{"id":1689,"date":"2015-02-28T14:00:21","date_gmt":"2015-02-28T11:00:21","guid":{"rendered":"http:\/\/joseph.zikusooka.com\/?p=1689"},"modified":"2015-03-01T00:10:54","modified_gmt":"2015-02-28T21:10:54","slug":"how-to-configure-nginx-for-use-with-wordpress-and-other-cms-based-websites","status":"publish","type":"post","link":"https:\/\/joseph.zikusooka.com\/?p=1689","title":{"rendered":"How to configure nginx for use with WordPress and other CMS based websites"},"content":{"rendered":"

This is the second part of my Nginx tutorial. The first part<\/a> covered the installation process. In this post, I will show you how to modify the default configuration and get your server ready to serve CMS based websites like WordPress, Drupal, Joomla, Gallery etc<\/p>\n

Before delving into the configuration of nginx, it is important to ensure that all the prerequisite software is installed and properly configured. Like all of my tutorials, I am using Linux and specifically Fedora 20.<\/p>\n

PHP<\/strong><\/p>\n

Install the following php and related modules:<\/p>\n

yum install php php-fpm php-pecl-apcu php-pdo php-mcrypt php-common php-mysqlnd php-process php-gd php-pear php-pear-DB php-pgsql php-xml php-cli php-xmlrpc php-mbstring php-pecl-igbinary php-pecl-memcache php-pecl-memcached php-pecl-mongo php-pecl-jsonc<\/code><\/p>\n

Edit the php configuration file:<\/p>\n

vim \/etc\/php.ini<\/code><\/p>\n

I recommend setting the following parameters in php.ini:<\/em><\/p>\n

short_open_tag = On
\ndate.timezone = Africa\/Kampala (or your time zone)<\/p>\n

Edit the php-fpm configuration file:<\/p>\n

vim \/etc\/php-fpm.d\/www.conf<\/code><\/p>\n

Change the following options in www.conf:<\/em><\/p>\n

[www]
\nlisten = 127.0.0.1:9000
\n;listen.allowed_clients = 127.0.0.1
\nuser = nginx
\ngroup = nginx<\/p>\n

Change permissions of the php sessions directory:<\/p>\n

chown nginx:nginx \/var\/lib\/php<\/code><\/p>\n

Now enable and start php-fpm service:<\/p>\n

systemctl enable php-fpm.service && systemctl start php-fpm.service<\/code><\/p>\n

OPENSSL<\/strong><\/p>\n

Install openssl if you plan on securing your server; which you should!
\n
\nyum install openssl openssl-libs openssl-devel<\/code><\/p>\n

Add ssl directory where certificate and key will be stored:<\/p>\n

mkdir \/etc\/nginx\/ssl<\/code><\/p>\n

Generate self-signed SSL certificate and key for your webserver:<\/p>\n

openssl req -new -x509 -out \/etc\/nginx\/ssl\/cert.pem -key \/etc\/nginx\/ssl\/cert.key -days 365<\/code><\/p>\n

SPAWN-FCGI<\/strong><\/p>\n

Install spawn-fcgi, a simple program for spawning FastCGI processes:<\/p>\n

yum install spawn-fcgi<\/code><\/p>\n

Edit the environment file for spawn-fcgi:<\/p>\n

vim \/etc\/sysconfig\/spawn-fcgi<\/code><\/p>\n

Make the following changes:<\/p>\n

FCGI_SOCKET=\/var\/run\/fcgiwrap.socket
\nFCGI_PROGRAM=\/usr\/sbin\/fcgiwrap
\nFCGI_USER=nginx
\nFCGI_GROUP=nginx
\nFCGI_EXTRA_OPTIONS=\"-M 0700\"
\nOPTIONS=\"-u $FCGI_USER -g $FCGI_GROUP -s $FCGI_SOCKET -S $FCGI_EXTRA_OPTIONS -F 1 -P \/var\/run\/spawn-fcgi.pid -- $FCGI_PROGRAM\"<\/code><\/p>\n

Enable and start spawn-fcgi.service:<\/p>\n

systemctl enable spawn-fcgi.service && systemctl start spawn-fcgi.service<\/code><\/p>\n

FCGIWRAP<\/strong><\/p>\n

Install fcgiwrap, a simple FastCGI wrapper for CGI scripts:<\/p>\n

cd \/usr\/src<\/code><\/p>\n

Download fcgiwrap sources:<\/p>\n

git clone https:\/\/github.com\/gnosek\/fcgiwrap.git
\ncd \/usr\/src\/fcgiwrap
\nautoreconf -i
\n.\/configure --prefix=\/usr
\nmake && make install<\/code><\/p>\n

CONFIGURATION<\/strong><\/p>\n

Nginx’s configuration files are located under \/etc\/nginx. And as specified by the installation configure command in the previous post, the main configuration file is: \/etc\/nginx\/nginx.conf. This is where I will make most of my changes.<\/p>\n

vim nginx.conf<\/code><\/p>\n

Add the following to nginx.conf and save it:<\/p>\n

user nginx;
\nworker_processes 1;
\n#
\nevents {
\nworker_connections 1024;
\n}
\n#
\nhttp {
\ninclude mime.types;
\ninclude conf.d\/*.conf;
\ninclude sites-enabled\/*;
\ndefault_type application\/octet-stream;
\nlog_format main '$remote_addr - $remote_user [$time_local] \"$request\" '
\n'$status $body_bytes_sent \"$http_referer\" '
\n'\"$http_user_agent\" \"$http_x_forwarded_for\"';
\nsendfile on;
\nkeepalive_timeout 65;
\n#
\nserver {
\nlisten 80;
\nserver_name localhost;
\nroot html;
\nindex index.html index.htm index.php;
\nautoindex on;
\naccess_log \/var\/log\/nginx\/localhost.access.log main;
\n#
\nlocation \/ {
\n}
\n#
\nerror_page 500 502 503 504 \/50x.html;
\n#
\nlocation = \/50x.html {
\n}
\n#
\nlocation ~ \\.php$ {
\ninclude includes\/php_params;
\n}
\n#
\nlocation ~* \\.(cgi|chi)$ {
\ninclude includes\/cgi_params;
\n}
\n# Add xmlrpc scgi support
\n#
\nlocation ~ ^\/RPC2$ {
\nscgi_pass localhost:5000;
\ninclude scgi_params;
\n}
\n}
\n#
\n# HTTPS server
\n#
\nserver {
\nlisten 443 ssl;
\nserver_name localhost;
\nroot html;
\nindex index.html index.htm index.php;
\n#
\nssl_certificate ssl\/cert.pem;
\nssl_certificate_key ssl\/cert.key;
\nssl_session_cache shared:SSL:1m;
\nssl_session_timeout 5m;
\nssl_ciphers HIGH:!aNULL:!MD5;
\nssl_prefer_server_ciphers on;
\n#
\nlocation \/ {
\n}
\n#
\nlocation ~ \\.php$ {
\ninclude includes\/php_params;
\n}
\n#
\nlocation ~* \\.(cgi|chi)$ {
\ninclude includes\/cgi_params;
\n}
\n}
\n}<\/code><\/p>\n

To get details on what these directives exactly mean and the syntax used above, visit the Nginx documentation<\/a><\/em><\/p>\n

NOTES:<\/em><\/p>\n

Nginx is pretty picky when it comes to Syntax, so:<\/em><\/p>\n

– The location directive is placed within a server directive.
\n– Also, all directives must end with a semicolon.<\/em><\/p>\n

Like other similar programs in UNIX, you can split the configuration file into several files using the parameter: include as shown in the above file. This makes maintenance and packaging of these files easier.<\/p>\n

Create other configuration directories:<\/p>\n

mkdir \/etc\/nginx\/{conf.d,includes,sites-enabled}<\/code><\/p>\n

Add the following files to the includes directory:<\/p>\n

vim \/etc\/nginx\/includes\/php_params<\/code><\/p>\n

gzip off;
\nfastcgi_pass unix:\/var\/run\/fcgiwrap.socket;
\nfastcgi_index index.cgi;
\n#
\nfastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
\nfastcgi_param QUERY_STRING $query_string;
\nfastcgi_param REQUEST_METHOD $request_method;
\nfastcgi_param CONTENT_TYPE $content_type;
\nfastcgi_param CONTENT_LENGTH $content_length;
\n#
\nfastcgi_param SCRIPT_NAME $fastcgi_script_name;
\nfastcgi_param REQUEST_URI $request_uri;
\nfastcgi_param DOCUMENT_URI $document_uri;
\nfastcgi_param DOCUMENT_ROOT $document_root;
\nfastcgi_param SERVER_PROTOCOL $server_protocol;
\nfastcgi_param HTTPS $https if_not_empty;
\n#
\nfastcgi_param GATEWAY_INTERFACE CGI\/1.1;
\nfastcgi_param SERVER_SOFTWARE nginx\/$nginx_version;
\n#
\nfastcgi_param REMOTE_ADDR $remote_addr;
\nfastcgi_param REMOTE_PORT $remote_port;
\nfastcgi_param SERVER_ADDR $server_addr;
\nfastcgi_param SERVER_PORT $server_port;
\nfastcgi_param SERVER_NAME $server_name;
\n#
\n# PHP only, required if PHP was built with --enable-force-cgi-redirect
\nfastcgi_param REDIRECT_STATUS 200; <\/code>
\nvim \/etc\/nginx\/includes\/cgi_params<\/code><\/p>\n

fastcgi_pass 127.0.0.1:9000;
\nfastcgi_index index.php;
\n#
\nfastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
\nfastcgi_param QUERY_STRING $query_string;
\nfastcgi_param REQUEST_METHOD $request_method;
\nfastcgi_param CONTENT_TYPE $content_type;
\nfastcgi_param CONTENT_LENGTH $content_length;
\n#
\nfastcgi_param SCRIPT_NAME $fastcgi_script_name;
\nfastcgi_param REQUEST_URI $request_uri;
\nfastcgi_param DOCUMENT_URI $document_uri;
\nfastcgi_param DOCUMENT_ROOT $document_root;
\nfastcgi_param SERVER_PROTOCOL $server_protocol;
\nfastcgi_param HTTPS $https if_not_empty;
\n#
\nfastcgi_param GATEWAY_INTERFACE CGI\/1.1;
\nfastcgi_param SERVER_SOFTWARE nginx\/$nginx_version;
\n#
\nfastcgi_param REMOTE_ADDR $remote_addr;
\nfastcgi_param REMOTE_PORT $remote_port;
\nfastcgi_param SERVER_ADDR $server_addr;
\nfastcgi_param SERVER_PORT $server_port;
\nfastcgi_param SERVER_NAME $server_name;
\n#
\n# PHP only, required if PHP was built with --enable-force-cgi-redirect
\nfastcgi_param REDIRECT_STATUS 200; <\/code><\/p>\n

VIRTUAL HOSTS<\/strong><\/p>\n

Now let’s configure a virtual host. In this tutorial, I use example.com as the domain name.<\/p>\n

vim \/etc\/nginx\/sites-enabled\/example.com <\/code><\/p>\n

server {
\nlisten 80;
\n#
\nserver_name zikusooka.com www.zikusooka.com;
\nroot html\/vhost.example;
\nindex index.html index.htm index.php;
\n#
\nlocation \/ {
\n}
\n#
\nlocation ~ \\.php$ {
\ninclude includes\/php_params;
\n}
\n#
\nlocation ~* \\.(cgi|chi)$ {
\ninclude includes\/cgi_params;
\n}
\n}<\/code><\/p>\n

WEB CONTENT<\/strong><\/p>\n

Add an index file to the main server’s root directory, for example:
\n
\nvim \/usr\/share\/nginx\/html\/index.html<\/code><\/p>\n

Add the following and save (This is just for testing, any HTML web page should work):<\/p>\n

<HTML>
\n<B>Hello World. Welcome to my Nginx web server!<\/B>
\n<HTML>
\n<\/code><\/p>\n

Create the document root directory for your virtual host:<\/p>\n

mkdir \/usr\/share\/nginx\/html\/example.com<\/code><\/p>\n

Add your document root in the above created directory. For Example create a file named index.php.<\/p>\n

vim \/usr\/share\/nginx\/html\/example.com\/index.php<\/code><\/p>\n

Add the following and save (This is just to test php, so any simple php page should work):<\/p>\n

<?
\nphpinfo();
\n?><\/code><\/p>\n

TESTING<\/strong><\/p>\n

Finally, restart nginx web server:<\/p>\n

systemctl start nginx<\/code><\/p>\n

If all goes well, you should now be able to browse html, php, and cgi pages on your server. You can then proceed to installing your WordPress or other content management system.<\/p>\n","protected":false},"excerpt":{"rendered":"

This is the second part of my Nginx tutorial. The first part covered the installation process. In this post, I will show you how to modify the default configuration and get your server ready to serve CMS based websites like WordPress, Drupal, Joomla, Gallery etc Before delving into the configuration of nginx, it is important […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":3,"footnotes":""},"categories":[19],"tags":[],"class_list":["post-1689","post","type-post","status-publish","format-standard","hentry","category-tutorial"],"_links":{"self":[{"href":"https:\/\/joseph.zikusooka.com\/index.php?rest_route=\/wp\/v2\/posts\/1689","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/joseph.zikusooka.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/joseph.zikusooka.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/joseph.zikusooka.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/joseph.zikusooka.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1689"}],"version-history":[{"count":5,"href":"https:\/\/joseph.zikusooka.com\/index.php?rest_route=\/wp\/v2\/posts\/1689\/revisions"}],"predecessor-version":[{"id":1694,"href":"https:\/\/joseph.zikusooka.com\/index.php?rest_route=\/wp\/v2\/posts\/1689\/revisions\/1694"}],"wp:attachment":[{"href":"https:\/\/joseph.zikusooka.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1689"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/joseph.zikusooka.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1689"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/joseph.zikusooka.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1689"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}