LEMP-Setup/wordpress at master · pmgarman/LEMP-Setup · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
upstream php {
        server unix:/tmp/php-cgi.socket;
        server 127.0.0.1:9000;
}

server {
        listen          80 default_server;
	server_name     _;

        access_log      /home/www/logs/wordpress/access.log;
        error_log       /home/www/logs/wordpress/error.log;
        root            /home/www/wordpress;

        location / { # on all requests, try for a real file. if it doesn't exist, forward onto out index.php for wordpress to rewrite or 404 nicely
		index index.php
                try_files $uri $uri/ /index.php;
        }

	location /phpmyadmin {
		root /usr/share/;
		index index.php index.html index.htm;
		location ~ ^/phpmyadmin/(.+\.php)$ {
			try_files $uri =404;
			root /usr/share/;
			include fastcgi_params;
			fastcgi_intercept_errors on;
			fastcgi_pass php;
		}
		location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
			root /usr/share/;
		}
	}

        location ~ \.php$ { # any .php files should be forwarded onto php-fpm
                try_files $uri =404; # by any we mean real php, not malicious ones renamed to another extension
		include fastcgi_params;
                fastcgi_intercept_errors on;
                fastcgi_pass php;
        }

        location = /robots.txt { allow all; log_not_found off; access_log off; } # robots.txt is allowed but let's not log it
        location = /favicon.ico { log_not_found off; access_log off; } # lets not log favicon requests, even if it is missing
	location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { expires max; log_not_found off; } # cache expires @ max
        location ~ /\. { deny all; access_log off; log_not_found off; } # deny access to dot files
}