Nginx, PHP, WordPress

Vivek GuptaApril 3, 2020

Install Nginx and PHP-FPM

sudo apt install nginx 
sudo ufw app info "Nginx Full"
sudo ufw allow in "Nginx Full"


Code language: JavaScript (javascript)

PHP 7.2 FPM

sudo apt install php-fpm php-mysql php-dom php-simplexml php-ssh2 php-xml php-xmlreader php-curl php-exif php-ftp php-gd php-iconv php-imagick php-json php-mbstring php-posix php-sockets php-tokenizer  php7.2-cli

sudo systemctl reload php7.2-fpm

sudo nano /etc/php/7.2/fpm/php.ini

; Maximum allowed size for uploaded files.
; http://php.net/upload-max-filesize
upload_max_filesize = 256M
post_max_size = 256M
upload_max_filesize = 256M
memory_limit = 256M
max_execution_time = 360
date.timezone = Asia/Kolkata
# Restrict FPM to Localhost
cgi.fix_pathinfo = 0

file_uploads = On
allow_url_fopen = On
short_open_tag = On



sudo systemctl status php7.2-fpm.service
sudo systemctl restart php7.2-fpm
sudo systemctl status php7.2-fpm.serviceCode language: PHP (php)

Install WordPress

cd /tmp
curl -O https://wordpress.org/latest.tar.gz

tar xzvf latest.tar.gz
### touch /tmp/wordpress/.htaccess
cp /tmp/wordpress/wp-config-sample.php /tmp/wordpress/wp-config.php
mkdir /tmp/wordpress/wp-content/upgrade

sudo cp -a /tmp/wordpress/. /var/www/html/wordpress
sudo chown -R www-data:www-data /var/www/html/wordpress

curl -s https://api.wordpress.org/secret-key/1.1/salt/
sudo nano /var/www/html/wordpress/wp-config.php

# EDIT DATABASE DETAILS
# Add the SALTs received above

$_SERVER['HTTPS'] = 'on';
define('FS_METHOD', 'direct');
Code language: PHP (php)

Configure NGINX

sudo cp /etc/nginx/sites-enabled/default /etc/nginx/sites-available/wordpress
sudo nano /etc/nginx/sites-available/wordpress

server {
    listen         80;
    listen         [::]:80;
    server_name    example.com;
    root           /var/www/html/wordpress;

    access_log /var/log/nginx/wordpress.access.log;
    error_log /var/log/nginx/wordpress.error.log;

    client_max_body_size 256M;
    autoindex off;

   ## https://github.com/littlebizzy/slickstack/blob/master/nginx/default-single-site.txt
    ## redirect index.php requests ##
    if ($request_uri ~* "^(.*/)index\.php$") {
        return 301 $1;
    }

    #Add trailing slash to */wp-admin requests.
    rewrite /faq/wp-admin$ $scheme://$host$uri/ permanent;

    location / {
       # Pretty permalinks
       # try_files $uri $uri/ /index.php$is_args$args;
       try_files $uri $uri/ /index.php?$args;
    }

# https://www.cyberciti.biz/faq/how-to-configure-nginx-for-wordpress-permalinks/
# Pass all .php files onto a php-fpm/php-fcgi server.
    index index.php;
    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        if (!-f $document_root$fastcgi_script_name) {
                return 404;
    }
# This is a robust solution for path info security issue and works with "cgi.fix_pathinfo = 1" in /etc/php.ini (default)
    include /etc/nginx/fastcgi_params;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_pass php;
 }
}


  #enable gzip compression
  gzip on;
  gzip_vary on;
  gzip_min_length 1000;
  gzip_comp_level 5;
  gzip_types application/json text/css application/x-javascript application/javascript image/svg+xml;
  gzip_proxied any;


    location = /favicon.ico { log_not_found off; access_log off; }
    location = /robots.txt { log_not_found off; access_log off; allow all; }

  # disable access to hidden files
  location ~ /\.ht {
      access_log off;
      log_not_found off;
      deny all;
  }

# https://github.com/littlebizzy/slickstack/blob/master/nginx/default-single-site.txt

####################################################################################################
#### Server Block: Favicon Settings ################################################################
####################################################################################################

    location = /favicon.ico {
        ## 204 error better than 404 error if not found ##
        try_files $uri =204;
    }
 
####################################################################################################
#### Server Block: Static Resource Settings (Expiration Headers) ###################################
####################################################################################################

    ## CloudFlare (or CDNs) overwrite these headers ##
    location ~* \.(atom|bmp|bz2|css|doc|docx|eot|gif|gz|ico|jpeg|jpg|js|mid|midi|mp4|ogg|ogv|otf|png|ppt|rar|rss|rtf|svg|svgz|tar|tgz|ttf|wav|woff|xls|zip)$ {
        expires max;
    }

####################################################################################################
#### Server Block: Browser Resource (Render) Settings ##############################################
####################################################################################################

    location ~ \.(eot|ttf|ttc|otf|woff|woff2|svg|css|js)$ {
        ## avoid render security errors in certain browsers e.g. Firefox/IE ##
        add_header Access-Control-Allow-Origin "*";
	expires max;
    }

   
####################################################################################################
#### Server Block: Deny Access To Various (Unsafe + Unused) WordPress Core Files ###################
####################################################################################################

    ## WP directories ##
    location ~* /(?:wp-includes|wp-content|mu-plugins|uploads)/.*\.php$ {
        deny all;
    }
    
    ## WP meta files ##
    location ~* (license|licence|readme)\.(htm|html|txt) {
	deny all;
    }
    
    ## wp-config ##
    location = /wp-config*.php {
	deny all;
    }
    
    ## XML-RPC ##
    location = /xmlrpc.php {
	deny all;
    }
    
    ## wp-mail ##
    location = /wp-mail.php {
	deny all;
    }
    
    ## wp-links-opml ##
    location = /wp-links-opml.php {
	deny all;
    }
    
    ## wp-trackback ##
    location = /wp-trackback.php {
	deny all;
    }
    
    ## WP debug logs ##
    location ~ /wp-content/debug\.log {
	deny all;
    }

####################################################################################################
#### Server Block: WP-Login Settings (Rate Limiting) ###############################################
####################################################################################################

    location = /wp-login.php {
        ## limit access to one request per second per IP address
        limit_req zone=one burst=1 nodelay;
        ## we must re-include this routing for php-fpm ##
        include /etc/nginx/fastcgi.conf;
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        ## fastcgi_pass unix:/var/run/php/php7.2-fpm.sock
	## fastcgi_pass unix:/run/php/php7.2-fpm.sock;
	fastcgi_pass 127.0.0.1:9000;
	fastcgi_read_timeout 300;
        fastcgi_index index.php;
        fastcgi_cache WORDPRESS;
        fastcgi_cache_valid 200 301 404 @CACHEVALID;
        fastcgi_cache_bypass $skip_cache;
        fastcgi_no_cache $skip_cache;
    }


}

sudo ln -s /etc/nginx/sites-available/wordpress /etc/nginx/sites-enabled/wordpress
sudo unlink /etc/nginx/sites-enabled/default

sudo nginx -t
sudo systemctl reload nginx
sudo systemctl status nginx
Code language: PHP (php)

Complete WordPress Installation

http://server_domain_or_IPCode language: JavaScript (javascript)

Epidemiology & Technology

Search site

Nginx, PHP, WordPress

Install Nginx and PHP-FPM

PHP 7.2 FPM

Install WordPress

Configure NGINX

Complete WordPress Installation

Related Posts

Nginx, PHP, WordPress

Install Nginx and PHP-FPM

PHP 7.2 FPM

Install WordPress

Configure NGINX

Complete WordPress Installation

Related Posts

Jisti meet Customizations

Getting WordPress to work on 18.04 behind reverse proxy on SSL

Traefik Reverse Proxy 2.10.3