Techie Turmoil

Nginx and Wordpress with SSL and Queries

22nd March 2011

So setting up Wordpress on Nginx isn't difficult. You could follow the example here. This works fine for just a basic install, but what about something that has a load of plugins, for forms and such like? Here we need to tweak the config a bit.

SSL: using SSL with Nginx is not as simple as just turning on the HTTPS section from the default/example config file and copying over the location directives from the port 80 section. You need to ensure that the PHP fastcgi knows that HTTPS is on, so add the directive:

fastcgi_param HTTPS on;

to your location ~ \.php$ section.

Queries: if you are using a forms plugin, or something else that sends GET requests, you may find that they don't work. Change your default rewrite to:

try_files $uri $uri/ /index.php?$args;

Security: if you are using php5-fpm (you should be!) then it is quite possible to execute remote php files. We don't want that! Add this line to your php section:

try_files $uri = 404;

Suhosin: you may want to use the Suhosin patch (I do), but this can cause problems with file uploads (and phpMyAdmin). Add the following to your php.ini:

suhosin.post.max_array_index_length = 256
suhosin.post.max_totalname_length = 65535
suhosin.post.max_vars = 1024
suhosin.request.max_array_index_length = 256
suhosin.request.max_totalname_length = 65535
suhosin.request.max_vars = 1024

I added this in /etc/php5/conf.d/suhosin.ini, but you may wish to add it elsewhere.

Nginx + php5-fpm + APC + memcache is a super speedy combination. I use it everywhere now. But it does take a bit of getting used to if you are accustomed to Apache.

Just as an afterthought, the docs for setting up Wordpress on Nginx in the codex suggest that unless you use APC and a Wordpress caching plugin, you will get no performance benefit over Apache. This is utter drivel. Yes I highly recommend APC - it's great - but you can use it on Apache too. Nginx is fundamentally faster than Apache, even if you compare apples with apples and set up Apache with fastcgi instead of the more common mod_php. This is because Nginx uses an asynchronous, event driven architecture, thus using significantly less resources. It is all explained here.