**NOTE: Make sure to replace yourdomain.com with your actual domain name / site.
SSL or HTTPS is not enabled for this serverblock.
This ServerBlock iclude FastCGI-Cache config for WordPress-based site.
Simply follow this tutorial to create new serverblock for new site on the Nginx web server
Daftar isi:
1.) Create doc root directory along with its log dir for your new site:
$ mkdir -p /var/www/yourdomain.com/public/ /var/www/yourdomain.com/logs/
2.) Go to your site doc root folder:
$ cd /var/www/yourdomain.com/public/
3.) Data Migration
Download wordpress or you can run wget command to download your backup file from another server if you want to migrate your site from another server.
$ wget https://wordpress.org/latest.tar.gz $ wget https://yourotherdomain.com/data_web.tar.gz
4.) Extract your archive data file
$ tar --strip-components=1 -xvf latest.tar.gz $ tar --strip-components=1 -xvf data_web.tar.gz
5.) Set correct user and group for file and folder permissions
$ chown -R www-data:www-data /var/www/yourdomain.com/
6.) Create Nginx serverblock for yourdomain.com
$ nano /etc/nginx/sites-available/yourdomain.com
# Virtual Host Configuration by KuliVPS.com (Please don't alter these files manually) server { listen 80; ## listen for ipv4; this line is default and implied #listen [::]:80 default ipv6only=on; ## listen for ipv6 root /var/www/yourdomain.com/public/; index index.htm index.html index.php; # Make site accessible from public server_name yourdomain.com www.yourdomain.com; ##listen 443 ssl http2; #listen [::]:443 ssl http2; # certs sent to the client in SERVER HELLO are concatenated in ssl_certificate ##ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; # managed by Certbot ##ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # managed by Certbot ##include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot #ssl_session_cache shared:SSL:30m; #ssl_session_timeout 60m; ##ssl_session_tickets off; # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits ##ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # Intermediate configuration. #ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; #ssl_prefer_server_ciphers on; # HSTS (ngx_http_headers_module is required) add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; add_header FastCGI-Cache $upstream_cache_status; fastcgi_ignore_headers Cache-Control Expires Set-Cookie; #add_header X-Content-Type-Options nosniff; #add_header X-XSS-Protection "1; mode=block"; # OCSP Stapling (Fetch OCSP records from URL in ssl_certificate and cache them) ##ssl_stapling on; ##ssl_stapling_verify on; ## Verify chain trust of OCSP response using Root CA and Intermediate certs ##ssl_trusted_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; #access_log /var/log/nginx/yourdomain.com.access.log; #error_log /var/log/nginx/yourdomain.com.error.log; location / { try_files $uri $uri/ /index.php?$args ; } # Nginx Fastcgi Config #fastcgi_cache start set $no_cache 0; # POST requests and urls with a query string should handled by PHP if ($request_method = POST) { set $no_cache 1; } if ($query_string != "") { set $no_cache 1; } # Don't cache uris containing the following segments if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { set $no_cache 1; } # Don't use the cache for logged in users or recent commenters if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") { set $no_cache 1; } # Fastcgi-Cache Config location ~ \.php$ { try_files $uri =404; fastcgi_pass 127.0.0.1:9005; include fastcgi_params; include fastcgi.conf; fastcgi_param HTTP_PROXY ""; fastcgi_index index.php; # fastcgi_intercept_errors on; fastcgi_cache_bypass $no_cache; fastcgi_no_cache $no_cache; fastcgi_cache fcgicache; fastcgi_cache_valid 200 60m; } # Fastcgi-Purge Config location ~ /purge(/.*) { # Uncomment the following two lines to allow purge only from the webserver #allow 127.0.0.1; #deny all; fastcgi_cache_purge fcgicache "$scheme$request_method$host$1"; } location ~ /.well-known { allow all; } # Static Cache Config location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|css|js|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { access_log off; log_not_found off; expires 360d; add_header Access-Control-Allow-Origin "*"; } location = /robots.txt { access_log off; log_not_found off; } #location ~ /\. { deny all; access_log off; log_not_found off; } (disable # untuk aktivasi SSL di folder /.well-known/pki-validation/) location ~ ^/\.user\.ini { deny all; } # XML Sitemap rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml$ "/index.php?xml_sitemap=params=$2" last; rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml\.gz$ "/index.php?xml_sitemap=params=$2;zip=true" last; rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html$ "/index.php?xml_sitemap=params=$2;html=true" last; rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html.gz$ "/index.php?xml_sitemap=params=$2;html=true;zip=true" last; # Block http user agent AhrefsBot if ($http_user_agent ~* (AhrefsBot) ) { return 403; } # Nginx HTTP2 Module (ngx_http_v2_module) #http2_recv_buffer_size 512k; http2_body_preread_size 128k; http2_chunk_size 16k; http2_idle_timeout 5m; http2_max_concurrent_streams 256; http2_max_field_size 8k; http2_max_header_size 32k; http2_max_requests 1000; http2_recv_timeout 60s; }
7.) Create Database and Database User
$ mysql -u root -p
$ CREATE DATABASE databasename; $ CREATE USER databaseuser@localhost; $ SET PASSWORD FOR databaseuser@localhost= PASSWORD("password"); $ GRANT ALL PRIVILEGES ON databasename.* TO databaseuser@localhost IDENTIFIED BY 'password'; $ FLUSH PRIVILEGES; $ exit
8.) Import Database
$ mysql -u databaseuser -p databasename < yourdatabse.sql
Restart Serveral Importan Services:
$ service nginx restart $ service php7.4-fpm restart $ service php7.3-fpm restart $ service php7.2-fpm restart $ service php7.1-fpm restart $ service php7.0-fpm restart $ service php5.6-fpm restart
OK DONE…!!! Thank you… 🙂