Skip to content

Nginx configuration for WordPress

Maxime Jobin edited this page Feb 3, 2019 · 8 revisions

You have a WordPress website and would like to switch to a Nginx web server. Good!

As you may know, you cannot use a .htaccess file in Nginx. The .htaccess file only works with Apache.

This document will help you accomplish one of these tasks:

Here is a basic configuration to run your WordPress website with Nginx with HTTP:

# WordPress website: mysite.com and www.mysite.com
server {
    listen 80;
    server_name mysite.com www.mysite.com;

    # Logs (access et errors)
    access_log /home/mysite.com/logs/nginx/access-https.log;
    error_log /home/mysite.com/logs/nginx/error-https.log;

    # Root folder
    root /home/mysite.com/www;

    # Default file
    index index.php;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    # Add a slash at the end of request */wp-admin
    rewrite /wp-admin$ $scheme://$host$uri/ permanent;
    
    # Deny files starting with a . (dot)
    location ~ /\. {
        deny all;
    }

    # Add Rocket-Nginx configuration (of course !!)
    include rocket-nginx/default.conf;

    # PHP handling with FPM
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass unix:/var/run/php5-fpm.mysite.com.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

See section Creating a basic Nginx configuration for WordPress

# WordPress website: mysite.com and www.mysite.com
server {
    listen 80;
    server_name mysite.com www.mysite.com;

    # Logs (access et errors)
    access_log /home/mysite.com/logs/nginx/access-https.log;
    error_log /home/mysite.com/logs/nginx/error-https.log;

    # Root folder
    root /home/mysite.com/www;

    # Default file
    index index.php;

if (!-e $request_filename) {
	rewrite /wp-admin$ $scheme://$host$uri/ permanent;
	rewrite ^(/[^/]+)?(/wp-.*) $2 last;
	rewrite ^(/[^/]+)?(/.*\.php) $2 last;
}

    location / {
        try_files $uri $uri/ /index.php?$args;
    }
    
    # Deny files starting with a . (dot)
    location ~ /\. {
        deny all;
    }

    # Add Rocket-Nginx configuration (of course !!)
    include rocket-nginx/default.conf;

    # PHP handling with FPM
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass unix:/var/run/php5-fpm.mysite.com.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

Let's say you want to redirect mysite.com to www.mysite.com, you will need to edit this line from the Basic Configuration

server_name mysite.com www.mysite.com;

to

server_name www.mysite.com;

You will also need to add the following section:

server {
        listen 80;
        server_name     mysite.com;
        return          301 http://www.mysite.com$request_uri;
}

Note: you may need to alter your subdomain configuration to make it work.

Let's say you want to redirect www.mysite.com to mysite.com, you will need to edit this line from the Basic Configuration.

server_name mysite.com www.mysite.com;

to

server_name mysite.com;

You will also need to add the following section:

server {
        listen 80;
        server_name     www.mysite.com;
        return          301 http://mysite.com$request_uri;
}

Note: you may need to alter your subdomain configuration to make it work.

If you want your website to support SSL (HTTPS), you'll have a buy a SSL certificate and generate your private and public keys. Once you're done, you will need to create a new configuration for your website as HTTP listens on port 80 and HTTPS listens on port 443.

You can start by taking your default configuration and simply change the following lines:

server {
    listen 443;

    # SSL configuration
    ssl on;
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!$
    ssl_prefer_server_ciphers on;

    # SSL public and private keys
    ssl_certificate /srv/ssl/www.mysite.com.pem;
    ssl_certificate_key /srv/ssl/www.mysite.com.key;

    # Basic configuration from previous section goes here...
}

For more information, you can check Configuring HTTPS servers and Module ngx_http_ssl_module directly from Nginx website

Clone this wiki locally