-
-
Save vichetuc/2125ccd28e0ad05728f936508cf90095 to your computer and use it in GitHub Desktop.
nginx configuration for the Wordpress blog post
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| upstream servers-frontend { | |
| ip_hash; | |
| server 10.10.137.100:80; # server-1 | |
| server 10.10.126.101:80; # server-2 | |
| } | |
| upstream server-2 { | |
| server 10.10.137.101:80; | |
| } | |
| upstream server-2-ssl { | |
| server 10.10.137.101:443; | |
| } | |
| server { | |
| listen 80; | |
| server_name my-server.com www.my-server.com; | |
| error_page 502 503 504 @maintenance; | |
| location / { | |
| proxy_pass http://servers-frontend; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| } | |
| # WP-Admin is accessed via HTTPS, however, some components | |
| # still work via HTTP despite FORCE_SSL_ADMIN being set to TRUE. | |
| location /wp-admin { | |
| proxy_pass http://server-2; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| } | |
| location @maintenance { | |
| root /etc/nginx/html; | |
| rewrite ^(.*) /maintenance.html break; | |
| } | |
| } | |
| server { | |
| listen 443; | |
| server_name my-server.com www.my-server.com; | |
| ssl on; | |
| ssl_certificate /etc/nginx/ssl/my-server.crt; | |
| ssl_certificate_key /etc/nginx/ssl/my-server.key; | |
| location /wp-login.php { | |
| proxy_pass https://server-2-ssl; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto https; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| } | |
| # Only handle HTTPS requests for WP-Admin | |
| # This should be set before other `location` directives | |
| # as locations are matched by regexp in the order they appear | |
| location ~ ^/wp-(admin|content|includes) { | |
| #increase client max size for wp-admin connection to allow bigger picture uploads to blog | |
| client_max_body_size 2M; | |
| proxy_pass https://server-2-ssl; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto https; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| } | |
| # All the other pages are served via HTTP | |
| location ~ ^.* { | |
| # Will you be so kind to GTFO my sire? o_Q | |
| rewrite ^(.*)$ http://my-server.com$1; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment