lkmedia white

The right nginx settings for WordPress

last updated 4 months ago

Why are optimized NGINX settings important?

NGINX is a powerful web server that is particularly suitable for high-traffic websites such as WordPress. With correctly configured settings, you can reduce loading time, increase security and use server resources more efficiently.

1. Basic NGINX configuration for WordPress

Here is a basic nginx.conf, which serves as a starting point for a WordPress installation:

server {
listen 80;
server_name your-domain.de www.deine-domain.de;

root /path/to/wordpress;
index index.php index.html index.htm;

# Enable GZIP compression
gzip on;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

# standard security header
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";

# WordPress-specific rules
location / {
try_files $uri $uri/ /index.php?$args;
}

location ~ \.php$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000; # PHP-FPM Server
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}

# Block access to sensitive files
location ~* /(\.htaccess|\.htpasswd|\.env|\.user.ini|\.git|\.svn|\.ssh|\.DS_Store) {
deny all;
}

# cache for static content
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|otf|eot|ttf|otf|mp4|webm|ogg|ogv|json)$ {
expires max;
log_not_found off;
}

# Caching of images and static content
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
expires 1h;
}
}

2. Additional optimizations for WordPress

2.1 Permalink support

WordPress uses permalinks that are try_files be handled correctly. The line

try_files $uri $uri/ /index.php?$args;

ensures that WordPress URLs like /blog/title-of-the-post resolves correctly.

2.2 Support for WordPress cron jobs

Disable the internal WP cronjob (wp-cron.php) in the wp-config.php:

define('DISABLE_WP_CRON', true);

Create a cronjob on the server that runs the cron every 15 minutes:

*/15 * * * * curl -s https://deine-domain.de/wp-cron.php > /dev/null

3. Caching and Performance

3.1 FastCGI Cache

FastCGI Cache stores dynamic content such as WordPress pages in memory:

fastcgi_cache_path /var/cache/nginx/fastcgi_temp levels=1:2 keys_zone=WORDPRESS:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";

server {
...
location ~ \.php$ {
fastcgi_cache WORDPRESS;
fastcgi_cache_valid 200 301 302 10m;
fastcgi_cache_min_uses 1;
add_header X-FastCGI cache $upstream_cache_status;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}

3.2 Object caching with Redis

Use Redis to speed up database queries:

  • Install and activate the plugin Redis Object Cache.
  • Add the following lines to wp-config.php added:
define('WP_REDIS_HOST', '127.0.0.1');
define('WP_REDIS_PORT', 6379);
  • Make sure Redis is running and in the nginx.conf no conflicts arise.

4. Security measures

4.1 Protection against brute force attacks

Block too many login attempts:

location = /wp-login.php {
limit_req zone=one burst=5 nodelay;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}

4.2 Enable SSL

Enable HTTPS with an SSL certificate (e.g. from Let's Encrypt):

server {
listen 443 ssl;
server_name your-domain.de www.deine-domain.de;

ssl_certificate /etc/letsencrypt/live/deine-domain.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/deine-domain.de/privkey.pem;

include ssl-params.conf;
...
}

4.3 Additional security headers

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header Content-Security-Policy "default-src 'self';";

5. Debugging and monitoring

5.1 Error logging

Enable detailed logs for error analysis:

error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;

5.2 Monitoring with tools

Use tools like htop, ngxtop or New Relicto monitor server performance.


6. Example of NGINX with WordPress on Plesk

If you are using Plesk, add Domains > NGINX Settings the following directives:

# Additional Directives
gzip on;
gzip_prxied any;
gzip_types text/css application/javascript;

# WordPress Fix
location / {
try_files $uri $uri/ /index.php?$args;
}

With these settings you can create a fast, secure and reliable WordPress environment with NGINX.


Summary: What to look for in NGINX settings for WordPress?

  1. Ensure basic functionality:
    • Make sure that try_files is correctly configured for WordPress permalinks to work.
    • PHP requests should be fastcgi_pass forwarded to PHP-FPM.
  2. Caching for better performance:
    • Implement FastCGI cache for dynamic content.
    • Use Redis or another object caching tool to speed up database queries.
  3. Set up security measures:
    • Block unauthorized access to sensitive files such as .htaccess, .env or .git.
    • Protect the login area (/wp-login.php) with rate limiting and a firewall.
    • Enable HTTPS with an SSL certificate and add security headers (e.g. HSTS, Content Security Policy).
  4. Optimization for static content:
    • Cache static files (images, JS, CSS) with long expiresheaders.
    • Enable GZIP compression to reduce transfer size.
  5. Server monitoring and debugging:
    • Enable error and access logs to identify problems.
    • Monitor server load and analyze possible bottlenecks.
  6. Collaboration with WordPress-specific tools:
    • Disable the internal WordPress cronjob and set up a server-side cronjob.
    • Use optimized plugins that work with your NGINX configuration, such as WP Rocket or LiteSpeed Cache.

Key priorities:

  1. performance: Fast loading times through caching and efficient forwarding of requests.
  2. Security: Protection against attacks and data theft through security headers and rate limiting.
  3. stability: A clean configuration without conflicts or errors to avoid failures.

With these points you can ensure that your WordPress installation under NGINX runs quickly, securely and reliably.

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    lk media – your partner for online marketing & web design.

    Your success online is what drives us.
    lkmedia white
    Agency for future-oriented online marketing and web design. We are a team of creative minds and strategic thinkers who are passionately committed to your success in the digital space. Our goal is to present your brand optimally, reach your target group and generate sustainable growth.
    © Copyright 2024 lkmedia
    Sitemap Data protection imprint
    en_USEnglish