Please help, with NGINX/PHP-FM, Multisite subdomains
-
Centos7, Nginx/PHP-FM, WordPress Multisite on subdomains
server { listen %ip%:%web_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; root %docroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; # CacheEnabler Start set $cache_uri $request_uri; # bypass cache if POST requests or URLs with a query string if ($request_method = POST) { set $cache_uri 'nullcache'; } if ($query_string != "") { set $cache_uri 'nullcache'; } # bypass cache if URLs containing the following strings if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { set $cache_uri 'nullcache'; } # bypass cache if the cookies containing the following strings if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { set $cache_uri 'nullcache'; } # default html file set $cache_enabler_uri '/wp-content/cache/cache-enabler/${http_host}${cache_uri}index.html'; # webp html file if ($http_accept ~* "image/webp") { set $cache_enabler_uri '/wp-content/cache/cache-enabler/${http_host}${cache_uri}index-webp.html'; } # CacheEnabler Stop location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { try_files $uri $uri/ /index.php?$args; access_log off; log_not_found off; } location / { try_files $cache_enabler_uri $uri $uri/ /index.php?$args; if (!-e $request_filename) { rewrite ^(.+)$ /index.php?q=$1 last; } location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { expires max; } location ~ [^/]\.php(/|$) { fastcgi_buffers 8 256k; fastcgi_buffer_size 128k; fastcgi_intercept_errors on; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_cache microcache; fastcgi_cache_key $scheme$host$request_uri$request_method; fastcgi_cache_valid 200 301 302 30s; fastcgi_cache_use_stale updating error timeout invalid_header http_500; fastcgi_pass_header Set-Cookie; fastcgi_pass_header Cookie; fastcgi_ignore_headers Cache-Control Expires Set-Cookie; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; if (!-f $document_root$fastcgi_script_name) { return 404; } fastcgi_pass %backend_lsnr%; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } } error_page 403 /error/404.html; error_page 404 /error/404.html; error_page 500 502 503 504 /error/50x.html; location /error/ { alias %home%/%user%/web/%domain%/document_errors/; } location ~* "/\.(htaccess|htpasswd)$" { deny all; return 404; } if ($http_user_agent ~ "Python-urllib|Spinn3r|SISTRIX|Morfeus|Toata|QuerySeekerSpider|JikeSpider|proximic|Sosospider|Sogou web spider|aesop_com_spiderman|alexibot|backweb|batchftp|bigfoot|black.hole|blackwidow|blowfish|botalot|buddy|builtbottough|bullseye|cheesebot|cherrypicker|chinaclaw|collector|copier|copyrightcheck|cosmos|crescent|custo|da|diibot|disco|dittospyder|dragonfly|drip|easydl|ebingbong|ecatch|eirgrabber|emailcollector|emailsiphon|emailwolf|erocrawler|exabot|eyenetie|filehound|flashget|flunky|frontpage|getright|getweb|go.?zilla|go-ahead-got-it|gotit|grabnet|grafula|harvest|hloader|hmview|httplib|httrack|humanlinks|ilsebot|infonavirobot|infotekies|intelliseek|interget|iria|jennybot|jetcar|joc|justview|jyxobot|kenjin|keyword|larbin|leechftp|lexibot|lftp|libweb|likse|linkscan|linkwalker|lnspiderguy|lwp|magnet|mag-net|markwatch|mata.hari|memo|microsoft.url|midown.tool|miixpc|mirror|missigua|mister.pix|moget|mozilla.newt|nameprotect|navroad|backdoorbot|nearsite|net.?vampire|netants|netcraft|netmechanic|netspider|nextgensearchbot|attach|nicerspro|nimblecrawler|npbot|octopus|offline.?explorer|offline.navigator|openfind|outfoxbot|pagegrabber|papa|pavuk|pcbrowser|php.?version.?tracker|pockey|propowerbot|prowebwalker|psbot|pump|queryn|recorder|realdownload|reaper|reget|true_robot|repomonkey|rma|internetseer|sitesnagger|siphon|slysearch|smartdownload|snake|snapbot|snoopy|sogou|spacebison|spankbot|spanner|sqworm|superbot|superhttp|surfbot|asterias|suzuran|szukacz|takeout|teleport|telesoft|the.intraformant|thenomad|tighttwatbot|titan|urldispatcher|turingos|turnitinbot|urly.warning|vacuum|vci|voideye|whacker|libwww-perl|widow|wisenutbot|wwwoffle|xaldon|xenu|zeus|zyborg|anonymouse|zip|emaile|enhancer|fetch|go.?is|auto|bandit|clip|copier|master|sauger|site.quester|whack|craftbot|download|extract|stripper|sucker|ninja|clshttp|webspider|leacher|grabber|webpictures|Jakarta|libwww|lwp-trivial|PHPCrawl|WEP Search|Missigua Locator|ISC Systems iRc|Aboundex|360Spider|Java|Cogentbot|BunnySlippers|Cegbfeieh|AIBOT|Demon|Devil|Wonder|Foobot|Kenjin Spider|Density|LinkextractorPro|LWP::Simple|MassDownloader|Mass Downloader|NetZIP|NG|Metasearch|WebFetch|WebCopier|Webclipping|WebBandit|WebAuto|WebGo|Web.Image.Collector|WebLeacher|WebmasterWorldForumBot|WebReaper|WebSauger|eXtractor|Webster|WebStripper|WebWhacker|WebZIP|Catall Spider|AcoiRobot|rogerbot|MJ12bot|Ahrefsbot|dobot|MegaIndex.ru|SemrushBot|LinkpadBot|Zite|TweetmemeBot|woriobot|topsy|js-kit|NING") {return 403;} location /vstats/ { alias %home%/%user%/web/%domain%/stats/; include %home%/%user%/web/%domain%/stats/auth.conf*; } include /etc/nginx/conf.d/phpmyadmin.inc*; include /etc/nginx/conf.d/phppgadmin.inc*; include /etc/nginx/conf.d/webmail.inc*; include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; }
nginx.conf:
`# Server globals
user nginx;
worker_processes auto;
worker_rlimit_nofile 65535;
error_log /var/log/nginx/error.log crit;
pid /var/run/nginx.pid;# Worker config
events {
worker_connections 1024;
use epoll;
multi_accept on;
}http {
# Main settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
client_header_timeout 1m;
client_body_timeout 1m;
client_header_buffer_size 2k;
client_body_buffer_size 256k;
client_max_body_size 256m;
large_client_header_buffers 4 8k;
send_timeout 30;
keepalive_timeout 60 60;
reset_timedout_connection on;
server_tokens off;
server_name_in_redirect off;
server_names_hash_max_size 512;
server_names_hash_bucket_size 512;# Log format
log_format main ‘$remote_addr – $remote_user [$time_local] $request ‘
‘”$status” $body_bytes_sent “$http_referer” ‘
‘”$http_user_agent” “$http_x_forwarded_for”‘;
log_format bytes ‘$body_bytes_sent’;
#access_log /var/log/nginx/access.log main;
access_log off;# Mime settings
include /etc/nginx/mime.types;
default_type application/octet-stream;# Compression
gzip on;
gzip_comp_level 9;
gzip_min_length 512;
gzip_buffers 8 64k;
gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
gzip_proxied any;
gzip_disable “MSIE [1-6]\.”;# Proxy settings
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Set-Cookie;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;# Cloudflare https://www.cloudflare.com/ips
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
#set_real_ip_from 2400:cb00::/32;
#set_real_ip_from 2606:4700::/32;
#set_real_ip_from 2803:f800::/32;
#set_real_ip_from 2405:b500::/32;
#set_real_ip_from 2405:8100::/32;
#set_real_ip_from 2c0f:f248::/32;
#set_real_ip_from 2a06:98c0::/29;
real_ip_header CF-Connecting-IP;# SSL PCI Compliance
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers “blablablablabla”;# Error pages
error_page 403 /error/403.html;
error_page 404 /error/404.html;
error_page 502 503 504 /error/50x.html;# Cache settings
proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
proxy_cache_key “$host$request_uri $cookie_user”;
proxy_temp_path /var/cache/nginx/temp;
proxy_ignore_headers Expires Cache-Control;
proxy_cache_use_stale error timeout invalid_header http_502;
proxy_cache_valid any 1d;# Cache bypass
map $http_cookie $no_cache {
default 0;
~SESS 1;
~wordpress_logged_in 1;
}# File cache settings
open_file_cache max=10000 inactive=30s;
open_file_cache_valid 60s;
open_file_cache_min_uses 2;
open_file_cache_errors off;fastcgi_cache_path /var/cache/nginx/fcgi levels=1:2 keys_zone=microcache:10m max_size=1024m inactive=1h;
# Wildcard include
include /etc/nginx/conf.d/*.conf;
}
- The topic ‘Please help, with NGINX/PHP-FM, Multisite subdomains’ is closed to new replies.