Nginx Config for WordPress – The Whole Nine Yards

Wordpress Nginx Config

I haven’t written anything in a while. A friend of mine shared his Nginx Config for WordPress. I thought, why not share mine. WordPress is very advanced in its own way. But you can achieve some remarkable things with Nginx config without even touching WordPress. And we are going to dive in deep to look at some of the cool things you can do with Nginx config that can supercharge your WordPress Site without sweating much. I am gonna go with a step by step guide with a complete config in the end. It might get boring at some point, but stay with me nonetheless. Might help you some day.

Basic WordPress Nginx Config

This is where we start. Just by this basic config, your WordPress site will be up and running. I will explain the config with commented lines.

 

Now, this is very basic. It can definitely run your WordPress site. But some major improvement needs to be done for a much more swift performance.

Let’s Handle a Few Errors

In the start, your site may not have a few elements for s standard site. You will probably add them later. But for the time being, we can’t have those missing things clogging our error log. So,

This is going to turn error log off for favicon and robots file. Some Developers tends to put them later on. And some browser/crawler often miss them.

Put A Few Security Wall

Let’s look at a few common WordPress problems. There are a lot of Script Kiddie Aka Noob hackers out there, who has a few scripts that tries to put or access executable file from your sites root directory. It’s sort of stupid, but effective nonetheless.

First, This is going to stop the user/whoever from accessing any file that starts with a ., for example .htaccess, .htpasswd, .DS_Store etc.

Second, It will stop anyone from accessing / executing any PHP file within WordPress upload Directory. If you are using WordPress for a while, you should know by now that there shouldn’t be any PHP file inside WordPress upload directory.

Third, we could’ve done this on the second step, but i like to keep things clean. This will stop anyone from accessing any Html, JS or Flash ( SWF ) file from Upload directory. Again, none of these should be there.

Forth, Even if you want to access the wp-config.php file via browser, it will show a blank page, since it’s a PHP file without anything to print. But we shouldn’t keep it open. You can always change the permission of the file or move it a directory up, but this rule should be in your Nginx config, just to the sake of redundancy.

Fifth, We are gonna make sure that we only serve these three types of request. GET, POST, HEAD.

 

You can also add a few more security steps like which IP should be allowed to see certain section of the site and what not. But i prefer to manage them dynamically. Use a Good WordPress Security Plugin for these cases.

Some Cache For The Server

Since WordPress has some really good cache plugin like W3 Total Cache or WP Super Cache, you can rely on them for caching your content and serving them to the user. But what if you are working on something complex and you don’t wanna use any of these? That case, here are a few things you can do

These are some basic cache for the visitors browser. We are telling the browser to cache Media files for 2 Months and CSS and JS files for one month. This is Extremely simple stuff in the wilderness of Cache.

I always recommend you use a Cache Plugin like W3 Total Cache or WP Super Cache and Let them handle the hard stuff.

Final Thoughts,

This is the final configuration file. All Comment removed for swift copy paste experience 😉 .

In Addition, you can also Cache WordPress Using FastCGI Cache, which is a bit more complex, but a lot fun to work with. Maybe some other day. In Conclusion, Enjoy WordPress.

Resources

https://codex.wordpress.org/Nginx

https://www.nginx.com/resources/wiki/start/topics/recipes/wordpress/

W3 Total Cache – Proper Configuration

Well, Everyday in everywhere, There is a Question, How to Configure W3 Total Cache? And I thought, Lets spend some time to write about it, So won’t have to answer the Same Question Again and Again.

Its Not Rocket Science

W3 Total Cache isn’t Rocket Science. Its just a Plugin, A very Very Useful Plugin. And If you know how to configure it, It will boost up your site loading speed quite a bit.

What we need?

A working wordpress Installation, And Some Proper Attention, Until this Article Ends. So buckle up, We are going to have a Ride inside W3 Total Cache.

W3 Total Cache - ioritro

Phase 1

As you have a Working WordPress Installation, I assume you have the knowledge to run and maintain wordpress. So Lets Just install W3 Total Cache. How to install a Plugin isn’t pretty much the area of this article, so You have to do / Figure out it by your own. I will start Right after you install and Activate W3 Total Cache. For the Sake of Writing, i will refer W3 Total Cache as W3TC now on.

Compatibility Check

First, Go to W3 Total Cache Dashboard. You can Find it from Performance -> Dashboard. You will see there is a Compatibility check Button on the upper side of the Page. Why are we doing this? W3TC have Support for a Lots of Module, Cache Method and Service. So First We need to know, Which of those are present / available / Usable in my Installation. So click on the Button, You will have a list in a while.

There are Basically three section on Compatibility check. The First one( Server Modules & Resources ) is the Most important. So you will know, What you have and what you don’t. Now lets Get to Work. First Chapter, General Settings.

General Settings

 

General Settings Basically have a short configuration of the whole W3TC plugin. This is the Basics, For the Brief configuration, You have to go through each configuration page separately. But we will get there, Eventually, Right now, Lets focus on General Settings.

There is One thing, You should know Before starting to Configure W3TC. If you are using a Shared hosting, and if its a good one, You will probably have most of the Service / module pre installed. But if not, Your options are probably limited there. In case of VPS and Dedicated Sever, You have your kingdom, Arrange it as you like Sir. I will Show you A Configuration that should work( Hopefully ) on every server.

First Comes the general Section. Which Can toggle All options on and off at once, and we don’t need it Right now. So moving on, Next one is Page Cache.

Enable Page Cache. It will Cache You page into Static Page and Server them Directly in case one of them are Requested to the Server. For Shared Hosting, Set the method to Disk: Enhanced. If you own a VPS, You can Try Opcache : Alternative PHP Cache.

Next is, Minify. Minify is a Very interesting thing, and Very Effective. But you need to careful with your minify settings. Mis-configuration Might lead your site to a Broken Styleless – Scriptless site. Enable Minify, Set the Mode to Auto. Then Minify Cache Method, Set it to Disk, In shared hosting, That might be your only choice. Now there are three Options there. For HTML, CSS and JS. Set the Configuration as Follow,

HTML minifier: HTML tidy ( if not available, Use Default )

JS minifier: JS min ( its default and Safe choice )

CSS minifier: Default ( Safe and Quite good )

Next is, Database Cache. Its a Very Important Part. W3TC will cache your DB Query and Results and in Further use, It will direct Server the Results from the Cache. It will reduce a Lots of pressure from your Database, While, It has a demerit, Some ads management plugin can’t work properly if the Query is Cached. But, That number is very small. 90% time, this Database cache will work just fine. Enable it and Set it to Disk.

Now, Object Cache. There are a lots of task wordpress performs every single page load. Getting thousands of Data From DB, Setting them into classes, objects, Options. Now thats a good amount of load for both PHP and Database. Object Cache have a bit similarity with Database Cache, but it works on a Different Level. But thats not important Right now, May be We will Discuss about Object Cache in future. Enable it, and Set it to Disk.

Then, browser Cache, We Will Discuss it later. Just enable it.

CDN, is a Very lovely topic, At least for me. But For now, I am assuming you didn’t purchased a CDN, So we will leave it alone and in peace.

Reverse Proxy, The Mighty Varnish. But As I am writing this for New Users, So leave it alone for now.

Then, Cloudflare, Network and Security. If you use cloudflare, Feel Free to fill up the form. Otherwise, Leave it alone.

Moving on, Next One is New Relic. Awesome monitoring tool. But not now.

Licensing, Which apply only if you purchased a W3TC license. Which probably most of us don’t have. So, next.

At last, Miscellaneous, You can enable Google Page Speed API if you know What you are doing. But there isn’t much scope in this article to Cover it. So nothing to do. Now Save All Settings At once.

Now Sir, You have A  Basic Installation of W3TC. There are Basically a Lots of Options on W3 Total Cache. And That will comes in part by part. So this is For now. If you have Questions Related to W3 Total Cache, Please Mention them in the Comment Section, If its under my capability, I will try to Answer.

 

Next Part: W3 Total Cache – Page Cache Configuration