WordPress

Konfiguracja Konfiguracja WordPress vhost

[[vhosts]]
name = "wordpress"
hosts = ["blog.example.com"]

[vhosts.web]
root = "/srv/wordpress"
index_files = ["index.php", "index.html"]
deny_dotfiles = true

[vhosts.php]
enabled = true
root = "/srv/wordpress"
index = "index.php"
preset = "wordpress"
try_files = "wordpress"
deny_path_prefixes = ["/wp-content/uploads/"]

[vhosts.php.fpm]
mode = "external"
socket = "/run/php-fpm/wordpress.sock"

WordPress cache route

[[vhosts.routes]]
name = "wp-assets"
path_prefix = "/wp-content/"
action = "proxy"

[vhosts.routes.proxy]
upstreams = ["127.0.0.1:9000"]

[vhosts.routes.cache]
enabled = true
preset = "wordpress"
status_ttls = { "200" = 3600, "404" = 60 }
extensions = ["css", "js", "png", "jpg", "webp", "svg"]
bypass_cookie_name_prefixes = ["wordpress_logged_in_", "wordpress_sec_"]

Typowe kontrole

• Upewnij się, że user PHP-FPM może czytać pliki WordPress.
• Trzymaj uploady writable tylko tam, gdzie WordPress musi pisać.
• Put cache in front of public assets, not wp-admin.
• Keep login, preview, cron, XML-RPC, and admin paths out of shared cache.
• Użyj preset WordPress jako baseline, potem dodaj site-specific bypasses.

Dobre dopasowanie

Ta konfiguracja jest dla typowego front controller WordPress, gdzie Fluxheim serwuje bezpieczne static files, blokuje PHP w upload paths i przekazuje dynamic requests do PHP-FPM.