WordPress

WordPressi vhost

[[vhosts]]
name = "wordpress"
hosts = ["blog.example.com"]

[vhosts.web]
root = "/srv/wordpress"
index_files = ["index.php", "index.html"]
deny_dotfiles = true

[vhosts.php]
enabled = true
root = "/srv/wordpress"
index = "index.php"
preset = "wordpress"
try_files = "wordpress"
deny_path_prefixes = ["/wp-content/uploads/"]

[vhosts.php.fpm]
mode = "external"
socket = "/run/php-fpm/wordpress.sock"

WordPress cache route

[[vhosts.routes]]
name = "wp-assets"
path_prefix = "/wp-content/"
action = "proxy"

[vhosts.routes.proxy]
upstreams = ["127.0.0.1:9000"]

[vhosts.routes.cache]
enabled = true
preset = "wordpress"
status_ttls = { "200" = 3600, "404" = 60 }
extensions = ["css", "js", "png", "jpg", "webp", "svg"]
bypass_cookie_name_prefixes = ["wordpress_logged_in_", "wordpress_sec_"]

Tavalised kontrollid

• Veendu, et PHP-FPM kasutaja saab WordPressi faile lugeda.
• Hoia uploads kirjutatavana ainult seal, kus WordPress kirjutamist vajab.
• Put cache in front of public assets, not wp-admin.
• Keep login, preview, cron, XML-RPC, and admin paths out of shared cache.
• Kasuta WordPress presetit baseline'ina ja lisa seejärel saidipõhised bypassid.

Hea sobivus

See seadistus on tavalise WordPress front controlleri jaoks, kus Fluxheim serveerib turvalisi staatilisi faile, blokeerib PHP upload paths all ja edastab dünaamilised requestid PHP-FPM-ile.