Configuring nginx for Magento

Last modified by clockworkgeek on Wed, November 17, 2010 10:04
Source|Old Revisions  

This is an old revision of the document!


Based on this thread

Test the configuration after every change, instead of restarting the server you usually only need to do;

service nginx reload

Global configuration

The default config file is “/etc/nginx/nginx.conf” which achieves the main task of including more config files in “/etc/nginx/conf.d/”. This example has a few other common sense additions and serves as a handy reference.

  1. user              nginx;
  2. worker_processes  1;
  3. error_log         /var/log/nginx/error.log;
  4. pid               /var/run/nginx.pid;
  5.  
  6. events {
  7.     worker_connections  1024;
  8. }
  9.  
  10. http {
  11.     include       /etc/nginx/mime.types;
  12.     default_type  application/octet-stream;
  13.  
  14.     log_format  main  '$remote_addr - $remote_user [$time_local] "$request "'
  15.                       '$status $body_bytes_sent "$http_referer" '
  16.                       '"$http_user_agent" "$http_x_forwarded_for"';
  17.     access_log  /var/log/nginx/access.log  main;
  18.  
  19.     sendfile        on;
  20.     autoindex off;
  21.     map $scheme $fastcgi_https { ## Detect when HTTPS is used
  22.         default off;
  23.         https on;
  24.     }
  25.  
  26.     keepalive_timeout  10;
  27.  
  28.     gzip  on;
  29.     gzip_comp_level 2;
  30.     gzip_proxied any;
  31.     gzip_types      text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
  32.  
  33.     # Load config files from the /etc/nginx/conf.d directory
  34.     include /etc/nginx/conf.d/*.conf;
  35.  
  36. }

Individual sites

For each site with it’s own domain (in the examples will be called DOMAIN) create a file “/etc/nginx/conf.d/DOMAIN.conf” and copy the following into it.

  1. server {
  2.     listen 80;
  3.     server_name DOMAIN.com;
  4.     rewrite / $scheme://www.$host$request_uri permanent; ## Forcibly prepend a www
  5. }
  6.  
  7. server {
  8.     listen 80 default;
  9. ## SSL directives might go here
  10.     server_name www.DOMAIN.com *.DOMAIN.com; ## Domain is here twice so server_name_in_redirect will favour the www
  11.     root /var/www/vhosts/DOMAIN.com;
  12.  
  13.     location / {
  14.         index index.html index.php; ## Allow a static html file to be shown first
  15.         try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
  16.         expires 30d; ## Assume all files are cachable
  17.     }
  18.     location /minify/ { ## Needed for Fooman Speedster
  19.         rewrite ^/minify/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
  20.     }
  21.  
  22.     ## These locations would be hidden by .htaccess normally
  23.     location /app/                { deny all; }
  24.     location /includes/           { deny all; }
  25.     location /lib/                { deny all; }
  26.     location /lib/minify/         { allow all; }  ## Deny is applied after rewrites so must specifically allow minify
  27.     location /media/downloadable/ { deny all; }
  28.     location /pkginfo/            { deny all; }
  29.     location /report/config.xml   { deny all; }
  30.     location /var/                { deny all; }
  31.  
  32.     location /var/export/ { ## Allow admins only to view export folder
  33.         auth_basic           "Restricted"; ## Message shown in login window
  34.         auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
  35.         autoindex            on;
  36.     }
  37.  
  38.     location  /. { ## Disable .htaccess and other hidden files
  39.         return 404;
  40.     }
  41.  
  42.     location @handler { ## Magento uses a common front handler
  43.         rewrite / /index.php;
  44.     }
  45.  
  46.     location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
  47.         rewrite ^(.*.php)/ $1 last;
  48.     }
  49.  
  50.     location ~ .php$ { ## Execute PHP scripts
  51.         if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
  52.  
  53.         expires        off; ## Do not cache dynamic content
  54.         fastcgi_pass   127.0.0.1:9000;
  55.         fastcgi_param  HTTPS $fastcgi_https;
  56.         fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
  57.         fastcgi_param  MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
  58.         fastcgi_param  MAGE_RUN_TYPE store;
  59.         include        fastcgi_params; ## See /etc/nginx/fastcgi_params
  60.     }
  61. }
  • Check carefully for all instances of DOMAIN and replace with your site’s domain.
  • Check all path names are appropriate for your server, especially the “root” directive on line #11.
  • A file is included, “/etc/nginx/fastcgi_params”. It is installed by many distros automatically and removes many headaches, if your server doesn’t have it get a copy from somewhere.
  • The “MAGE_RUN_CODE” and “MAGE_RUN_TYPE” are for multi-store installations, each DOMAIN that represents a store should have that store code instead of “default” (line #57).

SSL Certificates

You will need to check the version on your server, through a terminal type this

nginx -v

and make a note of it.

Versions earlier than 0.7.14

For each DOMAIN find this on line #8:

listen 80 default;

and replace with this:

listen 443;
ssl on;
ssl_certificate     /etc/nginx/conf.d/DOMAIN.crt;
ssl_certificate_key /etc/nginx/conf.d/DOMAIN.key;

Place the “DOMAIN.crt” and “DOMAIN.key” files issued by the certificate authority in “/etc/nginx/conf.d/”.

Versions 0.7.14 and newer

At around line #9 insert the following:

listen 443 default ssl;
ssl_certificate     /etc/nginx/conf.d/DOMAIN.crt;
ssl_certificate_key /etc/nginx/conf.d/DOMAIN.key;

Place the “DOMAIN.crt” and “DOMAIN.key” files issued by the certificate authority in “/etc/nginx/conf.d/”.




 

Magento 2 GitHub Repository

Magento Job Board - Some sort of tag line goes here

Latest Posts| View all Jobs