We have pre-optimized our HTTP server (nginx), so in most cases, you do not need to make custom settings.
Our default nginx configuration includes:
Strong HTTPS settings (see example)
A Let’s Encrypt certificate for your public domains
HTTP cache with stale cache configured
Automatic expiration headers for static content
User configurable API
gzip
And lots more…
However, sometimes the need may arise for customer-specific additions, such as HTTP redirects. Redirects are easy to implement directly within WordPress, for example, with Redirection plugin or by manually writing wp_rewrite rules. You can also find more information about redirects in our developer documentation.
We only recommend modifying nginx settings if the required changes cannot be achieved using WordPress and its plugins.
Note!
Incorrect settings or redirects can lead to the entire site becoming inaccessible.
If you wish to make changes to the HTTP server settings or redirects, you can create a new file with a .conf extension on the server within the /data/wordpress/nginx/ directory. This file is the equivalent of the Apache root directory's .htaccess file in our system.
Below are some of the most common settings. For example, you can copy one of the examples below into the /data/wordpress/nginx/custom.conf file, replace the example domain with your own site's domain, and restart nginx by running the command wp-restart-nginx on the command line.
Under the hood, your custom nginx configuration is included like this:
server {
listen 80 default_server;
server_name your-site.com;
...
include /data/wordpress/nginx/*.conf;
...
}
Force All Website Traffic to HTTPS
By default we create a SSL certificate to all sites in Seravo's hosting. Normally, to enable https, all you need to do is to make sure your Home and Siteurl in WordPress settings start with https://. If for some reason it seems your site still uses the unencrypted http connection, you can force all traffic to use encrypted https protocol.
# Copy-paste this as-is, do not modify
if ( $ssl = false ) {
return 301 https://$http_host$request_uri;
}
Redirect a Page to a New Address
Often when you renew your website, the page structure also changes and if people have bookmarks to your pages, they would stop working. In order to keep the old links working, you can redirect old URL's to new ones.
# Simple 302 (temporary) redirect rule
rewrite ^/original-page https://example.com/new-page/;
# OR
# Simple 301 (permanent) redirect rule
rewrite ^/original-page https://example.com/new-page/ permanent;
Rewrite all old *.html files to WordPress pages with pretty URLs:
rewrite ^/([0-9a-z-]+)\.html /$1/ permanent;
Serve country pages (example.es, example.de etc) from custom PHP file:
if ($host ~ "example.es|example.de") {
rewrite ^(/)?$ /country-pages/index.php last;
}
Please use something like Rexexpal to test your regular expressions and be sure to use curl -IL to test your redirects without having to hassle with the cache of a regular browser.
If you have multiple domains for your site and want to only use one of them:
if ($host ~ "old-subdomain.your-old-site.com") {
return 301 https://your-site.com$request_uri;
}
Redirect a Domain to a Landing Page
You may have multiple domains pointing to your website, for example your main domain (e.g. example.com) and own domain for a product or campaign (example.org)
# Redirect from a certain domain
if ($host = example.org) {
return 301 https://example.com/landingpage/;
}
if ($host = www.example.org) {
return 301 https://example.com/landingpage/;
}
For the changes to take effect, nginx must be restarted. You can first test whether the nginx rules are correct using the command:
wp-restart-nginx --test
If everything looks good and the test returns no errors, you can restart nginx with the command:
wp-restart-nginx
Are You Redirecting a New Domain?
In addition to the settings above, you must contact our customer service if the domain is new or has not been previously notified to us. Please notify us of the new domain by sending a message to [email protected].
We will add the supplementary domain to the server's records so that the SSL certificate can be applied and redirects function correctly. After the DNS changes, redirects will start working within approximately one hour.
Testing Redirects
Please use curl to test redirects. Using a browser for testing will not work as the browser in most cases will cache the first redirect and after that no changes will be visible when testing with a browser. Using curl with header Pragma:no-cache ensures there is no caching at all and it will print location: headers that show clearly what the redirect is.
Example:
$ curl -IL -H Pragma:no-cache www.example.org
HTTP/1.1 200 OK
X-Cache: BYPASS
Location: https://example.com/
Content-Length: 100
HTTP/1.1 200 OK
X-Cache: BYPASS
Content-Length: 1270
Serve Two Different Sites From the Same Domain
Sometimes it makes sense to have two separate sites served from the same domain, as it will contribute to a better user experience and improve the search engine ranking for the content of the sites, when compared to having the site split to separate domains or subdomains. For example, the majority of the site example.com could be hosted on WordPress, but the section example.com/store might be on Magento.
This can be achieved using nginx proxying. For example, create a file called /data/wordpress/nginx/store-proxy.conf with the contents:
location /store/ {
proxy_ssl_server_name on;
proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
proxy_pass https://store.example.com/;
}
Protected/Authenticated Downloads
The path /wp-content/uploads/woocommerce_uploads/ is pre-configured by Seravo to be protected and accessible only when authentication is done in WooCommerce/WordPress/PHP while the download itself is handled by nginx via the X-Sendfile header instructions.
One may place any file in that path and it the server will not allow a direct download of it. It can be accessed only if the PHP code emits a special X-Accel-Redirect header with the path of a file in that location.
This is the correct way to implement such a feature, since the PHP worker will not be reserved for the entire download but can continue to serve other PHP requests while the download itself has been offloaded to nginx to handle.
To make a similar protected folder in a custom location, add the following to e.g. /data/wordpress/nginx/protected-downloads.conf:
location /protected-files {
internal;
alias /data/wordpress/protected-files/;
}
In PHP emit the headers as follows:
// Do authentication etc first
if ( current_user_can( 'download_special_files' ) ) {
// Emit header to Nginx which will send the file to requester header('X-Accel-Redirect: //protected-files/confidential.pdf');
} else {
echo 'Access denied.';
die();
}
Automatically Expiring Secure Download Links
Note: Do not use the secure link feature with WooCommerce. Use the built-in digital download features of WooCommerce instead, which works out-of-the-box at Seravo.
The nginx Secure Link module can be used to create links to downloadable items (for example a PDF file) that are valid only for a short time.
Example nginx configuration, e.g. /data/wordpress/nginx/securelink.conf:
# Make folder inaccessible publicly
location /my-restricted-files/ {
internal;
alias /data/wordpress/my-restricted-files/;
}
# Define secure link
location ~ /my-restricted-files/(.*) {
# Define values used in generating secure links
secure_link $arg_md5, $arg_expires;
# Define link form. Replace ASDF1234 with an unique secret
secure_link_md5 "$secure_link_expires$uri ASDF1234";
if ($secure_link = "") {
return 403;
}
if ($secure_link = "0") {
return 410;
}
}
To generate links in PHP use something like:
function securelink($path) {
$secret = 'ASDF1234'; // the same secret as in Nginx config
$expires = time() + 86400; // 24h in seconds
$url = md5sum("$expires/my-restricted-files/example.pdf $SECRET")
}
Learn More
More information on using nginx can be found on the nginx homepage.