wordpress-wpsc.conf b/etc/nginx/vhost/site_wordpress-wpsc.conf index 8889638..f19f0a6 100644 --- a/etc/nginx/vhost/site_wordpress-wpsc.conf +++ b/etc/nginx/vhost/site_wordpress-wpsc.conf @@ -1,30 +1,33 @@ -# WP Super Cache rules. +## WP + Super Cache plugin rules. +# Designed to be included in any server {} block. # START MOBILE -# Mobile browsers section to server them non-cached version. COMMENTED by default as most modern wordpress themes including twenty-eleven are responsive. Uncomment config lines in this section if you want to use a plugin like WP-Touch -# if ($http_x_wap_profile) { -# set $cache_uri 'null cache'; +# Mobile browsers section to server them non-cached version. +# COMMENTED by default as most modern wordpress themes including twenty-eleven are responsive. +# Uncomment config lines in this section if you want to use a plugin like WP-Touch. +#if ($http_x_wap_profile) { +# set $cache_uri 'null cache'; #} #if ($http_profile) { -# set $cache_uri 'null cache'; +# set $cache_uri 'null cache'; #} #if ($http_user_agent ~* (2.0\ MMP|240x320|400X240|AvantGo|BlackBerry|Blazer|Cellphone|Danger|DoCoMo|Elaine/3.0|EudoraWeb|Googlebot-Mobile|hiptop|IEMobile|KYOCERA/WX310K|LG/U990|MIDP-2.|MMEF20|MOT-V|NetFront|Newt|Nintendo\ Wii|Nitro|Nokia|Opera\ Mini|Palm|PlayStation\ Portable|portalmmm|Proxinet|ProxiNet|SHARP-TQ-GX10|SHG-i900|Small|SonyEricsson|Symbian\ OS|SymbianOS|TS21i-10|UP.Browser|UP.Link|webOS|Windows\ CE|WinWAP|YahooSeeker/M1A1-R2D2|iPhone|iPod|Android|BlackBerry9530|LG-TU915\ Obigo|LGE\ VX|webOS|Nokia5800)) { - # set $cache_uri 'null cache'; +# set $cache_uri 'null cache'; #} #if ($http_user_agent ~* (w3c\ |w3c-|acs-|alav|alca|amoi|audi|avan|benq|bird|blac|blaz|brew|cell|cldc|cmd-|dang|doco|eric|hipt|htc_|inno|ipaq|ipod|jigs|kddi|keji|leno|lg-c|lg-d|lg-g|lge-|lg/u|maui|maxo|midp|mits|mmef|mobi|mot-|moto|mwbp|nec-|newt|noki|palm|pana|pant|phil|play|port|prox|qwap|sage|sams|sany|sch-|sec-|send|seri|sgh-|shar|sie-|siem|smal|smar|sony|sph-|symb|t-mo|teli|tim-|tosh|tsm-|upg1|upsi|vk-v|voda|wap-|wapa|wapi|wapp|wapr|webc|winw|winw|xda\ |xda-)) { - # set $cache_uri 'null cache'; +# set $cache_uri 'null cache'; #} #END MOBILE # Use cached or actual file if they exists, otherwise pass request to WordPress #location / { -# try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; +# try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; #} # On WP Super Cache newer version, try this one location / { - try_files /wp-content/cache/supercache/$http_host/$scheme$cache_uri/index.html $uri $uri/ /index.php?$args; + try_files /wp-content/cache/supercache/$http_host/$scheme$cache_uri/index.html $uri $uri/ /index.php?$args; }