I want to enable fastCGI Cache for My WP Website and define a new cache Directory the same level as the log directory by adding the below config snippet into Nginx directives field , this is my current nginx config ( cat the default config file created by ISPConfig ) Code: server { listen *:80; listen [::]:80; listen *:443 ssl http2; ssl_protocols TLSv1.3 TLSv1.2; listen [::]:443 ssl http2; ssl_certificate /var/www/clients/client0/web4/ssl/demo.kodingschools.com-le.crt; ssl_certificate_key /var/www/clients/client0/web4/ssl/demo.kodingschools.com-le.key; server_name demo.kodingschools.com www.demo.kodingschools.com; root /var/www/demo.kodingschools.com/web/; disable_symlinks if_not_owner from=$document_root; if ($scheme != "https") { rewrite ^(?!/\.well-known/acme-challenge)/ https://$http_host$request_uri? permanent; } index index.html index.htm index.php index.cgi index.pl index.xhtml standard_index.html; location ~ \.shtml$ { ssi on; } error_page 400 /error/400.html; error_page 401 /error/401.html; error_page 403 /error/403.html; error_page 404 /error/404.html; error_page 405 /error/405.html; error_page 500 /error/500.html; error_page 502 /error/502.html; error_page 503 /error/503.html; recursive_error_pages on; location = /error/400.html { internal; auth_basic off; } location = /error/401.html { internal; auth_basic off; } location = /error/403.html { internal; auth_basic off; } location = /error/404.html { internal; auth_basic off; } location = /error/405.html { internal; auth_basic off; } location = /error/500.html { internal; auth_basic off; } location = /error/502.html { internal; auth_basic off; } location = /error/503.html { internal; auth_basic off; } error_log /var/log/ispconfig/httpd/demo.kodingschools.com/error.log; access_log /var/log/ispconfig/httpd/demo.kodingschools.com/access.log combined; location ~ /\. { deny all; } location ^~ /.well-known/acme-challenge/ { access_log off; log_not_found off; auth_basic off; root /usr/local/ispconfig/interface/acme/; autoindex off; index index.html; try_files $uri $uri/ =404; } location = /favicon.ico { log_not_found off; access_log off; expires max; add_header Cache-Control "public, must-revalidate, proxy-revalidate"; } location = /robots.txt { allow all; log_not_found off; access_log off; } location /stats/ { index index.html index.php; auth_basic "Members Only"; auth_basic_user_file /var/www/clients/client0/web4/web//stats/.htpasswd_stats; add_header Content-Security-Policy "default-src * 'self' 'unsafe-inline' 'unsafe-eval' data:;"; } location ^~ /awstats-icon { alias /usr/share/awstats/icon; } location ~ \.php$ { try_files /9b85f89ab8b1d78b81ce8bd0ecfdf412.htm @php; } location @php { try_files $uri =404; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/lib/php8.2-fpm/web4.sock; fastcgi_index index.php; fastcgi_param DOCUMENT_ROOT /web; fastcgi_param HOME /web; fastcgi_param SCRIPT_FILENAME /web$fastcgi_script_name; fastcgi_intercept_errors on; } location /cgi-bin/ { try_files $uri =404; include /etc/nginx/fastcgi_params; root /var/www/clients/client0/web4; gzip off; fastcgi_pass unix:/var/run/fcgiwrap.socket; fastcgi_index index.cgi; fastcgi_param DOCUMENT_ROOT /web; fastcgi_param HOME /web; fastcgi_param SCRIPT_FILENAME /web$fastcgi_script_name; fastcgi_intercept_errors on; } } this the implemented config for fastCGI Cache ( need just to be corrected to insert into the Nginx directives field ) : Code: fastcgi_cache_path DOCUMENT_ROOT /cache levels=1:2 keys_zone=demo.kodingschools.com:200m max_size=10g inactive=2h use_temp_path=off; fastcgi_cache_key "$scheme$request_method$host$request_uri"; fastcgi_ignore_headers Cache-Control Expires Set-Cookie; #the keys_zone should be {DOMAIN} dynamically server { listen 80; listen [::]:80; server_name demo.kodingschools.com www.demo.kodingschools.com; root /var/www/demo.kodingschools.com/web/; disable_symlinks if_not_owner from=$document_root; index index.html; set $skip_cache 0; if ($request_method = POST) { set $skip_cache 1; } if ($query_string != "") { set $skip_cache 1; } if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|^/feed/*|/tag/.*/feed/*|index.php|/.*sitemap.*\.(xml|xsl)") { set $skip_cache 1; } if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") { set $skip_cache 1; } location / { index index.php index.html index.htm; try_files $uri $uri/ =404; } location ~ \.php$ { fastcgi_pass unix:/var/run/php/php8.1-fpm.sock; include snippets/fastcgi-php.conf; fastcgi_cache demo.kodingschools.com; #should be {DOMAIN} dynamically fastcgi_cache_valid 200 301 302 2h; fastcgi_cache_use_stale error timeout updating invalid_header http_500 http_503; fastcgi_cache_min_uses 1; fastcgi_cache_lock on; fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; add_header X-FastCGI-Cache $upstream_cache_status; } location ~ /\.ht { deny all; } }
You can not create directories on that level. Create a subdirectory in the private directory of the site instead, it is made for that purpose. Use e.g. the directory: /var/www/clients/client0/web4/private/cache/
Thank you, what is the dynamic variable should I use instead of /var/www/clients/client0/web4/private/cache/ , for example Code: {DOCROOT_CLIENT}/private/cache Code: fastcgi_cache_path {DOCROOT_CLIENT}/private/cache levels=1:2 keys_zone={DOMAIN}:200m max_size=10g inactive=2h use_temp_path=off; , and I want to use the variables defined by ISPConfig Code: fastcgi_cache_path {DOCROOT_CLIENT}/private/cache levels=1:2 keys_zone={DOMAIN}:200m max_size=10g inactive=2h use_temp_path=off; fastcgi_cache_key "$scheme$request_method$host$request_uri"; fastcgi_ignore_headers Cache-Control Expires Set-Cookie; server { listen 80; listen [::]:80; server_name demo.kodingschools.com www.demo.kodingschools.com; root /var/www/demo.kodingschools.com/web/; disable_symlinks if_not_owner from=$document_root; index index.html; client_max_body_size 64M; set $skip_cache 0; if ($request_method = POST) { set $skip_cache 1; } if ($query_string != "") { set $skip_cache 1; } if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|^/feed/*|/tag/.*/feed/*|index.php|/.*sitemap.*\.(xml|xsl)") { set $skip_cache 1; } if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") { set $skip_cache 1; } location / { index index.php index.html index.htm; try_files $uri $uri/ =404; } location ~ \.php$ { fastcgi_pass unix:/var/run/php/php8.1-fpm.sock; #{FASTCGIPASS} include snippets/fastcgi-php.conf; fastcgi_cache demo.kodingschools.com; #should be {DOMAIN} dynamically fastcgi_cache_valid 200 301 302 2h; fastcgi_cache_use_stale error timeout updating invalid_header http_500 http_503; fastcgi_cache_min_uses 1; fastcgi_cache_lock on; fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; add_header X-FastCGI-Cache $upstream_cache_status; } location ~ /\.ht { deny all; } } Lastly, will this snippet conflict with the predefined configuration set by ISPConfig located at /etc/nginx/sites-available/demo.kodingschools.com.vhost? Should I restart NGINX to apply the changes or they are populated to all servers after saving the config ? Many thanks
Like @ahrasis mentioned, the snippet is entirely wrong as it contains a server block, but the server block is managed and defined by ISPConfig, and you can not nest server blocks in Nginx. You just define things in your snippet that go into the existing server block.
for this nginx directives : Code: fastcgi_cache_path {DOCROOT_CLIENT}private/cache levels=1:2 keys_zone={DOMAIN}:200m max_size=10g inactive=2h use_temp_path=off; fastcgi_cache_path /var/www/clients/client0/web4/private/cache levels=1:2 keys_zone={DOMAIN}:200m max_size=10g inactive=2h use_temp_path=off; fastcgi_cache_key "$scheme$request_method$host$request_uri"; fastcgi_ignore_headers Cache-Control Expires Set-Cookie; server { ##merge## client_max_body_size 64M; set $skip_cache 0; if ($request_method = POST) { set $skip_cache 1; } if ($query_string != "") { set $skip_cache 1; } if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|^/feed/*|/tag/.*/feed/*|index.php|/.*sitemap.*\.(xml|xsl)") { set $skip_cache 1; } if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp- postpass|wordpress_no_cache|wordpress_logged_in") { set $skip_cache 1; } location / { ##merge## index index.php index.html index.htm; try_files $uri $uri/ =404; } location ~ \.php$ { ##merge## fastcgi_pass unix:/var/run/php/php8.1-fpm.sock; include snippets/fastcgi-php.conf; fastcgi_cache {DOMAIN}; fastcgi_cache_valid 200 301 302 2h; fastcgi_cache_use_stale error timeout updating invalid_header http_500 http_503; fastcgi_cache_min_uses 1; fastcgi_cache_lock on; fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; add_header X-FastCGI-Cache $upstream_cache_status; } } This is the result Code: /etc/nginx/sites-available# cat demo.kodingschools.com.vhost.err server { listen *:80; listen [::]:80; listen *:443 ssl http2; ssl_protocols TLSv1.3 TLSv1.2; listen [::]:443 ssl http2; ssl_certificate /var/www/clients/client0/web4/ssl/demo.kodingschools.com-le.crt; ssl_certificate_key /var/www/clients/client0/web4/ssl/demo.kodingschools.com-le.key; server_name demo.kodingschools.com www.demo.kodingschools.com; root /var/www/demo.kodingschools.com/web/; disable_symlinks if_not_owner from=$document_root; if ($scheme != "https") { rewrite ^(?!/\.well-known/acme-challenge)/ https://$http_host$request_uri? permanent; } index index.html index.htm index.php index.cgi index.pl index.xhtml standard_index.html; location ~ \.shtml$ { ssi on; } error_page 400 /error/400.html; error_page 401 /error/401.html; error_page 403 /error/403.html; error_page 404 /error/404.html; error_page 405 /error/405.html; error_page 500 /error/500.html; error_page 502 /error/502.html; error_page 503 /error/503.html; recursive_error_pages on; location = /error/400.html { internal; auth_basic off; } location = /error/401.html { internal; auth_basic off; } location = /error/403.html { internal; auth_basic off; } location = /error/404.html { internal; auth_basic off; } location = /error/405.html { internal; auth_basic off; } location = /error/500.html { internal; auth_basic off; } location = /error/502.html { internal; auth_basic off; } location = /error/503.html { internal; auth_basic off; } error_log /var/log/ispconfig/httpd/demo.kodingschools.com/error.log; access_log /var/log/ispconfig/httpd/demo.kodingschools.com/access.log combined; location ~ /\. { deny all; } location ^~ /.well-known/acme-challenge/ { access_log off; log_not_found off; auth_basic off; root /usr/local/ispconfig/interface/acme/; autoindex off; index index.html; try_files $uri $uri/ =404; } location = /favicon.ico { log_not_found off; access_log off; expires max; add_header Cache-Control "public, must-revalidate, proxy-revalidate"; } location = /robots.txt { allow all; log_not_found off; access_log off; } location /stats/ { index index.html index.php; auth_basic "Members Only"; auth_basic_user_file /var/www/clients/client0/web4/web//stats/.htpasswd_stats; add_header Content-Security-Policy "default-src * 'self' 'unsafe-inline' 'unsafe-eval' data:;"; } location ^~ /awstats-icon { alias /usr/share/awstats/icon; } location ~ \.php$ { try_files /22920c15289ffab248396409e81f52fb.htm @php; } location @php { try_files $uri =404; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/lib/php8.2-fpm/web4.sock; fastcgi_index index.php; fastcgi_param DOCUMENT_ROOT /web; fastcgi_param HOME /web; fastcgi_param SCRIPT_FILENAME /web$fastcgi_script_name; fastcgi_intercept_errors on; } location /cgi-bin/ { try_files $uri =404; include /etc/nginx/fastcgi_params; root /var/www/clients/client0/web4; gzip off; fastcgi_pass unix:/var/run/fcgiwrap.socket; fastcgi_index index.cgi; fastcgi_param DOCUMENT_ROOT /web; fastcgi_param HOME /web; fastcgi_param SCRIPT_FILENAME /web$fastcgi_script_name; fastcgi_intercept_errors on; } fastcgi_cache_path /var/www/clients/client0/web4/web/private/cache levels=1:2 keys_zone=demo.kodingschools.com:200m max_size=10g inactive=2h use_temp_path=off; fastcgi_cache_path /var/www/clients/client0/web4/private/cache levels=1:2 keys_zone=demo.kodingschools.com:200m max_size=10g inactive=2h use_temp_path=off; fastcgi_cache_key "$scheme$request_method$host$request_uri"; fastcgi_ignore_headers Cache-Control Expires Set-Cookie; server { ##merge## client_max_body_size 64M; set $skip_cache 0; if ($request_method = POST) { set $skip_cache 1; } if ($query_string != "") { set $skip_cache 1; } if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|^/feed/*|/tag/.*/feed/*|index.php|/.*sitemap.*\.(xml|xsl)") { set $skip_cache 1; } if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp- postpass|wordpress_no_cache|wordpress_logged_in") { set $skip_cache 1; } location / { ##merge## index index.php index.html index.htm; try_files $uri $uri/ =404; } location ~ \.php$ { ##merge## fastcgi_pass unix:/var/run/php/php8.1-fpm.sock; include snippets/fastcgi-php.conf; fastcgi_cache demo.kodingschools.com; fastcgi_cache_valid 200 301 302 2h; fastcgi_cache_use_stale error timeout updating invalid_header http_500 http_503; fastcgi_cache_min_uses 1; fastcgi_cache_lock on; fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; add_header X-FastCGI-Cache $upstream_cache_status; } } } so the {DOCROOT_CLIENT} variable has the value /var/www/clients/client0/web4/web/ which is not the directory that @till has mentioned above : /var/www/clients/client0/web4/ where the private folder exist , so I'm wondering if I can use the {DOCROOT}cache : /var/www/demo.kodingschools.com/web/cache, also even after I did this , saved the config and reload the nginx service, but the directory is not created, and the fastCGI Cache is still not working , even after I've merged the directives inside the php location block into the original php location block like so : Code: location ~ \.php$ { ##merge## fastcgi_pass unix:/var/run/php/php8.1-fpm.sock; include snippets/fastcgi-php.conf; fastcgi_cache demo.kodingschools.com; fastcgi_cache_valid 200 301 302 2h; fastcgi_cache_use_stale error timeout updating invalid_header http_500 http_503; fastcgi_cache_min_uses 1; fastcgi_cache_lock on; fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; add_header X-FastCGI-Cache $upstream_cache_status; } this basically should work according to the ISPConfig 3.1 Manual
The manual does not say or describe that you can merge the server block. You mix up locations with the server block in your first example. ##merge## is a configuration option to merge locations inside a server block, it is not for merging the server block itself. See the example in the manual, you wills ee that not server { .... } is merged there. So something like: server { ##merge## can not work. Mergint the php location is generally ok, check the generated vhost file to see if your code is in there. But you likely need other config as well beside the changes in the PHP location.
Can you suggest what config I need to get this working, otherwise I think I should directly edit the original vhost, just to add this Code: fastcgi_cache_path {DOCROOT_CLIENT}private/cache levels=1:2 keys_zone={DOMAIN}:200m max_size=10g inactive=2h use_temp_path=off; fastcgi_cache_path /var/www/clients/client0/web4/private/cache levels=1:2 keys_zone={DOMAIN}:200m max_size=10g inactive=2h use_temp_path=off; fastcgi_cache_key "$scheme$request_method$host$request_uri"; fastcgi_ignore_headers Cache-Control Expires to the top of the vhost, and other locations blocks and configs from the nginx directives field go into the existing server block
You can not edit a vhost file manually as all manual changes will be overwritten. What you can do, though, is that you enable FastCGI caching for all sites by creating a custom nginx vhost config file where you add the config that goes outside of the server block.
Where should I create that file? Can I add this configuration to /etc/nginx/nginx.conf? I want to enable FastCGI caching only for WordPress sites, as I don't want to enable caching for my CRM systems
Do your research on how to add nginx directive properly like by using this in your search: site:forum.howtoforge.com nginx directive ##delete## ##merge##
Configuration file templates in ISPConfig are in the folder /usr/local/ispconfig/server/conf/ and when you create a custom version to override a template, then this must be stored in the folder /usr/local/ispconfig/server/conf-custom/ Generaly yes, but you can not work with placeholders there. Using the global templates means to enable that for all sites, at least the part that is outside the server block must go into the global template. The problem here is that a config change outside of the server block is needed, so parts of the config must go into the global template.
Understood that the user does not understand that yet, that is why the suggestion is to research on how to add nginx directive properly, since that matters were discussed before in other threads.
If you review our conversation, you'll see that the issue isn't with correctly adding an Nginx directive. The real problem is making configuration changes outside of the server block without them being overwritten. Many thanks to @till for the excellent support.
Back here, I've implemented the required config for FastCGI Cache to work, there is no error in the log and the syntax looks correct, but the cache did not work on the front-end, in the Cache-Control response header : no-cache, no-store, must-revalidate, the result if the FastCGI Cache is working correctly should be fastcgi-cache: HIT ( at least for the front page ) here is a summary of my config :
in the /usr/local/ispconfig/server/conf-custom , I have this file : nginx_vhost.conf.master ( copied from /usr/local/ispconfig/server/conf/ ) , and it's content is the following : Code: fastcgi_cache_path <tmpl_var name='web_document_root'>cache levels=1:2 keys_zone=<tmpl_var name='domain'>:200m max_size=10g inactive=2h use_temp_path=off; server { listen <tmpl_var name='ip_address'>:<tmpl_var name='http_port'>; <tmpl_if name='use_proxy_protocol' op='==' value='y'> <tmpl_if name='proxy_protocol_http' op='>' value='0'> listen <tmpl_var name='ip_address'>:<tmpl_var name='proxy_protocol_http'> proxy_protocol; </tmpl_if> </tmpl_if> <tmpl_if name='ipv6_enabled'> listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='http_port'>; <tmpl_if name='use_proxy_protocol_ipv6' op='==' value='y'> <tmpl_if name='proxy_protocol_http' op='>' value='0'> listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='proxy_protocol_http'> proxy_protocol; </tmpl_if> </tmpl_if> </tmpl_if> <tmpl_if name='ipv6_wildcard'> listen [::]:<tmpl_var name='http_port'>; </tmpl_if> <tmpl_if name='ssl_enabled'> listen <tmpl_var name='ip_address'>:<tmpl_var name='https_port'> ssl http2; <tmpl_if name='use_proxy_protocol' op='==' value='y'> <tmpl_if name='proxy_protocol_https' op='>' value='0'> listen <tmpl_var name='ip_address'>:<tmpl_var name='proxy_protocol_https'> ssl http2 proxy_protocol; </tmpl_if> </tmpl_if> <tmpl_if name='tls13_supported' op='==' value='y'> ssl_protocols TLSv1.3 TLSv1.2; <tmpl_else> ssl_protocols TLSv1.2; </tmpl_if> # ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS'; # ssl_prefer_server_ciphers on; <tmpl_if name='ipv6_enabled'> listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='https_port'> ssl http2; <tmpl_if name='use_proxy_protocol_ipv6' op='==' value='y'> <tmpl_if name='proxy_protocol_https' op='>' value='0'> listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='proxy_protocol_https'> ssl http2 proxy_protocol; </tmpl_if> </tmpl_if> </tmpl_if> <tmpl_if name='ipv6_wildcard'> listen [::]:<tmpl_var name='https_port'> ssl http2; </tmpl_if> ssl_certificate <tmpl_var name='ssl_crt_file'>; ssl_certificate_key <tmpl_var name='ssl_key_file'>; </tmpl_if> server_name <tmpl_var name='domain'> <tmpl_var name='alias'>; root <tmpl_var name='web_document_root_www'>; disable_symlinks if_not_owner from=$document_root; <tmpl_if name='ssl_enabled'> <tmpl_if name='rewrite_to_https' op='==' value='y'> if ($scheme != "https") { rewrite ^(?!/\.well-known/acme-challenge)/ https://$http_host$request_uri? permanent; } </tmpl_if> </tmpl_if> <tmpl_if name='seo_redirect_enabled'> if ($http_host <tmpl_var name='seo_redirect_operator'> "<tmpl_var name='seo_redirect_origin_domain'>") { rewrite ^(?!/\.well-known/acme-challenge)/ $scheme://<tmpl_var name='seo_redirect_target_domain'>$request_uri? permanent; } </tmpl_if> <tmpl_loop name="alias_seo_redirects"> if ($http_host <tmpl_var name='alias_seo_redirect_operator'> "<tmpl_var name='alias_seo_redirect_origin_domain'>") { rewrite ^(?!/\.well-known/acme-challenge)/ $scheme://<tmpl_var name='alias_seo_redirect_target_domain'>$request_uri? permanent; } </tmpl_loop> <tmpl_loop name="local_redirects"> if ($http_host <tmpl_var name='local_redirect_operator'> "<tmpl_var name='local_redirect_origin_domain'>") { rewrite ^<tmpl_var name='local_redirect_exclude'>(.*)$ <tmpl_var name='local_redirect_target'>$2 <tmpl_var name='local_redirect_type'>; } </tmpl_loop> <tmpl_loop name="own_redirects"> <tmpl_if name='use_rewrite'> <tmpl_if name='exclude_own_hostname'>if ($http_host != "<tmpl_var name='exclude_own_hostname'>") { </tmpl_if>rewrite ^<tmpl_var name='rewrite_exclude'>(.*)$ <tmpl_var name='rewrite_target'>$2 <tmpl_var name='rewrite_type'>;<tmpl_if name='exclude_own_hostname'> }</tmpl_if> </tmpl_if> <tmpl_if name='use_proxy'> ## no proxy for acme-challenge location ^~ /.well-known/acme-challenge/ { access_log off; log_not_found off; root /usr/local/ispconfig/interface/acme/; autoindex off; index index.html; try_files $uri $uri/ =404; } location / { proxy_pass <tmpl_var name='rewrite_target'>; <tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if> <tmpl_loop name="proxy_directives"> <tmpl_var name='proxy_directive'> </tmpl_loop> } </tmpl_if> </tmpl_loop> <tmpl_if name='use_proxy' op='!=' value='y'> index index.html index.htm index.php index.cgi index.pl index.xhtml standard_index.html; <tmpl_if name='ssi' op='==' value='y'> location ~ \.shtml$ { ssi on; } </tmpl_if> <tmpl_if name='errordocs'> error_page 400 /error/400.html; error_page 401 /error/401.html; error_page 403 /error/403.html; error_page 404 /error/404.html; error_page 405 /error/405.html; error_page 500 /error/500.html; error_page 502 /error/502.html; error_page 503 /error/503.html; recursive_error_pages on; location = /error/400.html { <tmpl_var name='web_document_root_www_proxy'> internal; auth_basic off; } location = /error/401.html { <tmpl_var name='web_document_root_www_proxy'> internal; auth_basic off; } location = /error/403.html { <tmpl_var name='web_document_root_www_proxy'> internal; auth_basic off; } location = /error/404.html { <tmpl_var name='web_document_root_www_proxy'> internal; auth_basic off; } location = /error/405.html { <tmpl_var name='web_document_root_www_proxy'> internal; auth_basic off; } location = /error/500.html { <tmpl_var name='web_document_root_www_proxy'> internal; auth_basic off; } location = /error/502.html { <tmpl_var name='web_document_root_www_proxy'> internal; auth_basic off; } location = /error/503.html { <tmpl_var name='web_document_root_www_proxy'> internal; auth_basic off; } </tmpl_if> <tmpl_if name='logging' op='==' value='yes'> error_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log; access_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/access.log combined; </tmpl_var> <tmpl_if name='logging' op='==' value='anon'> error_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log; access_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/access.log anonymized; </tmpl_var> ## Disable .htaccess and other hidden files location ~ /\. { deny all; } ## Allow access for .well-known/acme-challenge location ^~ /.well-known/acme-challenge/ { access_log off; log_not_found off; auth_basic off; root /usr/local/ispconfig/interface/acme/; autoindex off; index index.html; try_files $uri $uri/ =404; } location = /favicon.ico { log_not_found off; access_log off; expires max; add_header Cache-Control "public, must-revalidate, proxy-revalidate"; } location = /robots.txt { allow all; log_not_found off; access_log off; } location /stats/ { <tmpl_var name='web_document_root_www_proxy'> index index.html index.php; auth_basic "Members Only"; auth_basic_user_file <tmpl_var name='stats_auth_passwd_file'>; add_header Content-Security-Policy "default-src * 'self' 'unsafe-inline' 'unsafe-eval' data:;"; } location ^~ /awstats-icon { alias /usr/share/awstats/icon; } location ~ \.php$ { try_files <tmpl_var name='rnd_php_dummy_file'> @php; } <tmpl_if name='php' op='==' value='php-fpm'> location @php { try_files $uri =404; include /etc/nginx/fastcgi_params; <tmpl_if name='use_tcp'> fastcgi_pass 127.0.0.1:<tmpl_var name='fpm_port'>; </tmpl_if> <tmpl_if name='use_socket'> fastcgi_pass unix:<tmpl_var name='fpm_socket'>; </tmpl_if> fastcgi_index index.php; <tmpl_if name='php_fpm_chroot' op='==' value='y'> fastcgi_param DOCUMENT_ROOT <tmpl_var name='php_fpm_chroot_web_folder'>; fastcgi_param HOME <tmpl_var name='php_fpm_chroot_web_folder'>; fastcgi_param SCRIPT_FILENAME <tmpl_var name='php_fpm_chroot_web_folder'>$fastcgi_script_name; <tmpl_else> fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; </tmpl_if> #fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_intercept_errors on; } </tmpl_else> <tmpl_if name='php' op='==' value='hhvm'> location @php { try_files $uri =404; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/run/hhvm/hhvm.<tmpl_var name='system_user'>.sock; fastcgi_index index.php; <tmpl_if name='php_fpm_chroot'> fastcgi_param DOCUMENT_ROOT <tmpl_var name='php_fpm_chroot_web_folder'>; fastcgi_param HOME <tmpl_var name='php_fpm_chroot_web_folder'>; fastcgi_param SCRIPT_FILENAME <tmpl_var name='php_fpm_chroot_web_folder'>$fastcgi_script_name; <tmpl_else> fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; </tmpl_if> #fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_intercept_errors on; error_page 500 501 502 503 = @phpfallback; } location @phpfallback { try_files $uri =404; include /etc/nginx/fastcgi_params; <tmpl_if name='use_tcp'> fastcgi_pass 127.0.0.1:<tmpl_var name='fpm_port'>; </tmpl_if> <tmpl_if name='use_socket'> fastcgi_pass unix:<tmpl_var name='fpm_socket'>; </tmpl_if> fastcgi_index index.php; <tmpl_if name='php_fpm_chroot'> fastcgi_param DOCUMENT_ROOT <tmpl_var name='php_fpm_chroot_web_folder'>; fastcgi_param HOME <tmpl_var name='php_fpm_chroot_web_folder'>; fastcgi_param SCRIPT_FILENAME <tmpl_var name='php_fpm_chroot_web_folder'>$fastcgi_script_name; <tmpl_else> fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; </tmpl_if> #fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_intercept_errors on; } </tmpl_else> location @php { deny all; } </tmpl_if> </tmpl_if> <tmpl_if name='cgi' op='==' value='y'> location /cgi-bin/ { try_files $uri =404; include /etc/nginx/fastcgi_params; root <tmpl_var name='document_root'>; gzip off; fastcgi_pass unix:/var/run/fcgiwrap.socket; fastcgi_index index.cgi; <tmpl_if name='php_fpm_chroot'> fastcgi_param DOCUMENT_ROOT <tmpl_var name='php_fpm_chroot_web_folder'>; fastcgi_param HOME <tmpl_var name='php_fpm_chroot_web_folder'>; fastcgi_param SCRIPT_FILENAME <tmpl_var name='php_fpm_chroot_web_folder'>$fastcgi_script_name; <tmpl_else> fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; </tmpl_if> fastcgi_intercept_errors on; } </tmpl_if> <tmpl_loop name="rewrite_rules"> <tmpl_var name='rewrite_rule'> </tmpl_loop> <tmpl_loop name="nginx_directives"> <tmpl_var name='nginx_directive'> </tmpl_loop> <tmpl_if name='enable_pagespeed' op='==' value='y'> pagespeed on; pagespeed FileCachePath /var/ngx_pagespeed_cache; <tmpl_if name='ssl_enabled'>pagespeed FetchHttps enable,allow_self_signed;</tmpl_if> # let's speed up PageSpeed by storing it in the super duper fast memcached pagespeed MemcachedThreads 1; pagespeed MemcachedServers "localhost:11211"; # Filter settings pagespeed RewriteLevel CoreFilters; pagespeed EnableFilters collapse_whitespace,remove_comments; # Ensure requests for pagespeed optimized resources go to the pagespeed # handler and no extraneous headers get set. location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" { add_header "" ""; access_log off; } location ~ "^/ngx_pagespeed_static/" { access_log off; } location ~ "^/ngx_pagespeed_beacon$" { access_log off; } location /ngx_pagespeed_statistics { allow 127.0.0.1; deny all; access_log off; } location /ngx_pagespeed_global_statistics { allow 127.0.0.1; deny all; access_log off; } location /ngx_pagespeed_message { allow 127.0.0.1; deny all; access_log off; } location /pagespeed_console { allow 127.0.0.1; deny all; access_log off; } </tmpl_if> <tmpl_loop name="basic_auth_locations"> location <tmpl_var name='htpasswd_location'> { ##merge## auth_basic "Members Only"; auth_basic_user_file <tmpl_var name='htpasswd_path'>.htpasswd; location ~ \.php$ { try_files <tmpl_var name='rnd_php_dummy_file'> @php; } } </tmpl_loop> </tmpl_if> } <tmpl_loop name="redirects"> server { listen <tmpl_var name='ip_address'>:<tmpl_var name='http_port'>; <tmpl_if name='ipv6_enabled'> listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='http_port'>; </tmpl_if> <tmpl_if name='ipv6_wildcard'> listen [::]:<tmpl_var name='http_port'>; </tmpl_if> <tmpl_if name='ssl_enabled'> listen <tmpl_var name='ip_address'>:<tmpl_var name='https_port'> ssl http2; <tmpl_if name='ipv6_enabled'> listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='https_port'> ssl http2; </tmpl_if> <tmpl_if name='ipv6_wildcard'> listen [::]:<tmpl_var name='https_port'> ssl http2; </tmpl_if> ssl_certificate <tmpl_var name='ssl_crt_file'>; ssl_certificate_key <tmpl_var name='ssl_key_file'>; </tmpl_if> server_name <tmpl_var name='rewrite_domain'>; <tmpl_if name='alias_seo_redirects2'> <tmpl_loop name="alias_seo_redirects2"> if ($http_host <tmpl_var name='alias_seo_redirect_operator'> "<tmpl_var name='alias_seo_redirect_origin_domain'>") { rewrite ^(?!/\.well-known/acme-challenge)/ $scheme://<tmpl_var name='alias_seo_redirect_target_domain'>$request_uri? permanent; } </tmpl_loop> </tmpl_if> ## no redirect for acme location ^~ /.well-known/acme-challenge/ { access_log off; log_not_found off; root /usr/local/ispconfig/interface/acme/; autoindex off; index index.html; try_files $uri $uri/ =404; } <tmpl_if name='use_rewrite'> location / { rewrite ^ <tmpl_var name='rewrite_target'>$request_uri? <tmpl_var name='rewrite_type'>; } </tmpl_if> <tmpl_if name='use_proxy'> location / { proxy_pass <tmpl_var name='rewrite_target'>; <tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if> <tmpl_loop name="proxy_directives"> <tmpl_var name='proxy_directive'> </tmpl_loop> } </tmpl_if> } </tmpl_loop> , I've added just Code: fastcgi_cache_path <tmpl_var name='web_document_root'>cache levels=1:2 keys_zone=<tmpl_var name='domain'>:200m max_size=10g inactive=2h use_temp_path=off;
in the global nginx.conf I've added this : Code: ## # Cache Settings ## fastcgi_cache_key "$scheme$request_method$http_host$request_uri"; add_header Fastcgi-Cache $upstream_cache_status; below the gzip settings . the entire content is like so : Code: user www-data; worker_processes auto; pid /run/nginx.pid; error_log /var/log/nginx/error.log; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { client_max_body_size 64M; map $remote_addr $ip_anonym1 { default 0.0.0; "~(?P<ip>(\d+)\.(\d+)\.(\d+))\.\d+" $ip; "~(?P<ip>[^:]+:[^:]+):" $ip; } map $remote_addr $ip_anonym2 { default .0; "~(?P<ip>(\d+)\.(\d+)\.(\d+))\.\d+" .0; "~(?P<ip>[^:]+:[^:]+):" ::; } map $ip_anonym1$ip_anonym2 $ip_anonymized { default 0.0.0.0; "~(?P<ip>.*)" $ip; } log_format anonymized '$ip_anonymized - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent"'; ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log /var/log/nginx/access.log; ## # Gzip Settings ## gzip on; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; ## # Cache Settings ## fastcgi_cache_key "$scheme$request_method$http_host$request_uri"; add_header Fastcgi-Cache $upstream_cache_status; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #}
in the nginx Directives input fields , here is the content : Code: client_max_body_size 64M; set $skip_cache 0; if ($request_method = POST) { set $skip_cache 1; } if ($query_string != "") { set $skip_cache 1; } if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|^/feed/*|/tag/.*/feed/*|index.php|/.*sitemap.*\.(xml|xsl)") { set $skip_cache 1; } if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp- postpass|wordpress_no_cache|wordpress_logged_in") { set $skip_cache 1; } location / { ##merge## index index.php index.html index.htm; try_files $uri $uri/ =404; } location ~ \.php$ { ##merge## fastcgi_cache {DOMAIN}; fastcgi_cache_valid 120m; #fastcgi_cache_use_stale error timeout updating invalid_header http_500 http_503; #fastcgi_cache_min_uses 1; #fastcgi_cache_lock on; fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; #add_header X-FastCGI-Cache $upstream_cache_status; } and here is the result vhost file of demo.kodingschools.com.vhost : Code: fastcgi_cache_path /var/www/clients/client0/web4/web/cache levels=1:2 keys_zone=demo.kodingschools.com:200m max_size=10g inactive=2h use_temp_path=off; server { listen *:80; listen [::]:80; listen *:443 ssl http2; ssl_protocols TLSv1.3 TLSv1.2; listen [::]:443 ssl http2; ssl_certificate /var/www/clients/client0/web4/ssl/demo.kodingschools.com-le.crt; ssl_certificate_key /var/www/clients/client0/web4/ssl/demo.kodingschools.com-le.key; server_name demo.kodingschools.com www.demo.kodingschools.com; root /var/www/demo.kodingschools.com/web/; disable_symlinks if_not_owner from=$document_root; if ($scheme != "https") { rewrite ^(?!/\.well-known/acme-challenge)/ https://$http_host$request_uri? permanent; } index index.html index.htm index.php index.cgi index.pl index.xhtml standard_index.html; location ~ \.shtml$ { ssi on; } error_page 400 /error/400.html; error_page 401 /error/401.html; error_page 403 /error/403.html; error_page 404 /error/404.html; error_page 405 /error/405.html; error_page 500 /error/500.html; error_page 502 /error/502.html; error_page 503 /error/503.html; recursive_error_pages on; location = /error/400.html { internal; auth_basic off; } location = /error/401.html { internal; auth_basic off; } location = /error/403.html { internal; auth_basic off; } location = /error/404.html { internal; auth_basic off; } location = /error/405.html { internal; auth_basic off; } location = /error/500.html { internal; auth_basic off; } location = /error/502.html { internal; auth_basic off; } location = /error/503.html { internal; auth_basic off; } error_log /var/log/ispconfig/httpd/demo.kodingschools.com/error.log; access_log /var/log/ispconfig/httpd/demo.kodingschools.com/access.log combined; location ~ /\. { deny all; } location ^~ /.well-known/acme-challenge/ { access_log off; log_not_found off; auth_basic off; root /usr/local/ispconfig/interface/acme/; autoindex off; index index.html; try_files $uri $uri/ =404; } location = /favicon.ico { log_not_found off; access_log off; expires max; add_header Cache-Control "public, must-revalidate, proxy-revalidate"; } location = /robots.txt { allow all; log_not_found off; access_log off; } location /stats/ { index index.html index.php; auth_basic "Members Only"; auth_basic_user_file /var/www/clients/client0/web4/web//stats/.htpasswd_stats; add_header Content-Security-Policy "default-src * 'self' 'unsafe-inline' 'unsafe-eval' data:;"; } location ^~ /awstats-icon { alias /usr/share/awstats/icon; } location ~ \.php$ { try_files /6f38aa6730bb8152122d53359ec2bfc2.htm @php; fastcgi_cache demo.kodingschools.com; fastcgi_cache_valid 120m; fastcgi_cache_bypass $skip_cache; fastcgi_no_cache $skip_cache; } location @php { try_files $uri =404; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/lib/php8.2-fpm/web4.sock; fastcgi_index index.php; fastcgi_param DOCUMENT_ROOT /web; fastcgi_param HOME /web; fastcgi_param SCRIPT_FILENAME /web$fastcgi_script_name; fastcgi_intercept_errors on; } client_max_body_size 64M; set $skip_cache 0; if ($request_method = POST) { set $skip_cache 1; } if ($query_string != "") { set $skip_cache 1; } if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|^/feed/*|/tag/.*/feed/*|index.php|/.*sitemap.*\.(xml|xsl)") { set $skip_cache 1; } if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp- postpass|wordpress_no_cache|wordpress_logged_in") { set $skip_cache 1; } location / { index index.php index.html index.htm; try_files $uri $uri/ =404; } }
Did you change something in the site and pressed save so the new config gets written? Have you checked that your custom config is in the newly generated vhost file?
