Created
July 16, 2019 09:45
-
-
Save JannieT/171c88171c01c6c8d17932a1027692d7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Redirect every request to HTTPS... | |
server { | |
listen 80; | |
listen [::]:80; | |
server_name .example.com; | |
return 301 https://$host$request_uri; | |
} | |
# Redirect SSL to primary domain SSL... | |
server { | |
listen 443 ssl http2; | |
listen [::]:443 ssl http2; | |
ssl_certificate /etc/nginx/ssl/example.com/449201/server.crt; | |
ssl_certificate_key /etc/nginx/ssl/example.com/449201/server.key; | |
ssl_protocols TLSv1.2; | |
ssl_ciphers <REDACTED>; | |
ssl_prefer_server_ciphers on; | |
ssl_dhparam /etc/nginx/dhparams.pem; | |
server_name www.example.com; | |
return 301 https://example.com$request_uri; | |
} | |
server { | |
listen 443 ssl http2; | |
listen [::]:443 ssl http2; | |
server_name example.com; | |
root /home/forge/example.com; | |
rewrite example.com.uk$ example.com/uk/ permanent; | |
ssl_certificate /etc/nginx/ssl/example.com/449201/server.crt; | |
ssl_certificate_key /etc/nginx/ssl/example.com/449201/server.key; | |
ssl_protocols TLSv1.2; | |
ssl_ciphers <REDACTED>; | |
ssl_prefer_server_ciphers on; | |
ssl_dhparam /etc/nginx/dhparams.pem; | |
add_header X-Frame-Options "SAMEORIGIN"; | |
add_header X-XSS-Protection "1; mode=block"; | |
add_header X-Content-Type-Options "nosniff"; | |
index index.html index.htm index.php; | |
charset utf-8; | |
## Wordpress single site settings | |
location /site1/wp-json { | |
rewrite ^/site1/wp-json(.*)$ /site1/?rest_route=$1; | |
} | |
location /site1/ { | |
try_files $uri $uri/ /site1/index.php$is_args$args; | |
} | |
## WordPress Multisite | |
if (!-e $request_filename) { | |
rewrite /wp-admin$ $scheme://$host$uri/ permanent; | |
rewrite ^(/[^/]+)?(/wp-.*) $2 last; | |
rewrite ^(/[^/]+)?(/.*\.php) $2 last; | |
} | |
set $cache_uri $request_uri; | |
# POST requests and urls with a query string should always go to PHP | |
if ($request_method = POST) { | |
set $cache_uri 'NULL'; | |
} | |
if ($query_string != "") { | |
set $cache_uri 'NULL'; | |
} | |
location /.well-known/acme-challenge { | |
auth_basic off; | |
allow all; | |
alias /home/forge/.letsencrypt; | |
} | |
location / { | |
try_files $uri $uri/ /index.php?$query_string; | |
} | |
location ~ /\.(?!well-known).* { | |
deny all; | |
} | |
location = /favicon.ico { access_log off; log_not_found off; } | |
location = /robots.txt { access_log off; log_not_found off; } | |
access_log off; | |
error_log /var/log/nginx/example.com-error.log error; | |
error_page 404 /index.php; | |
location ~ \.php$ { | |
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; | |
fastcgi_index index.php; | |
include fastcgi_params; | |
} | |
location ~ /\.ht { | |
deny all; | |
} | |
# BEGIN W3TC Minify cache | |
location ~ /wp-content/cache/minify/.*\.js$ { | |
types {} | |
default_type application/x-javascript; | |
expires modified 31536000s; | |
add_header Vary "Accept-Encoding"; | |
} | |
location ~ /wp-content/cache/minify/.*\.css$ { | |
types {} | |
default_type text/css; | |
expires modified 31536000s; | |
add_header Vary "Accept-Encoding"; | |
} | |
location ~ /wp-content/cache/minify/.*js_gzip$ { | |
gzip off; | |
types {} | |
default_type application/x-javascript; | |
expires modified 31536000s; | |
add_header Vary "Accept-Encoding"; | |
add_header Content-Encoding gzip; | |
} | |
location ~ /wp-content/cache/minify/.*css_gzip$ { | |
gzip off; | |
types {} | |
default_type text/css; | |
expires modified 31536000s; | |
add_header Vary "Accept-Encoding"; | |
add_header Content-Encoding gzip; | |
} | |
# END W3TC Minify cache | |
# BEGIN W3TC Minify core | |
set $w3tc_enc ""; | |
if ($http_accept_encoding ~ gzip) { | |
set $w3tc_enc _gzip; | |
} | |
if (-f $request_filename$w3tc_enc) { | |
rewrite (.*) $1$w3tc_enc break; | |
} | |
rewrite ^/([a-z0-9]+/)?wp-content/cache/minify/ /index.php last; | |
# END W3TC Minify core | |
# BEGIN W3TC Page Cache core | |
set $w3tc_rewrite 1; | |
if ($request_method = POST) { | |
set $w3tc_rewrite 0; | |
} | |
if ($query_string != "") { | |
set $w3tc_rewrite 0; | |
} | |
if ($request_uri !~ \/$) { | |
set $w3tc_rewrite 0; | |
} | |
if ($http_cookie ~* "(comment_author|wp\-postpass|w3tc_logged_out|wordpress_logged_in|wptouch_switch_toggle)") { | |
set $w3tc_rewrite 0; | |
} | |
set $w3tc_preview ""; | |
if ($http_cookie ~* "(w3tc_preview)") { | |
set $w3tc_preview _preview; | |
} | |
set $w3tc_ssl ""; | |
if ($scheme = https) { | |
set $w3tc_ssl _ssl; | |
} | |
if ($http_x_forwarded_proto = 'https') { | |
set $w3tc_ssl _ssl; | |
} | |
set $w3tc_enc ""; | |
if ($http_accept_encoding ~ gzip) { | |
set $w3tc_enc _gzip; | |
} | |
if (!-f "$document_root/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_preview.html$w3tc_enc") { | |
set $w3tc_rewrite 0; | |
} | |
if ($w3tc_rewrite = 1) { | |
rewrite .* "/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_preview.html$w3tc_enc" last; | |
} | |
# END W3TC Page Cache core | |
# BEGIN W3TC Page Cache cache | |
location ~ /wp-content/cache/page_enhanced.*gzip$ { | |
gzip off; | |
types {} | |
default_type text/html; | |
add_header Content-Encoding gzip; | |
} | |
# END W3TC Page Cache cache | |
# BEGIN W3TC Browser Cache | |
gzip on; | |
gzip_types text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/bmp application/java application/msword application/vnd.ms-fontobject application/x-msdownload image/x-icon image/webp application/json application/vnd.ms-access application/vnd.ms-project application/x-font-otf application/vnd.ms-opentype application/vnd.oasis.opendocument.database application/vnd.oasis.opendocument.chart application/vnd.oasis.opendocument.formula application/vnd.oasis.opendocument.graphics application/vnd.oasis.opendocument.spreadsheet application/vnd.oasis.opendocument.text audio/ogg application/pdf application/vnd.ms-powerpoint application/x-shockwave-flash image/tiff application/x-font-ttf audio/wav application/vnd.ms-write application/font-woff application/font-woff2 application/vnd.ms-excel; | |
location ~ \.(css|htc|less|js|js2|js3|js4)$ { | |
expires 31536000s; | |
etag on; | |
if_modified_since exact; | |
try_files $uri $uri/ $uri.html /index.php?$args; | |
} | |
location ~ \.(html|htm|rtf|rtx|svg|txt|xsd|xsl|xml)$ { | |
etag on; | |
if_modified_since exact; | |
try_files $uri $uri/ $uri.html /index.php?$args; | |
} | |
location ~ \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|webp|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|_otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|_ttf|wav|wma|wri|woff|woff2|xla|xls|xlsx|xlt|xlw|zip)$ { | |
expires 31536000s; | |
etag on; | |
if_modified_since exact; | |
try_files $uri $uri/ $uri.html /index.php?$args; | |
} | |
location ~ \.(bmp|class|doc|docx|eot|exe|ico|webp|json|mdb|mpp|otf|_otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|pot|pps|ppt|pptx|svg|svgz|swf|tif|tiff|ttf|ttc|_ttf|wav|wri|woff|woff2|xla|xls|xlsx|xlt|xlw)$ { | |
etag off; | |
if_modified_since off; | |
try_files $uri $uri/ $uri.html /index.php?$args; | |
} | |
add_header Referrer-Policy ""; | |
# END W3TC Browser Cache | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@tarunlalwani, sadly neither of these fixed it