nginx + php-fpm configuration on ISPmanager for wordpress?

A

Andrey2018-01-23 14:30:02

Nginx

Andrey, 2018-01-23 14:30:02

In ISPmanager, the site.ru.conf config is automatically created for sites on nginx + php- fpm

server {
  server_name site.ru www.site.ru;
  charset off;
  index index.php;
  disable_symlinks if_not_owner from=$root_path;
  include /etc/nginx/vhosts-includes/*.conf;
  include /etc/nginx/vhosts-resources/site.ru/*.conf;
  access_log /var/www/httpd-logs/site.ru.access.log;
  error_log /var/www/httpd-logs/site.ru.error.log notice;
  ssi on;
  return 301 https://$host:443$request_uri;
  set $root_path /var/www/siteru/data/www/site.ru;
  root $root_path;
  listen xx.xxx.xx.xx:80;
  gzip on;
  gzip_comp_level 5;
  gzip_disable "msie6";
  gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
  location / {
    location ~ [^/]\.ph(p\d*|tml)$ {
      try_files /does_not_exists @php;
    }
  }
  location @php {
    fastcgi_index index.php;
    fastcgi_param PHP_ADMIN_VALUE "sendmail_path = /usr/sbin/sendmail -t -i -f [email protected]";
    fastcgi_pass unix:/var/www/php-fpm/siteru.sock;
    fastcgi_split_path_info ^((?U).+\.ph(?:p\d*|tml))(/?.+)$;
    try_files $uri =404;
    include fastcgi_params;
  }
}
server {
  server_name site.ru www.site.ru;
  ssl on;
  ssl_certificate "/var/www/httpd-cert/siteru/site.ru_le1.crtca";
  ssl_certificate_key "/var/www/httpd-cert/siteru/site.ru_le1.key";
  ssl_ciphers EECDH:+AES256:-3DES:RSA+AES:!NULL:!RC4;
  ssl_prefer_server_ciphers on;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_dhparam /etc/ssl/certs/dhparam4096.pem;
  charset off;
  index index.php;
  disable_symlinks if_not_owner from=$root_path;
  include /etc/nginx/vhosts-includes/*.conf;
  include /etc/nginx/vhosts-resources/site.ru/*.conf;
  access_log /var/www/httpd-logs/site.ru.access.log;
  error_log /var/www/httpd-logs/site.ru.error.log notice;
  ssi on;
  set $root_path /var/www/siteru/data/www/site.ru;
  root $root_path;
  listen listen xx.xxx.xx.xx:443;
  gzip on;
  gzip_comp_level 5;
  gzip_disable "msie6";
  gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
  location / {
    location ~ [^/]\.ph(p\d*|tml)$ {
      try_files /does_not_exists @php;
    }
  }
  location @php {
    fastcgi_index index.php;
    fastcgi_param PHP_ADMIN_VALUE "sendmail_path = /usr/sbin/sendmail -t -i -f [email protected]";
    fastcgi_pass unix:/var/www/php-fpm/siteru.sock;
    fastcgi_split_path_info ^((?U).+\.ph(?:p\d*|tml))(/?.+)$;
    try_files $uri =404;
    include fastcgi_params;
  }
}

Since I have a website on wordpess, I put the wordpress.conf configuration file in the /etc/nginx/vhosts-resources/site.ru/ folder

server {
        ## Your website name goes here.
        server_name site.ru www.site.ru;
        ## Your only path reference.
        root /var/www/siteru/data/www/site.ru;
        ## This should be in your http block and if it is, it's not needed here.
        index index.php;

        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }

    
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }

    
        location / {
            try_files $uri $uri/ /index.php?$args;
        }

    
    location = /xmlrpc.php {
      deny all;
      access_log off;
      log_not_found off;
    }
    
    # Запрещаем доступ к скрытым файлам
    location ~ /\. {
      deny all;
    }
 
    # Запрещаем доступ к файлам .php в директории uploads
    location ~* /(?:uploads|files)/.*\.php$ {
      deny all;
    }
  
        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires max;
                log_not_found off;
        }

    
    # Запрещаем доступ к админке
    location ~ ^/(wp-admin|wp-login.php) {
        allow   xxx.xxx.xx.xxx;
        deny   all;
    }
    location = /wp-login.php {
      try_files /does_not_exists @deny;
    }
   
   
    # Запрещаем доступ к файлам .php в директории uploads
    location ~* /(?:uploads|files)/.*\.php$ {
      deny all;
    }
}

The site uses w3 total cache, so I added another config for the w3total.conf cache to the /etc/nginx/vhosts-resources/site.ru/ folder

#W3 TOTAL CACHE CHECK 
set $cache_uri $request_uri;

# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
        set $cache_uri 'null cache';
}   
if ($query_string != "") {
        set $cache_uri 'null cache';
}   

# Don't cache uris containing the following segments
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
        set $cache_uri 'null cache';
}   

# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") {
        set $cache_uri 'null cache';
}
#ADD mobile rules from WP SUPER CACHE section above

#APPEND A CODE BLOCK FROM BELOW...

# Use cached or actual file if they exists, otherwise pass request to WordPress
location / {
        try_files /wp-content/w3tc/pgcache/$cache_uri/_index.html $uri $uri/ /index.php?$args ;
}

As a result, after restarting Nginx does not start. Tell me, please, I have been suffering for several days - where did I make a mistake?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alex McArrow, 2018-01-23
@dyba

nginx -t- will help you.
This must be entered in the console (SSH) and you will find out where the error is in the NGINX configs