Why are optimized NGINX settings important?
NGINX is a powerful web server that is particularly suitable for high-traffic websites such as WordPress. With correctly configured settings, you can reduce loading time, increase security and use server resources more efficiently.
1. Basic NGINX configuration for WordPress
Here is a basic nginx.conf, which serves as a starting point for a WordPress installation:
server {
listen 80;
server_name your-domain.de www.deine-domain.de;
root /path/to/wordpress;
index index.php index.html index.htm;
# Enable GZIP compression
gzip on;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
# standard security header
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
# WordPress-specific rules
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000; # PHP-FPM Server
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# Block access to sensitive files
location ~* /(\.htaccess|\.htpasswd|\.env|\.user.ini|\.git|\.svn|\.ssh|\.DS_Store) {
deny all;
}
# cache for static content
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|otf|eot|ttf|otf|mp4|webm|ogg|ogv|json)$ {
expires max;
log_not_found off;
}
# Caching of images and static content
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
expires 1h;
}
}
2. Additional optimizations for WordPress
2.1 Permalink support
WordPress uses permalinks that are try_files be handled correctly. The line
try_files $uri $uri/ /index.php?$args;
ensures that WordPress URLs like /blog/title-of-the-post resolves correctly.
2.2 Support for WordPress cron jobs
Disable the internal WP cronjob (wp-cron.php) in the wp-config.php:
define('DISABLE_WP_CRON', true);
Create a cronjob on the server that runs the cron every 15 minutes:
*/15 * * * * curl -s https://deine-domain.de/wp-cron.php > /dev/null
3. Caching and Performance
3.1 FastCGI Cache
FastCGI Cache stores dynamic content such as WordPress pages in memory:
fastcgi_cache_path /var/cache/nginx/fastcgi_temp levels=1:2 keys_zone=WORDPRESS:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
server {
...
location ~ \.php$ {
fastcgi_cache WORDPRESS;
fastcgi_cache_valid 200 301 302 10m;
fastcgi_cache_min_uses 1;
add_header X-FastCGI cache $upstream_cache_status;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
3.2 Object caching with Redis
Use Redis to speed up database queries:
- Install and activate the plugin Redis Object Cache.
- Add the following lines to
wp-config.phpadded:
define('WP_REDIS_HOST', '127.0.0.1');
define('WP_REDIS_PORT', 6379);
- Make sure Redis is running and in the
nginx.confno conflicts arise.
4. Security measures
4.1 Protection against brute force attacks
Block too many login attempts:
location = /wp-login.php {
limit_req zone=one burst=5 nodelay;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
4.2 Enable SSL
Enable HTTPS with an SSL certificate (e.g. from Let's Encrypt):
server {
listen 443 ssl;
server_name your-domain.de www.deine-domain.de;
ssl_certificate /etc/letsencrypt/live/deine-domain.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/deine-domain.de/privkey.pem;
include ssl-params.conf;
...
}
4.3 Additional security headers
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header Content-Security-Policy "default-src 'self';";
5. Debugging and monitoring
5.1 Error logging
Enable detailed logs for error analysis:
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
5.2 Monitoring with tools
Use tools like htop, ngxtop or New Relicto monitor server performance.
6. Example of NGINX with WordPress on Plesk
If you are using Plesk, add Domains > NGINX Settings the following directives:
# Additional Directives
gzip on;
gzip_prxied any;
gzip_types text/css application/javascript;
# WordPress Fix
location / {
try_files $uri $uri/ /index.php?$args;
}
With these settings you can create a fast, secure and reliable WordPress environment with NGINX.
Summary: What to look for in NGINX settings for WordPress?
- Ensure basic functionality:
- Make sure that
try_filesis correctly configured for WordPress permalinks to work. - PHP requests should be
fastcgi_passforwarded to PHP-FPM.
- Make sure that
- Caching for better performance:
- Implement FastCGI cache for dynamic content.
- Use Redis or another object caching tool to speed up database queries.
- Set up security measures:
- Block unauthorized access to sensitive files such as
.htaccess,.envor.git. - Protect the login area (
/wp-login.php) with rate limiting and a firewall. - Enable HTTPS with an SSL certificate and add security headers (e.g. HSTS, Content Security Policy).
- Block unauthorized access to sensitive files such as
- Optimization for static content:
- Cache static files (images, JS, CSS) with long
expiresheaders. - Enable GZIP compression to reduce transfer size.
- Cache static files (images, JS, CSS) with long
- Server monitoring and debugging:
- Enable error and access logs to identify problems.
- Monitor server load and analyze possible bottlenecks.
- Collaboration with WordPress-specific tools:
- Disable the internal WordPress cronjob and set up a server-side cronjob.
- Use optimized plugins that work with your NGINX configuration, such as WP Rocket or LiteSpeed Cache.
Key priorities:
- performance: Fast loading times through caching and efficient forwarding of requests.
- Security: Protection against attacks and data theft through security headers and rate limiting.
- stability: A clean configuration without conflicts or errors to avoid failures.
With these points you can ensure that your WordPress installation under NGINX runs quickly, securely and reliably.
English 
Deutsch