Configuring nginx for Magento
This is an old revision of the document!
Test the configuration after every change, instead of restarting the server you usually only need to do;
service nginx reload
Global configuration |
The default config file is “/etc/nginx/nginx.conf” which achieves the main task of including more config files in “/etc/nginx/conf.d/”. This example has a few other common sense additions and serves as a handy reference.
- user nginx;
- worker_processes 1;
- error_log /var/log/nginx/error.log;
- pid /var/run/nginx.pid;
- events {
- worker_connections 1024;
- }
- http {
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
- log_format main '$remote_addr - $remote_user [$time_local] "$request "'
- '$status $body_bytes_sent "$http_referer" '
- '"$http_user_agent" "$http_x_forwarded_for"';
- access_log /var/log/nginx/access.log main;
- sendfile on;
- autoindex off;
- map $scheme $fastcgi_https { ## Detect when HTTPS is used
- default off;
- https on;
- }
- keepalive_timeout 10;
- gzip on;
- gzip_comp_level 2;
- gzip_proxied any;
- gzip_types text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
- # Load config files from the /etc/nginx/conf.d directory
- include /etc/nginx/conf.d/*.conf;
- }
Individual sites |
For each site with it’s own domain (in the examples will be called DOMAIN) create a file “/etc/nginx/conf.d/DOMAIN.conf” and copy the following into it.
- server {
- listen 80;
- server_name DOMAIN.com;
- rewrite / $scheme://www.$host$request_uri permanent; ## Forcibly prepend a www
- }
- server {
- listen 80 default;
- ## SSL directives might go here
- server_name www.DOMAIN.com *.DOMAIN.com; ## Domain is here twice so server_name_in_redirect will favour the www
- root /var/www/vhosts/DOMAIN.com;
- location / {
- index index.html index.php; ## Allow a static html file to be shown first
- try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
- expires 30d; ## Assume all files are cachable
- }
- ## These locations would be hidden by .htaccess normally
- location /app/ { deny all; }
- location /includes/ { deny all; }
- location /lib/ { deny all; }
- location /media/downloadable/ { deny all; }
- location /pkginfo/ { deny all; }
- location /report/config.xml { deny all; }
- location /var/ { deny all; }
- location /var/export/ { ## Allow admins only to view export folder
- auth_basic "Restricted"; ## Message shown in login window
- auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
- autoindex on;
- }
- location /. { ## Disable .htaccess and other hidden files
- return 404;
- }
- location @handler { ## Magento uses a common front handler
- rewrite / /index.php;
- }
- location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
- rewrite ^(.*.php)/ $1 last;
- }
- location ~ .php$ { ## Execute PHP scripts
- if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
- expires off; ## Do not cache dynamic content
- fastcgi_pass 127.0.0.1:9000;
- fastcgi_param HTTPS $fastcgi_https;
- fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
- fastcgi_param MAGE_RUN_TYPE store;
- include fastcgi_params; ## See /etc/nginx/fastcgi_params
- }
- }
- Check carefully for all instances of DOMAIN and replace with your site’s domain.
- Check all path names are appropriate for your server, especially the “root” directive on line #11.
- A file is included, “/etc/nginx/fastcgi_params”. It is installed by many distros automatically and removes many headaches, if your server doesn’t have it get a copy from somewhere.
- The “MAGE_RUN_CODE” and “MAGE_RUN_TYPE” are for multi-store installations, each DOMAIN that represents a store should have that store code instead of “default” (line #53).
- A password is made available for the “/var/export/” directory. To set up the password for a given USERNAME enter the following command in a terminal.
htpasswd -c /etc/nginx/htpasswd USERNAME
SSL Certificates |
You will need to check the version on your server, through a terminal type this
nginx -v
and make a note of it.
Versions earlier than 0.7.14
For each DOMAIN find this on line #8:
listen 80 default;
and replace with this:
listen 443; ssl on; ssl_certificate /etc/nginx/conf.d/DOMAIN.crt; ssl_certificate_key /etc/nginx/conf.d/DOMAIN.key;
Place the “DOMAIN.crt” and “DOMAIN.key” files issued by the certificate authority in “/etc/nginx/conf.d/”.
Versions 0.7.14 and newer
At around line #9 insert the following:
listen 443 default ssl; ssl_certificate /etc/nginx/conf.d/DOMAIN.crt; ssl_certificate_key /etc/nginx/conf.d/DOMAIN.key;
Place the “DOMAIN.crt” and “DOMAIN.key” files issued by the certificate authority in “/etc/nginx/conf.d/”.
Fooman Speedster |
If you plan on using Fooman Speedster you’ll need to add the following to the server block.
location /minify/ { ## Needed for Fooman Speedster
rewrite ^/minify/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
}
location /skin/m/ { ## Thanks to nau88xj - http://www.magentocommerce.com/boards/viewreply/274018/
rewrite ^/skin/m/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
}
location /lib/minify/ {
allow all;
}
