kmccarth · October 5, 2019 08:29
diff --git a/nginx.conf b/nginx.conf
 user www-data;
 worker_processes 4; # number of cores on machine

 error_log /var/log/nginx/error.log;

 events {
    worker_connections  1024;
 }

 http {
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

 # Defines the cache log format, cache log location
    # and the main access log location.
    log_format cache '***$time_local '
        '$upstream_cache_status '
        'Cache-Control: $upstream_http_cache_control '
        'Expires: $upstream_http_expires '
        '$host '
        '"$request" ($status) '
        '"$http_user_agent" '
        'Args: $args '
        'Wordpress Auth Cookie: $wordpress_auth '
        ;
    access_log /var/log/nginx/cache.log cache;
    access_log /var/log/nginx/access.log;

 # Proxy cache and temp configuration.
    proxy_cache_path /var/cache/nginx_cache levels=1:2
                     keys_zone=main:10m
                     max_size=1g inactive=30m;
    proxy_temp_path /var/cache/nginx_temp;

 # Gzip Configuration.
    gzip on;
    gzip_disable msie6;
    gzip_static on;
    gzip_comp_level 4;
    gzip_proxied any;
    gzip_types text/plain
               text/css
               application/x-javascript
               text/xml
               application/xml
               application/xml+rss
               text/javascript;

 upstream apache-webserver {
        # Defines backends.
        # Extracting here makes it easier to load balance
        # in the future. Needs to be specific IP as Plesk
        # doesn't have Apache listening on localhost.
        ip_hash;
        server 127.0.0.1:8200; # IP goes here.
    }

 server {
    listen *:80; # IP goes here.
        #server_name localhost 127.0.0.1; # IP could go here.

 # Set proxy headers for the passthrough
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 	proxy_redirect off;
 # Let the Set-Cookie header through.
        proxy_pass_header Set-Cookie;

 # Max upload size: make sure this matches the php.ini in .htaccess
        client_max_body_size 8m;

 # Catch the wordpress cookies.
        # Must be set to blank first for when they don't exist.
        set $wordpress_auth "";
        if ($http_cookie ~* "wordpress_logged_in_*") {
            set $wordpress_auth wordpress_logged_in_$1;
        }

 # Set the proxy cache key
        set $cache_key $scheme$host$uri$is_args$args;

 # All media (including uploaded) is under wp-content/ so
        # instead of caching the response from apache, we're just
        # going to use nginx to serve directly from there.
        location ~* ^/(wp-content|wp-includes|resources)/(.*)\.(gif|jpg|jpeg|png|ico|bmp|js|css|pdf|doc)$ {
            root /var/www/;
        }

 # Don't cache these pages.
        location ~* ^/(wp-admin|wp-login.php|phpmyadmin|phpMyAdmin|xcache/)
 	{
            send_timeout 180;
 	    proxy_read_timeout 120;
            proxy_connect_timeout 120;
 	    rewrite ^([^.]*[^/])$ $1/ permanent;
            proxy_pass http://apache-webserver;
        }

        location ~* ^/(.*)sw_popup
 	{
            proxy_pass http://apache-webserver;
        }


 location / {
            proxy_pass http://apache-webserver;
            proxy_cache main;
            proxy_cache_key $cache_key;
            proxy_cache_valid 30m; # 200, 301 and 302 will be cached.
            # Fallback to stale cache on certain errors.
            # 503 is deliberately missing, if we're down for maintenance
 # we want the page to display.
            proxy_cache_use_stale error
                                  timeout
                                  invalid_header
                                  http_500
                                  http_502
                                  http_504
                                  http_404;
            # 2 rules to dedicate the no caching rule for logged in users.
            proxy_cache_bypass $wordpress_auth; # Do not cache the response.
            proxy_no_cache $wordpress_auth; # Do not serve response from cache.
        }

    } # End server
 } # End http
	user www-data;
	worker_processes 4; # number of cores on machine

	error_log /var/log/nginx/error.log;

	events {
	worker_connections 1024;
	}

	http {
	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	# Defines the cache log format, cache log location
	# and the main access log location.
	log_format cache '***$time_local '
	'$upstream_cache_status '
	'Cache-Control: $upstream_http_cache_control '
	'Expires: $upstream_http_expires '
	'$host '
	'"$request" ($status) '
	'"$http_user_agent" '
	'Args: $args '
	'Wordpress Auth Cookie: $wordpress_auth '
	;
	access_log /var/log/nginx/cache.log cache;
	access_log /var/log/nginx/access.log;

	# Proxy cache and temp configuration.
	proxy_cache_path /var/cache/nginx_cache levels=1:2
	keys_zone=main:10m
	max_size=1g inactive=30m;
	proxy_temp_path /var/cache/nginx_temp;

	# Gzip Configuration.
	gzip on;
	gzip_disable msie6;
	gzip_static on;
	gzip_comp_level 4;
	gzip_proxied any;
	gzip_types text/plain
	text/css
	application/x-javascript
	text/xml
	application/xml
	application/xml+rss
	text/javascript;

	upstream apache-webserver {
	# Defines backends.
	# Extracting here makes it easier to load balance
	# in the future. Needs to be specific IP as Plesk
	# doesn't have Apache listening on localhost.
	ip_hash;
	server 127.0.0.1:8200; # IP goes here.
	}

	server {
	listen *:80; # IP goes here.
	#server_name localhost 127.0.0.1; # IP could go here.

	# Set proxy headers for the passthrough
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_redirect off;
	# Let the Set-Cookie header through.
	proxy_pass_header Set-Cookie;

	# Max upload size: make sure this matches the php.ini in .htaccess
	client_max_body_size 8m;

	# Catch the wordpress cookies.
	# Must be set to blank first for when they don't exist.
	set $wordpress_auth "";
	if ($http_cookie ~* "wordpress_logged_in_*") {
	set $wordpress_auth wordpress_logged_in_$1;
	}

	# Set the proxy cache key
	set $cache_key $scheme$host$uri$is_args$args;

	# All media (including uploaded) is under wp-content/ so
	# instead of caching the response from apache, we're just
	# going to use nginx to serve directly from there.
	location ~* ^/(wp-content\|wp-includes\|resources)/(.*)\.(gif\|jpg\|jpeg\|png\|ico\|bmp\|js\|css\|pdf\|doc)$ {
	root /var/www/;
	}

	# Don't cache these pages.
	location ~* ^/(wp-admin\|wp-login.php\|phpmyadmin\|phpMyAdmin\|xcache/)
	{
	send_timeout 180;
	proxy_read_timeout 120;
	proxy_connect_timeout 120;
	rewrite ^([^.]*[^/])$ $1/ permanent;
	proxy_pass http://apache-webserver;
	}

	location ~* ^/(.*)sw_popup
	{
	proxy_pass http://apache-webserver;
	}


	location / {
	proxy_pass http://apache-webserver;
	proxy_cache main;
	proxy_cache_key $cache_key;
	proxy_cache_valid 30m; # 200, 301 and 302 will be cached.
	# Fallback to stale cache on certain errors.
	# 503 is deliberately missing, if we're down for maintenance
	# we want the page to display.
	proxy_cache_use_stale error
	timeout
	invalid_header
	http_500
	http_502
	http_504
	http_404;
	# 2 rules to dedicate the no caching rule for logged in users.
	proxy_cache_bypass $wordpress_auth; # Do not cache the response.
	proxy_no_cache $wordpress_auth; # Do not serve response from cache.
	}

	} # End server
	} # End http