{"id":6722,"date":"2016-11-07T19:11:04","date_gmt":"2016-11-07T11:11:04","guid":{"rendered":"https:\/\/webhostinggeeks.com\/howto\/?p=6722"},"modified":"2023-06-23T13:12:54","modified_gmt":"2023-06-23T13:12:54","slug":"setup-wordpress-nginx-with-fastcgi-caching-in-centos-7","status":"publish","type":"post","link":"https:\/\/webhostinggeeks.com\/howto\/setup-wordpress-nginx-with-fastcgi-caching-in-centos-7\/","title":{"rendered":"How to Setup WordPress Nginx with FastCGI Caching in CentOS 7"},"content":{"rendered":"<p><img decoding=\"async\" class=\"alignnone size-full wp-image-6786 lazyload\" data-src=\"https:\/\/webhostinggeeks.com\/howto\/wp-content\/uploads\/2016\/11\/How-to-Setup-Wordpress-Nginx-with-FastCGI-Caching-in-CentOS-7.jpg\" alt=\"Wordpress Nginx\" width=\"1280\" height=\"904\" data-srcset=\"https:\/\/webhostinggeeks.com\/howto\/wp-content\/uploads\/2016\/11\/How-to-Setup-Wordpress-Nginx-with-FastCGI-Caching-in-CentOS-7.jpg 1280w, https:\/\/webhostinggeeks.com\/howto\/wp-content\/uploads\/2016\/11\/How-to-Setup-Wordpress-Nginx-with-FastCGI-Caching-in-CentOS-7-300x212.jpg 300w, https:\/\/webhostinggeeks.com\/howto\/wp-content\/uploads\/2016\/11\/How-to-Setup-Wordpress-Nginx-with-FastCGI-Caching-in-CentOS-7-768x542.jpg 768w, https:\/\/webhostinggeeks.com\/howto\/wp-content\/uploads\/2016\/11\/How-to-Setup-Wordpress-Nginx-with-FastCGI-Caching-in-CentOS-7-1024x723.jpg 1024w\" data-sizes=\"(max-width: 1280px) 100vw, 1280px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1280px; --smush-placeholder-aspect-ratio: 1280\/904;\" \/>If you plan to run high traffic wordpress blog(wordpress nginx), i would suggest to run it in virtual private server (VPS) or dedicated server together with NGINX FastCGI Caching.<\/p>\n<p>Besides the low memory consumption when using Nginx as a web server, it has a <a href=\"https:\/\/www.nginx.com\/resources\/wiki\/community\/why_use_it\/\" target=\"_blank\" rel=\"nofollow noopener\">fast performance<\/a>. When you combine Nginx and FastCGI Caching module, you will further enhance the performance of your web application, including a WordPress site.<\/p>\n<p>This can be an alternative to NGINX + Varnish setup that uses caching technology to accelerate the performance of wordpress site.<!--more--><\/p>\n<p>Nginx FastCGI module has instructions for caching dynamic content that is served through a PHP backend.<\/p>\n<p>When a web page is cached, repeated requests for the same page with quickly returned to a customer by the nginx web server because it comes from the cache location.<\/p>\n<p>The following tutorial will guide you to setup WordPress Nginx in CentOS 7 VPS. This setup has been tested in linode 4GB and ramnode 2GB VPS.<\/p>\n<p>Prerequisites :<br \/>\na) Assume that the linux CentOS 7 VPS has been setup properly with Mariadb as a database and Nginx as a web server run together with PHP-FPM.<br \/>\nb) You have domain name for your wordpress site and dns record pointing to your VPS ip address.<\/p>\n<pre>www.ehowstuff.local -&gt; 10.9.8.7\r\n<\/pre>\n<p>1. To install Nginx in CentOS run the following commands to create Nginx repository file in CentOS.<\/p>\n<pre>vi \/etc\/yum.repos.d\/nginx.repo\r\n<\/pre>\n<pre>[nginx]\r\nname=nginx repo\r\nbaseurl=http:\/\/nginx.org\/packages\/centos\/$releasever\/$basearch\/\r\ngpgcheck=0\r\nenabled=1\r\n<\/pre>\n<p>2. To install nginx, php, php-mysql MariaDB server, run the following command :<\/p>\n<pre># yum install nginx php php-mysql php-fpm mariadb-server\r\n<\/pre>\n<p>3. Configure php-fpm :<\/p>\n<p>Below are the configuration value for 4Gb ram VPS :<\/p>\n<pre># vi \/etc\/php-fpm.d\/www.conf\r\n<\/pre>\n<pre>listen = 127.0.0.1:9000\r\n\r\nlisten.allowed_clients = 127.0.0.1\r\n\r\nlisten.mode = 0666\r\n\r\nuser = nginx\r\ngroup = nginx\r\n\r\npm = dynamic\r\n\r\npm.max_children = 20\r\n\r\npm.start_servers = 15\r\n\r\npm.min_spare_servers = 15\r\n\r\npm.max_spare_servers = 15\r\n\r\npm.max_requests = 500\r\n<\/pre>\n<p>4. Configure NGINX with FastCGI Caching :<\/p>\n<p>This is the main configuration file for Nginx.<\/p>\n<pre># vi \/etc\/nginx\/nginx.conf\r\n<\/pre>\n<pre>user  nginx;\r\nworker_processes  2;\r\n\r\nerror_log  \/var\/log\/nginx\/error.log warn;\r\npid        \/var\/run\/nginx.pid;\r\n\r\n\r\nevents {\r\n    worker_connections  1024;\r\n}\r\n\r\n\r\nhttp {\r\n    include       \/etc\/nginx\/mime.types;\r\n    default_type  application\/octet-stream;\r\n\r\n    log_format  main  '$remote_addr - $remote_user [$time_local] \"$request\" '\r\n                      '$status $body_bytes_sent \"$http_referer\" '\r\n                      '\"$http_user_agent\" \"$http_x_forwarded_for\"';\r\n\r\n    log_format blocked '$time_local: Blocked request from $remote_addr $request';\r\n    access_log  \/var\/log\/nginx\/access.log  main;\r\n\r\n    include \/etc\/nginx\/conf.d\/common.conf;\r\n    include \/etc\/nginx\/conf.d\/gzip.conf;\r\n\r\n    #FastCGI Cache and other configuration options\r\n    include \/etc\/nginx\/conf.d\/option.conf;\r\n\r\n    #Nginx for WordPress and security\r\n    include \/etc\/nginx\/conf.d\/wordpress.conf;\r\n    \r\n    #Configure Nginx Fast-CGI Cache Exceptions\r\n    include \/etc\/nginx\/conf.d\/fastcgi_no_cache.conf;\r\n    \r\n    #Multiple wordpress sites container\r\n    include \/etc\/nginx\/sites-available\/*.conf;\r\n}\r\n<\/pre>\n<p>It is recommended to split a custom configuration of the original nginx.conf to make it easier to read and do modification.<\/p>\n<pre># vi \/etc\/nginx\/conf.d\/common.conf\r\n<\/pre>\n<pre># Global configuration file.\r\n# ESSENTIAL : Configure Nginx Listening Port\r\nlisten 80;\r\n# ESSENTIAL : Default file to serve. If the first file isn't found,\r\nindex index.php index.html index.htm;\r\n# ESSENTIAL : no favicon logs\r\nlocation = \/favicon.ico {\r\n    log_not_found off;\r\n    access_log off;\r\n}\r\n# ESSENTIAL : robots.txt\r\nlocation = \/robots.txt {\r\n    allow all;\r\n    log_not_found off;\r\n    access_log off;\r\n}\r\n# ESSENTIAL : Configure 404 Pages\r\nerror_page 404 \/404.html;\r\n# ESSENTIAL : Configure 50x Pages\r\nerror_page 500 502 503 504 \/50x.html;\r\n    location = \/50x.html {\r\n        root \/usr\/share\/nginx\/html;\r\n    }\r\n# SECURITY : Deny all attempts to access hidden files .abcde\r\nlocation ~ \/\\. {\r\n    deny all;\r\n}\r\n# PERFORMANCE : Set expires headers for static files and turn off logging.\r\nlocation ~* ^.+\\.(js|css|swf|xml|txt|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {\r\n    access_log off; log_not_found off; expires 30d;\r\n   #    expires max;\r\n   add_header Pragma no-cache;\r\n   add_header Cache-Control \"public\";\r\n}\r\n<\/pre>\n<pre>vi \/etc\/nginx\/conf.d\/gzip.conf\r\n<\/pre>\n<pre>gzip  on;\r\ngzip_comp_level 6;\r\ngzip_proxied any;\r\ngzip_min_length 1100;\r\ngzip_buffers 16 8k;\r\ngzip_disable \"MSIE [1-6]\\.(?!.*SV1)\";\r\n\r\ngzip_types text\/css text\/x-component application\/ecmascript application\/json application\/pdf application\/javascript application\/x-javascript text\/javascript application\/postscript text\/x-js text\/richtext image\/svg+xml text\/plain text\/xsd text\/xsl text\/xml image\/x-icon;\r\n\r\ngzip_http_version 1.1;\r\ngzip_vary on;\r\n<\/pre>\n<pre>vi \/etc\/nginx\/conf.d\/option.conf\r\n<\/pre>\n<pre>## FAST-CGI Configurations\r\nfastcgi_cache_path \/etc\/nginx\/cache levels=1:2 keys_zone=WPCACHE:1024m inactive=60m;\r\nfastcgi_cache_key \"$scheme$request_method$host$request_uri\";\r\nfastcgi_cache_use_stale error timeout invalid_header http_500;\r\nfastcgi_ignore_headers Cache-Control Expires Set-Cookie;\r\nadd_header X-Fastcgi-Cache $upstream_cache_status;\r\n\r\n## Other server option\r\naccess_log      off;\r\nsendfile        on;\r\ntcp_nopush      on;\r\ntcp_nodelay     on;\r\nserver_tokens   off;\r\nkeepalive_requests 100000;\r\nreset_timedout_connection on;\r\nport_in_redirect off;\r\nclient_body_timeout  1460;\r\nclient_header_timeout 1460;\r\nclient_max_body_size 10m;\r\nsend_timeout 1460;\r\nkeepalive_timeout 1300;\r\n<\/pre>\n<pre>vi \/etc\/nginx\/conf.d\/wordpress.conf\r\n<\/pre>\n<pre># WORDPRESS : Rewrite rules, sends everything through index.php and keeps the appended query string intact\r\nlocation \/ {\r\n    try_files $uri $uri\/ \/index.php?q=$uri&amp;$args;\r\n}\r\n\r\n# SECURITY : Deny all attempts to access PHP Files in the uploads directory\r\nlocation ~* \/(?:uploads|files)\/.*\\.php$ {\r\n    deny all;\r\n}\r\n\r\n\r\n# REQUIREMENTS : Enable PHP Support\r\nlocation ~ \\.php$ {\r\n# SECURITY : Zero day Exploit Protection\r\ntry_files $uri =404;\r\n\r\n# ENABLE : Enable PHP, listen fpm sock\r\nfastcgi_split_path_info ^(.+\\.php)(\/.+)$;\r\nfastcgi_pass   127.0.0.1:9000;\r\nfastcgi_index index.php;\r\nfastcgi_send_timeout 300s;\r\nfastcgi_read_timeout 300s;\r\ninclude fastcgi_params;\r\nfastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;\r\nfastcgi_buffer_size 128k;\r\nfastcgi_buffers 256 4k;\r\nfastcgi_busy_buffers_size 256k;\r\nfastcgi_temp_file_write_size 256k;\r\nfastcgi_intercept_errors on;\r\n##Added below for fastcgi_cache\r\nfastcgi_cache_bypass $no_cache;\r\nfastcgi_no_cache $no_cache;\r\nfastcgi_cache WPCACHE;\r\nfastcgi_cache_valid 200 60m;\r\nfastcgi_cache_valid 404 60m;\r\nfastcgi_max_temp_file_size 4m;\r\nfastcgi_cache_use_stale updating;\r\nfastcgi_cache_methods GET HEAD; # Only GET and HEAD methods apply\r\nadd_header X-Fastcgi-Cache $upstream_cache_status;\r\n}\r\n\r\n# Deny access to htaccess files\r\nlocation ~ \/\\. {\r\n        deny all;\r\n}\r\n\r\n# Deny access to .php files in the \/wp-content\/ directory (including sub-folders)\r\nlocation ~* ^\/wp-content\/.*.(php|phps)$ {\r\n        deny all;\r\n}\r\n\r\n## Block SQL injections\r\nlocation ~* union.*select.*\\( {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* union.*all.*select.* {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* concat.*\\( {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\n#\r\n### Block common exploits\r\nlocation ~* (&lt; |%3C).*script.*(&gt;|%3E) {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* base64_(en|de)code\\(.*\\) {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* (%24&amp;x) {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* (%0|%A|%B|%C|%D|%E|%F|127\\.0) {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* \\.\\.\\\/  {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* ~$ {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* proc\/self\/environ {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* \/\\.(htaccess|htpasswd|svn) {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\n#\r\n### Block file injections\r\nlocation ~* [a-zA-Z0-9_]=(\\.\\.\/\/?)+ {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* [a-zA-Z0-9_]=\/([a-z0-9_.]\/\/?)+ {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\n#\r\n### wordpress security\r\nlocation ~* wp-config.php {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* wp-admin\/includes {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* wp-admin\/setup-config.php {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* wp-app\\.log {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\nlocation ~* (licence|readme|license)\\.(html|txt) {access_log \/var\/log\/nginx\/*.*.log blocked; deny all;}\r\n\r\n\r\n# PLUGINS : Enable Rewrite Rules for Yoast SEO SiteMap\r\nrewrite ^\/sitemap_index\\.xml$ \/index.php?sitemap=1 last;\r\nrewrite ^\/([^\/]+?)-sitemap([0-9]+)?\\.xml$ \/index.php?sitemap=$1&amp;sitemap_n=$2 last;\r\nrewrite ^\/sitemap(-+([a-zA-Z0-9_-]+))?\\.xml$ \"\/index.php?xml_sitemap=params=$2\" last;\r\nrewrite ^\/sitemap(-+([a-zA-Z0-9_-]+))?\\.xml\\.gz$ \"\/index.php?xml_sitemap=params=$2;zip=true\" last;\r\nrewrite ^\/sitemap(-+([a-zA-Z0-9_-]+))?\\.html$ \"\/index.php?xml_sitemap=params=$2;html=true\" last;\r\n<\/pre>\n<p>Configure Cache Exceptions :<\/p>\n<pre>vi \/etc\/nginx\/conf.d\/fastcgi_no_cache.conf\r\n<\/pre>\n<pre>set $no_cache 0;\r\n\r\n    # POST requests and URLs with a query string should always go to PHP\r\n    if ($request_method = POST) {\r\n        set $no_cache 1;\r\n    }\r\n\r\n   if ($query_string != \"\") {\r\n        set $no_cache 1;\r\n    }\r\n\r\n    # Don't cache URIs containing the following segments\r\n    if ($request_uri ~* \"\/wp-admin\/|\/xmlrpc.php|wp-.*.php|\/feed\/|index.php\r\n                         |sitemap(_index)?.xml\") {\r\n        set $no_cache 1;\r\n    }\r\n\r\n    # Don't use the cache for logged-in users or recent commenters\r\n    if ($http_cookie ~* \"comment_author|wordpress_[a-f0-9]+|wp-postpass\r\n        |wordpress_no_cache|wordpress_logged_in\") {\r\n        set $no_cache 1;\r\n    }\r\n<\/pre>\n<pre># mkdir -p \/etc\/nginx\/sites-available\r\n<\/pre>\n<pre>vi \/etc\/nginx\/sites-available\/ehowstuff.local.conf\r\n<\/pre>\n<p>Add below information :<\/p>\n<pre>server {\r\n    listen     80;\r\n    server_name ehowstuff.local;\r\n    rewrite ^\/(.*)$ http:\/\/www.ehowstuff.local\/$1 permanent;\r\n}\r\n\r\nserver {\r\n        server_name www.ehowstuff.local;\r\n        root \/var\/www\/html\/ehowstuff;\r\n        access_log \/var\/log\/nginx\/ehowstuff.local.access.log;\r\n        error_log \/var\/log\/nginx\/ehowstuff.local.error.log;\r\n<\/pre>\n<p>3. Create a database for wordpress site with your prefered user and password :<\/p>\n<pre>MariaDB [wordpressdb]&gt; CREATE DATABASE wordpressdb;\r\nMariaDB [wordpressdb]&gt; CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'wordpresspassword';\r\nMariaDB [wordpressdb]&gt; GRANT ALL PRIVILEGES ON wordpressdb.* to wordpressuser@localhost;\r\n<\/pre>\n<p>Extract the wordpress file into web server root directory :<\/p>\n<pre># cd \/var\/www\/html\/\r\n# wget http:\/\/wordpress.org\/latest.tar.gz\r\n# tar xzvf latest.tar.gz\r\n# mv wordpress \/var\/www\/html\/ehowstuff\r\n<\/pre>\n<p>You can follow this steps to <a href=\"https:\/\/webhostinggeeks.com\/howto\/how-to-install-wordpress-on-centos-6-4\/\" target=\"_blank\" rel=\"nofollow noopener\">install wordpress on CentOS<\/a>.<\/p>\n<p>4. Start the services and make it auto start at boot :<\/p>\n<pre># systemctl restart nginx &amp;&amp; systemctl restart php-fpm &amp;&amp; systemctl restart mariadb\r\n# systemctl enable nginx &amp;&amp; systemctl enable php-fpm &amp;&amp; systemctl enable mariadb\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>If you plan to run high traffic wordpress blog(wordpress nginx), i would suggest to run it in virtual private server (VPS) or dedicated server together with NGINX FastCGI Caching. Besides&#8230;<\/p>\n","protected":false},"author":6,"featured_media":6786,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"wds_primary_category":0,"footnotes":""},"categories":[1014],"tags":[1258,1368,1605,1933],"class_list":["post-6722","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-nginx","tag-centos-7","tag-fastcgi","tag-nginx","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/posts\/6722","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/comments?post=6722"}],"version-history":[{"count":0,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/posts\/6722\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/media\/6786"}],"wp:attachment":[{"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/media?parent=6722"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/categories?post=6722"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webhostinggeeks.com\/howto\/wp-json\/wp\/v2\/tags?post=6722"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}