# Nginx
sudo apt install nginx
# PHP
sudo apt install php7.3 php7.3-fpm
# Certbot
sudo apt install certbot python3-certbot-nginx
# Make sure Nginx is running
sudo systemctl start nginx
# Make sure php-fpm is running
sudo systemctl status php7.3-fpm
This assumes that your Wordpress site is located here: /var/www/example.com/.
Create /etc/nginx/sites-available/example.com:
# Upstream to abstract backend connection(s) for php
upstream php {
server unix:/run/php/php7.3-fpm.sock;
}
server {
server_name example.com;
root /var/www/example.com;
index index.php;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_pass php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
Add (or modify) the following config variables in: /etc/php/7.3/fpm/php.ini
# Important for large image uploads
post_max_size = 64M
upload_max_filesize = 64M
# Required by Nginx
cgi.fix_pathinfo=0
- Create certificates:
sudo certbot --nginx -d example.com -d www.example.com
- Add renewal to your crontab:
# crontab -e
0 12 * * * /usr/bin/certbot renew --quiet
If running on a memory-constrained VPS with an SSD, it might be a good idea to setup some swap. This way, Nginx and MySQL will be less likely to crash due to OOM at higher load.
Guide: https://linuxize.com/post/how-to-add-swap-space-on-debian-10/
https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#cache-static
Symlink the Nginx site config to sites-enabled to enable the site:
sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/example.com