auvem/wordpress-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d98ec294e7bdcce25af0e5338be42d0f163dfdd0
wordpress-docker/nginx/nginx.conf
Elijah Duffy f5d29e3515
All checks were successful
nginx-build / build (push) Successful in 34s
Details
nginx: direct error & access logs to stderr and stdout respectively
2025-12-08 02:51:08 -08:00

72 lines
2.2 KiB
Nginx Configuration File
Raw Blame History

error_log /dev/stderr warn;
access_log /dev/stdout;
server {
listen 80;
listen [::]:80;
# Set the server name to a catch all since this will be behind
# a reverse proxy or load balancer in most cases.
server_name _;
root /var/www/html;
index index.php;
# Security Headers
# These provide a strong baseline against common web vulnerabilities.
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
# Deny access to any files starting with a dot.
location ~ /\. {
deny all;
}
# Deny access to specific sensitive file types.
location ~* \.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])$ {
deny all;
}
# Cache static assets for a long time.
# The 'immutable' directive is great for versioned assets.
location ~* \.(?:css|js|gif|jpe?g|png|ico|svg|woff2?|ttf|eot)$ {
try_files $uri =404;
access_log off;
expires 30d;
add_header Cache-Control "public, immutable";
}
# Handle favicon and robots.txt without logging.
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
# Main WordPress front-controller.
# All non-file requests fall through to index.php.
location / {
try_files $uri $uri/ /index.php?$args;
}
# Pass PHP scripts to the PHP-FPM container.
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Use the service name of your PHP-FPM container.
fastcgi_pass php-fpm:9000;
fastcgi_index index.php;
include fastcgi_params;
# Set required CGI parameters.
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS $https if_not_empty;
# Optimize buffers for potentially large WordPress headers.
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_read_timeout 300;
}
}
Reference in New Issue View Git Blame Copy Permalink