Skip to content

Instantly share code, notes, and snippets.

@sidben

sidben/fastcgi.conf

Last active January 15, 2024 12:41
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save sidben/aab921a9ad0297d2affcf6711e5fac40 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save sidben/aab921a9ad0297d2affcf6711e5fac40 to your computer and use it in GitHub Desktop.
Download ZIP
Nginx config for Laravel or Wordpress app with PHP 8.1
Raw
fastcgi.conf
# This file should be published on
# /etc/nginx/modules-available/fastcgi.conf
##
# FastCGI cache
##
fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=wpcache:200m max_size=10g inactive=2h use_temp_path=off;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
Raw
laravel-vhost.conf
server {
listen 80;
server_name _;
access_log /var/www/logs/access.log;
error_log /var/www/logs/error.log;
root /var/www/html/public;
include /etc/nginx/snippets/laravel.conf;
}
Raw
performance.conf
# This file should be published on
# /etc/nginx/conf.d/performance.conf
##
# Security
##
server_tokens off;
Raw
php-wordpress.ini
; configuration for wordpress
memory_limit = 256M;
max_execution_time = 180;
max_input_time = 180;
post_max_size = 64M;
upload_max_filesize = 48M;
Raw
snippet-laravel.conf
# This file should be published on
# /etc/nginx/snippets/laravel.conf
charset utf-8;
client_max_body_size 20M;
index index.php;
error_page 404 /index.php;
##
# NGINX Status Page
##
location /nginx_status {
stub_status;
allow 127.0.0.1;
deny all;
access_log off;
}
##
# Php
##
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
##
# Gzip
##
gzip on;
gzip_vary on;
gzip_min_length 1400;
gzip_comp_level 6;
gzip_proxied any;
gzip_disable "MSIE [1-6]\.";
gzip_types
application/atom+xml application/geo+json application/javascript application/x-javascript
application/json application/ld+json application/manifest+json
application/rdf+xml application/rss+xml application/xhtml+xml application/xml
font/eot font/otf font/ttf font/opentype font/woff font/woff2
image/svg+xml image/x-icon
text/css text/javascript text/plain text/xml;
##
# Security
##
add_header Cache-Control "no-cache, no-store, max-age=0, must-revalidate";
add_header Content-Security-Policy "default-src 'self' https:; font-src https: data:; img-src https: data:; object-src 'none'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline';" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
##
# Cache control
##
location = /robots.txt { access_log off; log_not_found off; }
location ~* .(gif|jpeg|jpg|png|webp|svg|ttf|ttc|otf|eot|woff|woff2)$ {
access_log off;
expires 365d;
add_header Cache-Control "public, max-age=31536000";
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
}
location ~* .(css|js|ico)$ {
try_files $uri $uri/ /index.php?$query_string;
access_log off;
expires 365d;
add_header Cache-Control "public, max-age=31536000";
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
}
Raw
snippet-wordpress.conf
# This file should be published on
# /etc/nginx/snippets/wordpress.conf
charset utf-8;
client_max_body_size 20M;
index index.php;
##
# Conditional FastCGI cache
##
set $skip_cache 0;
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $skip_cache 1;
}
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
##
# Php
##
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
include snippets/fastcgi-php.conf;
fastcgi_cache wpcache;
fastcgi_cache_valid 200 301 302 2h;
fastcgi_cache_use_stale error timeout updating invalid_header http_500 http_503;
fastcgi_cache_min_uses 1;
fastcgi_cache_lock on;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
add_header X-FastCGI-Cache $upstream_cache_status;
}
location ~ /purge(/.*) {
fastcgi_cache_purge wpcache "$scheme$request_method$host$1";
}
location ~ /\.(?!well-known).* {
deny all;
log_not_found off;
}
##
# Gzip
##
gzip on;
gzip_vary on;
gzip_min_length 1400;
gzip_comp_level 6;
gzip_proxied any;
gzip_disable "MSIE [1-6]\.";
gzip_types
application/atom+xml application/geo+json application/javascript application/x-javascript
application/json application/ld+json application/manifest+json
application/rdf+xml application/rss+xml application/xhtml+xml application/xml
font/eot font/otf font/ttf font/opentype font/woff font/woff2
image/svg+xml image/x-icon
text/css text/javascript text/plain text/xml;
##
# Security
##
add_header Cache-Control "no-cache, no-store, max-age=0, must-revalidate";
add_header Content-Security-Policy "base-uri 'self'; default-src 'self' https:; font-src 'self' https: data:; frame-src https://www.google.com https://www.youtube.com; img-src https: data:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; object-src 'self'; form-action 'self'; frame-ancestors 'self';";
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Xss-Protection "1; mode=block" always;
##
# Cache control
##
location = /favicon.ico { access_log off; log_not_found off; expires 365d; add_header Cache-Control "public, max-age=31536000"; }
location = /robots.txt { access_log off; log_not_found off; }
location ~* .(ico|css|js|gif|jpeg|jpg|png|webp|svg|ttf|ttc|otf|eot|woff|woff2)$ {
access_log off;
expires 365d;
add_header Cache-Control "public, max-age=31536000";
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
}
Raw
webapp.conf
server {
listen 80;
server_name _;
access_log /webhost/CLIENTE/logs/access.log;
error_log /webhost/CLIENTE/logs/error.log;
root /webhost/CLIENTE/html;
include /etc/nginx/snippets/wordpress.conf;
}
Raw
wordpress-site.conf
# This file should be published on
# /etc/nginx/modules-available/fastcgi.conf
##
# FastCGI cache
##
fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=wpcache:200m max_size=10g inactive=2h use_temp_path=off;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
@sidben
Copy link
Author

sidben commented Aug 7, 2023
edited
Loading

On file snippet-laravel.conf, files of type css,js,ico must call "try_files $uri $uri/ /index.php?$query_string;" or else Livewire scripts won't work.

Related errors:

  • .../livewire/livewire.js?id=... net::ERR_ABORTED 404
  • Uncaught ReferenceError: Livewire is not defined
  • The GET method is not supported for route livewire/message/..... Supported methods: POST.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment